Rabjerg/disaster_recovery
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial commit.

Browse Source
This commit is contained in:
Rabjerg
2021-03-16 23:51:55 +01:00
commit 795bd9edbc
4 changed files with 190 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@@ -0,0 +1,3 @@
id_ed25519_*
*.borgkey
*.env

37
backup.env.sample Normal file
View File

@@ -0,0 +1,37 @@
#!/usr/bin/env bash
## Setup Path and file for logging
LOGPATH="/var/log/borg"
mkdir -p $LOGPATH
export LOGFILE="$LOGPATH/backup_docker.log"
## Path to private-key
PRIVATE_KEY_FILE="./id_ed25519"
## URL of storage server
## samle url scheme used by Hetzner storage services
## REPOSITORY_URL="u000000.your-backup.de"
## REPOSITORY_URL="u000000.your-storagebox.de"
REPOSITORY_URL="disaster-recovery.example.com"
## Port to be used on repository server
REPOSITORY_PORT="23"
## Directory of backup on server
REPOSITORY_DIR="test"
## Username on repository server
REPOSITORY_USER="u000000"
## Setup BORG environment
export BORG_RSH="ssh -i $PRIVATE_KEY_FILE"
export REPOSITORY="ssh://{$REPOSITORY_USER}@{$REPOSITORY_URL}:{$REPOSITORY_PORT}/./{$REPOSITORY_DIR}/"
export BACKUP_NAME="$(date +%Y-%m-%d_%H%M)"
## Secret
## This is your passphrase used to encrypt the backup.
## If you lose this, you lose EVERYTHING!
## Keep it safe and secure.
export BORG_PASSPHRASE="soe4eiCae9ohSij7Aiceesh2ZiphiHoh"

107
init_backup.sh Executable file
View File

@@ -0,0 +1,107 @@
#!/usr/bin/env bash
## This is an interactive prompt to guide the user the setting up the correct .env file.
echo -e "Enter name used for this backup, this should be uniq. \nIt will be used to name the configuration files and other files."
read -p "Backup name: " -r
NAME=$REPLY
echo -e "Do you want to generate a new keypair? (Y) or use excisting private key. (N)"
read -p "[Y]/[N] " -n 1
echo ""
if [[ $REPLY =~ ^[Yy]$ ]]; then
ssh-keygen -t ed25519 -f "id_ed25519_$NAME"
PRIVATE_KEY_FILE="id_ed25519_$NAME"
else
read -p "Input full path and name of private key: "
PRIVATE_KEY_FILE=$REPLY
fi
echo -e "Enter url of repository server, eg. \"disaster-recovery.example.com\""
read -p "URL: " -r
REPOSITORY_URL=$REPLY
echo -e "Enter path of TARGET path on the SERVER eg. \"/backup/server_01\""
read -p "Path: " -r
REPOSITORY_DIR=$REPLY
echo -e "Enter username for the SERVER user."
read -p "USER: " -r
REPOSITORY_USER=$REPLY
unset REPLY
read -p "Specify SSH port to be used (Default: 22, Hetzner use 23 for Borg!): " -r
echo ""
if [[ -z $REPLY ]]; then
REPOSITORY_PORT=22
else
REPOSITORY_PORT=$REPLY
fi
echo -e "Do you want to upload the new public_key to the server via SCP?"
read -p "[Y]/[N] " -n 1
echo ""
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo ""
unset REPLY
read -p "Specify port to upload with (Default 22): " -r
echo ""
if [[ -z $REPLY ]]; then
REPLY=22
fi
TEMPDIR=$(mktemp -d)
scp -P "$REPLY" "$REPOSITORY_USER@$REPOSITORY_URL:.ssh/authorized_keys" \
"$TEMPDIR/authorized_keys"
cat "$PRIVATE_KEY_FILE.pub" >> "$TEMPDIR/authorized_keys"
scp -P "$REPLY $TEMPDIR/authorized_keys" \
"$REPOSITORY_USER@$REPOSITORY_URL:.ssh/authorized_keys"
rm -rf "$TEMPDIR"
fi
echo -e "Do you want to initialize the repository now?"
read -p "[Y]/[N] " -n 1
echo ""
unset REPLY
if [[ $REPLY =~ ^[Yy]$ ]]; then
INIT=1
echo -e "\nYour borg repository will be initialized with the following settings:"
fi
# Final output
echo -e "\n##############################"
echo -e "Please verify before using the following in your .env file:"
echo -e "# REPOSITORY_URL=\"$REPOSITORY_URL\""
echo -e "# REPOSITORY_DIR=\"$REPOSITORY_DIR\""
echo -e "# REPOSITORY_USER=\"$REPOSITORY_USER\""
echo -e "# REPOSITORY_PORT=\"$REPOSITORY_PORT\""
echo -e "# PRIVATE_KEY_FILE=\"$PRIVATE_KEY_FILE\""
echo -e "##############################\n"
if [[ -n $INIT ]]; then
echo -e "Remember to save your password and add it to your .env file."
echo -e "Please wait while repository is initialized, this can take a while."
## Initialize the repository
borg init --encryption=repokey \
--rsh="ssh -i $PRIVATE_KEY_FILE" \
ssh://$REPOSITORY_USER@$REPOSITORY_URL:$REPOSITORY_PORT/./$REPOSITORY_DIR/
## Make a backup of the borg key. (Keep this SAFE!)
echo -e "Your borg key will now be exported to ./backup_key_$NAME.borgkey"
borg key export \
ssh://$REPOSITORY_USER@$REPOSITORY_URL:$REPOSITORY_PORT/./$REPOSITORY_DIR/ \
"./backup_key_$NAME.borgkey"
echo -e "Your repository should have been initialized and key exported."
echo -e "Keep the following SAFE AND A COPY SOMEWHERE ELSE!"
echo -e "#######################################################"
echo -e "Your private key for the ssh access: $PRIVATE_KEY_FILE"
echo -e "Your public key for the ssh access: $PRIVATE_KEY_FILE.pub"
echo -e "Your borg keyfile: backup_key_$NAME.borgkey"
echo -e "Your borg passphrase!"
echo -e "#######################################################\n"
echo -e "If everything went well, you are ready to customize your .env file with the above information. \nAnd can then make your initial backup."
fi

43
make_backup.sh Executable file
View File

@@ -0,0 +1,43 @@
#!/usr/bin/env bash
## Source backup.env file for settings and secrets.
## it is possible to pass a filename as .env file.
## Passing a file makes it possible to have several .env files for different backups and one "work script".
if [[ -z "$1" ]]; then
source backup.env
else
source $1
fi
## Setup that everything is written to log
exec > >(tee -i ${LOGFILE})
exec 2>&1
## Checks that a few important thins is set.
## In case a invalid path/file is passed.
if [[ -z $REPOSITORY ]]; then
echo "No \$REPOSITORY set, cannot make backup. \nDid you pass a valid .env file?"
exit 4
fi
if [[ -z $BACKUP_NAME ]]; then
echo "No \$BACKUP_NAME set, cannot make backup. \nDid you pass valid .env file?"
exit 5
fi
echo "######## Backup started at $(date) ########"
borg create -v --stats \
--exclude-from backup_exclude.txt \
$REPOSITORY::$BACKUP_NAME \
/home/adam/docker
echo "######### Backup Finished $(date) #########"