Added script

This commit is contained in:
Marco Cetica 2023-03-13 15:57:45 +01:00
commit 3582af392c
No known key found for this signature in database
GPG Key ID: 0EE8E2CF315D6F8E

176
backup.sh Executable file
View File

@ -0,0 +1,176 @@
#!/bin/bash
# backup.sh - Make an encryption backup of your files.
# This POSIX compliant script uses rsync and openssl
# to make a backup of your files. To specify the source
# directories to backup, create a text file with the following
# syntax:
#
# <LABEL>=<PATH>
#
# for example(filename: 'sources.bk'):
# nginx=/etc/nginx/
# ssh=/etc/ssh/
# logs=/var/log/
#
# After that you can launch the script with(sample usage):
# sudo ./backup.sh --backup sources.bk john badpw1234
#
# This will create an encrypted tar archive(password: 'badpw1234')
# in '/home/john/backup-<hostname>-<YYYMMDD>.tar.gz.enc' containing
# the following three directories:
# backup-nginx-<YYYYMMDD>
# backup-ssh-<YYYYMMDD>
# backup-logs-<YYYYMMDD>
#
# You can then decrypt it using:
# ./backup.sh --extract backup-<hostname>-<YYYMMDD>.tar.gz.enc badpw1234
#
# You can read the full guide on https://github.com/ice-bit/backup.sh
# or on the manual page.
# Copyright (c) 2018,2023 Marco Cetica <email@marcocetica.com>
#
set -e
# Check if dependencies are installed
missing_dep=0
for dep in rsync tar openssl ; do
if ! command -v $dep > /dev/null 2>&1; then
echo "Cannot find '$dep', please install it."
missing_dep=1
fi
done
if [ $missing_dep -ne 0 ]; then
exit 1
fi
make_backup() {
BACKUP_SH_SOURCES_PATH="$1"
BACKUP_SH_USER="$2"
BACKUP_SH_PASS="$3"
BACKUP_SH_COMMAND="rsync -aPhvrq --delete"
BACKUP_SH_DATE="$(date +'%Y%m%d')"
BACKUP_SH_FOLDER="backup.sh.tmp"
BACKUP_SH_OUTPUT="/home/$BACKUP_SH_USER/$BACKUP_SH_FOLDER"
BACKUP_SH_START_TIME="$(date +%s)"
declare -A BACKUP_SH_SOURCES
# Check for root permissions
if [ "$(id -u)" -ne 0 ]; then
echo "Run this tool as root!"
exit 1
fi
# Check whether the sources file exists or not
if [ ! -f "$BACKUP_SH_SOURCES_PATH" ]; then
echo "$BACKUP_SH_SOURCES_PATH does not exist."
exit 1
fi
# Read associative array from file
readarray -t lines < "$BACKUP_SH_SOURCES_PATH"
for line in "${lines[@]}"; do
label=${line%%=*}
path=${line#*=}
BACKUP_SH_SOURCES[$label]=$path
done
# Create temporary directory
mkdir -p "$BACKUP_SH_OUTPUT"
# For each item in the array, make a backup
BACKUP_SH_PROGRESS=1
for item in "${!BACKUP_SH_SOURCES[@]}"; do
# Define a subdir for each backup entry
BACKUP_SH_SUBDIR="$BACKUP_SH_OUTPUT/backup-$item-$BACKUP_SH_DATE"
mkdir -p "$BACKUP_SH_SUBDIR"
echo "Copying $item($BACKUP_SH_PROGRESS/${#BACKUP_SH_SOURCES[*]})"
$BACKUP_SH_COMMAND "${BACKUP_SH_SOURCES[$item]}" "$BACKUP_SH_SUBDIR"
BACKUP_SH_PROGRESS=$((BACKUP_SH_PROGRESS+1))
done
# Compress and encrypt backup directory
echo "Compressing and encrypting backup..."
tar -cz -C /home/"$BACKUP_SH_USER" $BACKUP_SH_FOLDER | \
openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -k "$BACKUP_SH_PASS" \
> /home/"$BACKUP_SH_USER"/"backup-$(uname -n)-$BACKUP_SH_DATE.tar.gz.enc"
# Remove temporary files
rm -rf "$BACKUP_SH_OUTPUT"
# Print elapsed time
BACKUP_SH_END_TIME="$(date +%s)"
echo "Elapsed time: $(("$BACKUP_SH_END_TIME" - "$BACKUP_SH_START_TIME")) seconds."
}
extract_backup() {
BACKUP_SH_ARCHIVE_PATH="$1"
BACKUP_SH_ARCHIVE_PW="$2"
openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -d \
-in "$BACKUP_SH_ARCHIVE_PATH" \
-k "$BACKUP_SH_ARCHIVE_PW" | tar xvz
}
helper() {
CLI_NAME="$1"
cat <<EOF
backup.sh - Make an encryption backup of your files.
Syntax: $CLI_NAME [-b|-e|-h]
options:
-b|--backup SOURCES USER PASS Backup folders from SOURCES file.
-e|--extract ARCHIVE PASS Extract ARCHIVE using PASS.
-h|--help Show this helper.
EOF
}
if [ $# -eq 0 ]; then
echo "Please, specify an argument."
echo "For more information, try --help."
exit 1
fi
# Parse CLI arguments
while [ $# -gt 0 ]; do
case $1 in
-b|--backup)
BACKUP_SH_SOURCES_PATH="$2"
BACKUP_SH_USER="$3"
BACKUP_SH_PASSWORD="$4"
if [ -z "$BACKUP_SH_SOURCES_PATH" ] || [ -z "$BACKUP_SH_USER" ] || [ -z "$BACKUP_SH_PASSWORD" ]; then
echo "Please, specify a source file, a user and a password."
echo "For more informatio, try --help"
exit 1
fi
make_backup "$BACKUP_SH_SOURCES_PATH" "$BACKUP_SH_USER" "$BACKUP_SH_PASSWORD"
exit 0
;;
-e|--extract)
BACKUP_SH_ARCHIVE_PATH="$2"
BACKUP_SH_ARCHIVE_PW="$3"
if [ -z "$BACKUP_SH_ARCHIVE_PATH" ] || [ -z "$BACKUP_SH_ARCHIVE_PW" ]; then
echo "Please, specify an encrypted archive and a password."
echo "For more informatio, try --help"
exit 1
fi
extract_backup "$BACKUP_SH_ARCHIVE_PATH" "$BACKUP_SH_ARCHIVE_PW"
exit 0
;;
-h|--help)
helper "$0"
exit 0
;;
*)
echo "Unknown option $1."
echo "For more information, try --help"
exit 1
;;
esac
done