From 2029c09a05f16797d9259a1c6570094cb7c833d8 Mon Sep 17 00:00:00 2001 From: Yannick Date: Fri, 25 Apr 2025 17:02:05 +0200 Subject: [PATCH] init --- .backup_conf/.gitignore | 2 ++ .backup_conf/conf_example | 32 +++++++++++++++++++++ backup_script.sh | 58 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 92 insertions(+) create mode 100644 .backup_conf/.gitignore create mode 100755 .backup_conf/conf_example create mode 100755 backup_script.sh diff --git a/.backup_conf/.gitignore b/.backup_conf/.gitignore new file mode 100644 index 0000000..8228d90 --- /dev/null +++ b/.backup_conf/.gitignore @@ -0,0 +1,2 @@ +creds/* +conf diff --git a/.backup_conf/conf_example b/.backup_conf/conf_example new file mode 100755 index 0000000..0114c13 --- /dev/null +++ b/.backup_conf/conf_example @@ -0,0 +1,32 @@ +#!/bin/bash + +## COPY THIS FILE TO ~/docker/.backup_conf/conf !! + +compose_stack_location="" # Full Path +cd $compose_stack_location + +tar_backups_to_keep=10 +local_backup_tar_save_dir=("") +tar_arguments="--exclude='dir' --exclude=''" + +backup_tar_tmp_dir="/var/tmp/backup_script" +compression_options="zstd -8 -T6" +gpg_encryption_password="$(cat .backup_conf/creds/gpg_pw)" + +restic_repository_strings=("" "" "") +restic_repository_encryption_passwords=("" "" "") +restic_arguments=("--no-scan -o rest.connections=3 --exclude dir --exclude --retry-lock 10m" "--no-scan --retry-lock 10m --exclude dir" "--no-scan -o rest.connections=3 --exclude dir --retry-lock 10m" "--no-scan --retry-lock 10m --exclude dir") +restic_snapshots_to_keep=("--keep-last 30" "--keep-last 100" "--keep-last 30") +restic_compose_stacks_to_skip=("no_backup") + +export GOMAXPROCS=6 + +local_backup_ssh_user="" +ssh_backup_ip=("10.99.0.1" "domain.com") +ssh_backup_port=(22 2222) +ssh_backup_user=("" "") +ssh_backup_path=("" "") +ssh_backup_concurrency=25 + + +date=$(date +%F-%H-%M-%S) diff --git a/backup_script.sh b/backup_script.sh new file mode 100755 index 0000000..8825e81 --- /dev/null +++ b/backup_script.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +source ~/docker/.backup_conf/conf + +rm *.backup.tar &> /dev/null + +for dir in */; do + cd $dir + docker compose down + echo "Creating tarball for container ${dir%"/"}.." + eval tar $tar_arguments -cvf "$backup_tar_tmp_dir/${dir%"/"}.backup.tar" * + echo "Done creating tarball for ${dir%"/"}" + echo "Updating restic repos for ${dir%"/"}.." + if [[ ! " ${restic_compose_stacks_to_skip[*]} " =~ " ${dir%"/"} " ]]; then + for repo in ${!restic_repository_strings[@]}; do + echo ${restic_repository_encryption_passwords[$repo]} | eval restic -r ${restic_repository_strings[$repo]} backup ../$dir ${restic_arguments[$repo]} --tag $date + done + fi + echo "Updated restic repos for ${dir%"/"}!" + docker compose up -d + cd $compose_stack_location +done +cd $backup_tar_tmp_dir + +echo "Starting compressing.." +tar -cv -I"$compression_options" -f "$date.backup.tar.zst" *.backup.tar +rm *.backup.tar &> /dev/null +echo "Compressed all tarballs!" +echo "Encrypting backup.." +echo $gpg_encryption_password | gpg --batch --yes --passphrase-fd 0 -c $date.backup.tar.zst +echo "Backup encrypted!" + +echo "Uploading Backup.." +for ssh_server in ${!ssh_backup_user[@]}; do + sudo -u $local_backup_ssh_user mscp $date.backup.tar.zst.gpg ${ssh_backup_user[$ssh_server]}@${ssh_backup_ip[$ssh_server]}:${ssh_backup_path[$ssh_server]} -n $ssh_backup_concurrency -P ${ssh_backup_port[$ssh_server]} +done +echo "Backup uploaded!" +cd $backup_tar_tmp_dir + +rm *.backup.tar.zst.gpg &> /dev/null +echo "Copying local tar backups.." +for dir in ${local_backup_tar_save_dir[@]}; do + cd $dir + ls -1 *.backup.tar.zst | sort -r | tail -n +$tar_backups_to_keep | xargs rm &> /dev/null + cd $backup_tar_tmp_dir + cp *.backup.tar.zst $dir +done +cd $backup_tar_tmp_dir + +echo "Copyied local tar backups!" +echo "Cleaning up.." +rm *.backup.tar.zst *.backup.tar.zst.gpg &> /dev/null +for repo in ${!restic_repository_strings[@]}; do + echo ${restic_repository_encryption_passwords[$repo]} | eval restic -r ${restic_repository_strings[$repo]} forget --prune ${restic_snapshots_to_keep[$repo]} +done +unset GOMAXPROCS + +echo "All done! Exiting.."