Added script

backup.sh

@@ -0,0 +1,176 @@
+#!/bin/bash
+# backup.sh - Make an encryption backup of your files.
+# This POSIX compliant script uses rsync and openssl
+# to make a backup of your files. To specify the source
+# directories to backup, create a text file with the following
+# syntax:
+#
+# <LABEL>=<PATH>
+#
+# for example(filename: 'sources.bk'):
+#   nginx=/etc/nginx/
+#   ssh=/etc/ssh/
+#   logs=/var/log/
+#
+# After that you can launch the script with(sample usage):
+#   sudo ./backup.sh --backup sources.bk john badpw1234
+#
+# This will create an encrypted tar archive(password: 'badpw1234')
+# in '/home/john/backup-<hostname>-<YYYMMDD>.tar.gz.enc' containing
+# the following three directories:
+#   backup-nginx-<YYYYMMDD>
+#   backup-ssh-<YYYYMMDD>
+#   backup-logs-<YYYYMMDD>
+#
+# You can then decrypt it using:
+#   ./backup.sh --extract backup-<hostname>-<YYYMMDD>.tar.gz.enc badpw1234
+#
+# You can read the full guide on https://github.com/ice-bit/backup.sh
+# or on the manual page.
+# Copyright (c) 2018,2023 Marco Cetica <email@marcocetica.com>
+#
+
+set -e
+
+# Check if dependencies are installed
+missing_dep=0
+for dep in rsync tar openssl ; do
+    if ! command -v $dep > /dev/null 2>&1; then
+        echo "Cannot find '$dep', please install it."
+        missing_dep=1
+    fi
+done
+
+if [ $missing_dep -ne 0 ]; then
+    exit 1
+fi
+
+make_backup() {
+    BACKUP_SH_SOURCES_PATH="$1"
+    BACKUP_SH_USER="$2"
+    BACKUP_SH_PASS="$3"
+    BACKUP_SH_COMMAND="rsync -aPhvrq --delete"
+    BACKUP_SH_DATE="$(date +'%Y%m%d')"
+    BACKUP_SH_FOLDER="backup.sh.tmp"
+    BACKUP_SH_OUTPUT="/home/$BACKUP_SH_USER/$BACKUP_SH_FOLDER"
+    BACKUP_SH_START_TIME="$(date +%s)"
+    declare -A BACKUP_SH_SOURCES
+
+    # Check for root permissions
+    if [ "$(id -u)" -ne 0 ]; then
+        echo "Run this tool as root!"
+        exit 1
+    fi
+
+    # Check whether the sources file exists or not
+    if [ ! -f "$BACKUP_SH_SOURCES_PATH" ]; then
+        echo "$BACKUP_SH_SOURCES_PATH does not exist."
+        exit 1
+    fi
+
+    # Read associative array from file
+    readarray -t lines < "$BACKUP_SH_SOURCES_PATH"
+    for line in "${lines[@]}"; do
+        label=${line%%=*}
+        path=${line#*=}
+        BACKUP_SH_SOURCES[$label]=$path
+    done
+
+    # Create temporary directory
+    mkdir -p "$BACKUP_SH_OUTPUT"
+
+    # For each item in the array, make a backup
+    BACKUP_SH_PROGRESS=1
+    for item in "${!BACKUP_SH_SOURCES[@]}"; do
+        # Define a subdir for each backup entry
+        BACKUP_SH_SUBDIR="$BACKUP_SH_OUTPUT/backup-$item-$BACKUP_SH_DATE"
+        mkdir -p "$BACKUP_SH_SUBDIR"
+
+        echo "Copying $item($BACKUP_SH_PROGRESS/${#BACKUP_SH_SOURCES[*]})"
+        $BACKUP_SH_COMMAND "${BACKUP_SH_SOURCES[$item]}" "$BACKUP_SH_SUBDIR"
+        BACKUP_SH_PROGRESS=$((BACKUP_SH_PROGRESS+1))
+    done
+
+    # Compress and encrypt backup directory
+    echo "Compressing and encrypting backup..."
+    tar -cz -C /home/"$BACKUP_SH_USER" $BACKUP_SH_FOLDER | \
+        openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -k "$BACKUP_SH_PASS" \
+        > /home/"$BACKUP_SH_USER"/"backup-$(uname -n)-$BACKUP_SH_DATE.tar.gz.enc"
+
+    # Remove temporary files
+    rm -rf "$BACKUP_SH_OUTPUT"
+
+    # Print elapsed time
+    BACKUP_SH_END_TIME="$(date +%s)"
+    echo "Elapsed time: $(("$BACKUP_SH_END_TIME" - "$BACKUP_SH_START_TIME")) seconds."
+}
+
+extract_backup() {
+    BACKUP_SH_ARCHIVE_PATH="$1"
+    BACKUP_SH_ARCHIVE_PW="$2"
+
+    openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -d \
+        -in "$BACKUP_SH_ARCHIVE_PATH" \
+        -k  "$BACKUP_SH_ARCHIVE_PW" | tar xvz
+}
+
+helper() {
+    CLI_NAME="$1"
+
+    cat <<EOF
+backup.sh - Make an encryption backup of your files.
+
+Syntax: $CLI_NAME [-b|-e|-h]
+options:
+-b|--backup  SOURCES USER PASS  Backup folders from SOURCES file.
+-e|--extract ARCHIVE PASS       Extract ARCHIVE using PASS.
+-h|--help                       Show this helper.
+EOF
+}
+
+
+if [ $# -eq 0 ]; then
+    echo "Please, specify an argument."
+    echo "For more information, try --help."
+    exit 1
+fi
+
+# Parse CLI arguments
+while [ $# -gt 0 ]; do
+    case $1 in
+        -b|--backup)
+            BACKUP_SH_SOURCES_PATH="$2"
+            BACKUP_SH_USER="$3"
+            BACKUP_SH_PASSWORD="$4"
+
+            if [ -z "$BACKUP_SH_SOURCES_PATH" ] || [ -z "$BACKUP_SH_USER" ] || [ -z "$BACKUP_SH_PASSWORD" ]; then
+                echo "Please, specify a source file, a user and a password."
+                echo "For more informatio, try --help"
+                exit 1
+            fi
+            make_backup "$BACKUP_SH_SOURCES_PATH" "$BACKUP_SH_USER" "$BACKUP_SH_PASSWORD"
+            exit 0
+            ;;
+        -e|--extract)
+            BACKUP_SH_ARCHIVE_PATH="$2"
+            BACKUP_SH_ARCHIVE_PW="$3"
+
+            if [ -z "$BACKUP_SH_ARCHIVE_PATH" ] || [ -z "$BACKUP_SH_ARCHIVE_PW" ]; then
+                echo "Please, specify an encrypted archive and a password."
+                echo "For more informatio, try --help"
+                exit 1
+            fi
+            extract_backup "$BACKUP_SH_ARCHIVE_PATH" "$BACKUP_SH_ARCHIVE_PW"
+            exit 0
+            ;;
+        -h|--help)
+            helper "$0"
+            exit 0
+            ;;
+        *)
+            echo "Unknown option $1."
+            echo "For more information, try --help"
+            exit 1
+            ;;
+    esac
+done