marco/backup.sh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed various bugs

Browse Source
This commit is contained in:
Marco Cetica
2024-04-04 11:55:56 +02:00
parent baa6f68706
commit 08e790a13b
3 changed files with 53 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@@ -16,6 +16,7 @@ This will copy `backup.sh` into `/usr/local/bin/backup.sh`, `sources.bk` into `/
you can issue `sudo make uninstall`.
At this point you still need to install the following dependencies:
- `Bash`
- `rsync`
- `tar`
- `gpg`
@@ -112,7 +113,7 @@ After that, you will find the backup archive and the checksum file in
You can also use `backup.sh` from a crontab rule:
```sh
$> sudo crontab -e
30 03 * * 6 EKEY=$(cat /home/john/.ekey) sh -c '/usr/local/bin/backup.sh -b /usr/local/etc/sources.bk /home/john $EKEY' > /dev/null 2>&1
30 03 * * 6 EKEY=$(cat /home/john/.ekey) bash -c '/usr/local/bin/backup.sh -b /usr/local/etc/sources.bk /home/john $EKEY' > /dev/null 2>&1
```
@@ -121,8 +122,8 @@ key is stored in a local file(with fixed permissions) to avoid password leaking
adopt this practice while using the `--extract` option to avoid password leaking in shell history.
### Backup extraction
`backup.sh` can also be used to extract the encrypted backup as well to verify the integrity
of the backup data. To do so, use the following commands:
`backup.sh` can also be used to extract and to verify the encrypted backup.
To do so, use the following commands:
```sh
$> ./backup.sh --extract <ENCRYPTED_ARCHIVE> <ARCHIVE_PASSWORD>
@@ -142,10 +143,10 @@ backup-nginx-<YYYYMMDD>
backup-ssh-<YYYYMMDD>
```
**note:**: be sure to rename any directory with that name to avoid collisions.
**note**: be sure to rename any directory with that name to avoid collisions.
Instead, if you also want to verify the integrity of the backup data, use the following commands:
If you also want to verify the integrity of the backup data, use the following commands:
```sh
$> ./backup.sh --checksum --extract <ENCRYPTED_ARCHIVE> <ARCHIVE_PASSWORD> <CHECKSUM_ABSOLUTE_PATH>
```
@@ -153,11 +154,9 @@ $> ./backup.sh --checksum --extract <ENCRYPTED_ARCHIVE> <ARCHIVE_PASSWORD> <CHEC
For instance:
```sh
$> ./backup.sh --checksum --extract backup-<hostname>-<YYYYMMDD>.tar.gz.enc badpw1234 $PWD/backup-<hostname>-<YYYYMMDD>.sha256
$> ./backup.sh --checksum --extract backup-<hostname>-<YYYYMMDD>.tar.gz.enc badpw1234 backup-<hostname>-<YYYYMMDD>.sha256
```
**note:** be sure to provide the ABSOLUTE PATH of the checksum file.
## How does backup.sh work?
**backup.sh** uses _rsync_ to copy the files, _tar_ to compress the backup, _gpg_ to encrypt it and
_sha256sum_ to verify it.