marco/backup.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Made destination dir modular

Browse Source
This commit is contained in:
Marco Cetica 2023-03-14 09:19:17 +01:00
parent 8b88adbf84
commit a98cfe4f8f
No known key found for this signature in database
GPG Key ID: 0EE8E2CF315D6F8E
2 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -13,7 +13,7 @@ $> sudo make install
This will copy `backup.sh` into `/usr/local/bin/backup.sh`, `backup_sources.bk` into `/usr/local/etc/backup_sources.bk` and This will copy `backup.sh` into `/usr/local/bin/backup.sh`, `backup_sources.bk` into `/usr/local/etc/backup_sources.bk` and
`backup.sh.1` into `/usr/local/share/man/man1`. `backup.sh.1` into `/usr/local/share/man/man1`.
At this point you still need to install the dependencies: At this point you still need to install the following dependencies:
- `rsync` - `rsync`
- `tar` - `tar`
- `openssl` - `openssl`
@ -25,7 +25,7 @@ backup.sh - POSIX compliant, modular and lightweight backup utility.
Syntax: ./backup.sh [-b|-e|-h] Syntax: ./backup.sh [-b|-e|-h]
options: options:
-b|--backup SOURCES USER PASS Backup folders from SOURCES file. -b|--backup SOURCES DEST PASS Backup folders from SOURCES file.
-e|--extract ARCHIVE PASS Extract ARCHIVE using PASS. -e|--extract ARCHIVE PASS Extract ARCHIVE using PASS.
-h|--help Show this helper. -h|--help Show this helper.
``` ```
@ -34,7 +34,7 @@ As you can see, `backup.sh` supports two options: **backup creation** and **arch
root permissions, while the latter does not. Let us see them in details. root permissions, while the latter does not. Let us see them in details.
### Backup creation ### Backup creation
To specify the directories to backup, `backup.sh` uses an associative array called To specify the directories to backup, `backup.sh` uses an associative array
defined in a text file(called _sources file_) with the following syntax: defined in a text file(called _sources file_) with the following syntax:
```text ```text
@ -42,7 +42,7 @@ defined in a text file(called _sources file_) with the following syntax:
``` ```
Where `<LABEL>` is the name of the backup and `<PATH>` is its path. For example, Where `<LABEL>` is the name of the backup and `<PATH>` is its path. For example,
if you want you back up `/etc/nginx` and `/etc/ssh`, add the following entries to the _sources file_: if you want to back up `/etc/nginx` and `/etc/ssh`, add the following entries to the _sources file_:
```text ```text
nginx=/etc/nginx/ nginx=/etc/nginx/
@ -70,15 +70,15 @@ You can find a sample _sources file_ at `backup_sources.bk`(or at `/usr/local/et
After having defined the _sources file_, you can invoke `backup.sh` using the following syntax: After having defined the _sources file_, you can invoke `backup.sh` using the following syntax:
```sh ```sh
$> sudo ./backup.sh --backup <SOURCES_FILE> <USER> <ENCRYPTION_PASSWORD> $> sudo ./backup.sh --backup <SOURCES_FILE> <DEST> <ENCRYPTION_PASSWORD>
``` ```
Where `<SOURCES_FILE>` is the _sources file_, `<USER>` is the home directory where you want the final backup Where `<SOURCES_FILE>` is the _sources file_, `<DEST>` is the absolute path of the output of the backup
and `<ENCRYPTION_PASSWORD>` is the password to encrypt the compressed archive. **without trailing slashes** and `<ENCRYPTION_PASSWORD>` is the password to encrypt the compressed archive.
In the previous example, this would be: In the previous example, this would be:
```sh ```sh
$> sudo ./backup.sh --backup sources.bk john badpw1234 $> sudo ./backup.sh --backup sources.bk /home/john badpw1234
``` ```
The backup utility will begin to copy the files defined in the _sources file_: The backup utility will begin to copy the files defined in the _sources file_:
@ -94,7 +94,7 @@ After that, you will find the final backup archive in `/home/john/backup-<HOSTNA
You can also use `backup.sh` from a crontab rule: You can also use `backup.sh` from a crontab rule:
```sh ```sh
$> sudo crontab -e $> sudo crontab -e
30 03 * * 6 EKEY=$(cat /home/john/.ekey) /usr/local/bin/backup.sh -b /usr/local/etc/sources.bk john $EKEY 30 03 * * 6 EKEY=$(cat /home/john/.ekey) /usr/local/bin/backup.sh -b /usr/local/etc/sources.bk /home/john $EKEY
``` ```
@ -109,7 +109,7 @@ adopt this practice while using the `--extract` option to avoid password leaking
$> ./backup.sh --extract <ENCRYPTED_ARCHIVE> <ARCHIVE_PASSWORD> $> ./backup.sh --extract <ENCRYPTED_ARCHIVE> <ARCHIVE_PASSWORD>
``` ```
where `<ENCRYPTED_ARCHIVE>` is the encrypted backup and `<ARCHIVE_PASSWORD>` is the backup password. Where `<ENCRYPTED_ARCHIVE>` is the encrypted backup and `<ARCHIVE_PASSWORD>` is the backup password.
For instance: For instance:

24
backup.sh
View File

@ -1,5 +1,4 @@
#!/bin/bash #!/bin/bash
# backup.sh - Backup and encrypt your files.
# backup.sh is a POSIX compliant, modular and lightweight # backup.sh is a POSIX compliant, modular and lightweight
# backup utility to save and encrypt your files. # backup utility to save and encrypt your files.
# #
@ -14,7 +13,7 @@
# logs=/var/log/ # logs=/var/log/
# #
# After that you can launch the script with(sample usage): # After that you can launch the script with(sample usage):
# sudo ./backup.sh --backup sources.bk john badpw1234 # sudo ./backup.sh --backup sources.bk /home/john badpw1234
# #
# This will create an encrypted tar archive(password: 'badpw1234') # This will create an encrypted tar archive(password: 'badpw1234')
# in '/home/john/backup-<hostname>-<YYYMMDD>.tar.gz.enc' containing # in '/home/john/backup-<hostname>-<YYYMMDD>.tar.gz.enc' containing
@ -48,12 +47,12 @@ fi
make_backup() { make_backup() {
BACKUP_SH_SOURCES_PATH="$1" BACKUP_SH_SOURCES_PATH="$1"
BACKUP_SH_USER="$2" BACKUP_SH_OUTPATH="$2"
BACKUP_SH_PASS="$3" BACKUP_SH_PASS="$3"
BACKUP_SH_COMMAND="rsync -aPhvrq --delete" BACKUP_SH_COMMAND="rsync -aPhvrq --delete"
BACKUP_SH_DATE="$(date +'%Y%m%d')" BACKUP_SH_DATE="$(date +'%Y%m%d')"
BACKUP_SH_FOLDER="backup.sh.tmp" BACKUP_SH_FOLDER="backup.sh.tmp"
BACKUP_SH_OUTPUT="/home/$BACKUP_SH_USER/$BACKUP_SH_FOLDER" BACKUP_SH_OUTPUT="$BACKUP_SH_OUTPATH/$BACKUP_SH_FOLDER"
BACKUP_SH_START_TIME="$(date +%s)" BACKUP_SH_START_TIME="$(date +%s)"
declare -A BACKUP_SH_SOURCES declare -A BACKUP_SH_SOURCES
@ -94,9 +93,9 @@ make_backup() {
# Compress and encrypt backup directory # Compress and encrypt backup directory
echo "Compressing and encrypting backup..." echo "Compressing and encrypting backup..."
tar -cz -C /home/"$BACKUP_SH_USER" $BACKUP_SH_FOLDER | \ tar -cz -C $BACKUP_SH_OUTPATH $BACKUP_SH_FOLDER | \
openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -k "$BACKUP_SH_PASS" \ openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 100000 -salt -k "$BACKUP_SH_PASS" \
> /home/"$BACKUP_SH_USER"/"backup-$(uname -n)-$BACKUP_SH_DATE.tar.gz.enc" > $BACKUP_SH_OUTPATH/"backup-$(uname -n)-$BACKUP_SH_DATE.tar.gz.enc"
# Remove temporary files # Remove temporary files
rm -rf "$BACKUP_SH_OUTPUT" rm -rf "$BACKUP_SH_OUTPUT"
@ -123,9 +122,12 @@ backup.sh - POSIX compliant, modular and lightweight backup utility.
Syntax: $CLI_NAME [-b|-e|-h] Syntax: $CLI_NAME [-b|-e|-h]
options: options:
-b|--backup SOURCES USER PASS Backup folders from SOURCES file. -b|--backup SOURCES DEST PASS Backup folders from SOURCES file.
-e|--extract ARCHIVE PASS Extract ARCHIVE using PASS. -e|--extract ARCHIVE PASS Extract ARCHIVE using PASS.
-h|--help Show this helper. -h|--help Show this helper.
General help with the software: https://github.com/ice-bit/backup.sh
Report bugs to: Marco Cetica(<email@marcocetica.com>)
EOF EOF
} }
@ -141,15 +143,15 @@ while [ $# -gt 0 ]; do
case $1 in case $1 in
-b|--backup) -b|--backup)
BACKUP_SH_SOURCES_PATH="$2" BACKUP_SH_SOURCES_PATH="$2"
BACKUP_SH_USER="$3" BACKUP_SH_OUTPATH="$3"
BACKUP_SH_PASSWORD="$4" BACKUP_SH_PASSWORD="$4"
if [ -z "$BACKUP_SH_SOURCES_PATH" ] || [ -z "$BACKUP_SH_USER" ] || [ -z "$BACKUP_SH_PASSWORD" ]; then if [ -z "$BACKUP_SH_SOURCES_PATH" ] || [ -z "$BACKUP_SH_OUTPATH" ] || [ -z "$BACKUP_SH_PASSWORD" ]; then
echo "Please, specify a source file, a user and a password." echo "Please, specify a source file, an output path and a password."
echo "For more informatio, try --help" echo "For more informatio, try --help"
exit 1 exit 1
fi fi
make_backup "$BACKUP_SH_SOURCES_PATH" "$BACKUP_SH_USER" "$BACKUP_SH_PASSWORD" make_backup "$BACKUP_SH_SOURCES_PATH" "$BACKUP_SH_OUTPATH" "$BACKUP_SH_PASSWORD"
exit 0 exit 0
;; ;;
-e|--extract) -e|--extract)