|
|
@@ -240,10 +240,6 @@ BACKUP_TO_FRIENDS_SCRIPT_NAME="backup2friends"
|
|
240
|
240
|
# name of a script used to restore backed up data from a friend
|
|
241
|
241
|
RESTORE_FROM_FRIEND_SCRIPT_NAME="restorefromfriend"
|
|
242
|
242
|
|
|
243
|
|
-# passphrase used for automatic backups to friends servers
|
|
244
|
|
-# this will be automatically generated
|
|
245
|
|
-BACKUP_TO_FRIENDS_PASSPHRASE=
|
|
246
|
|
-
|
|
247
|
243
|
# memory limit for php in MB
|
|
248
|
244
|
MAX_PHP_MEMORY=64
|
|
249
|
245
|
|
|
|
@@ -631,7 +627,7 @@ function create_backup_script {
|
|
631
|
627
|
echo "tar -czvf /home/$MY_USERNAME/tempfiles/blog.tar.gz /var/www/$FULLBLOG_DOMAIN_NAME/htdocs" >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
632
|
628
|
fi
|
|
633
|
629
|
echo 'echo "Archiving miscellaneous files"' >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
634
|
|
- echo "tar -czvf /home/$MY_USERNAME/tempfiles/miscfiles.tar.gz /home/$MY_USERNAME/.gnupg /home/$MY_USERNAME/.muttrc /home/$MY_USERNAME/.procmailrc /home/$MY_USERNAME/.ssh /var/lib/mysql/mysql /var/www /etc/nginx/sites-available /etc/ssl/private /etc/ssl/certs $GITHUB_BACKUP_DIRECTORY /home/$MY_USERNAME/projects /home/$MY_USERNAME/personal /home/$MY_USERNAME/README" >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
|
630
|
+ echo "tar -czvf /home/$MY_USERNAME/tempfiles/miscfiles.tar.gz /home/$MY_USERNAME/.gnupg /home/$MY_USERNAME/.muttrc /home/$MY_USERNAME/.procmailrc /home/$MY_USERNAME/.ssh /root/backupkey /var/lib/mysql/mysql /var/www /etc/nginx/sites-available /etc/ssl/private /etc/ssl/certs $GITHUB_BACKUP_DIRECTORY /home/$MY_USERNAME/projects /home/$MY_USERNAME/personal /home/$MY_USERNAME/README" >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
635
|
631
|
|
|
636
|
632
|
echo '' >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
637
|
633
|
echo '# Backup the public mailing list' >> /usr/bin/$BACKUP_SCRIPT_NAME
|
|
|
@@ -845,17 +841,13 @@ function backup_to_friends_servers {
|
|
845
|
841
|
fi
|
|
846
|
842
|
|
|
847
|
843
|
apt-get -y --force-yes install duplicity
|
|
848
|
|
-
|
|
849
|
|
- if [ ! $BACKUP_TO_FRIENDS_PASSPHRASE ]; then
|
|
850
|
|
- BACKUP_TO_FRIENDS_PASSPHRASE=$(openssl rand -base64 32)
|
|
851
|
|
- fi
|
|
852
|
|
-
|
|
|
844
|
+
|
|
853
|
845
|
if ! grep -q "backups on friends servers" /home/$MY_USERNAME/README; then
|
|
854
|
846
|
echo '' >> /home/$MY_USERNAME/README
|
|
855
|
847
|
echo '' >> /home/$MY_USERNAME/README
|
|
856
|
848
|
echo 'Backups' >> /home/$MY_USERNAME/README
|
|
857
|
849
|
echo '=======' >> /home/$MY_USERNAME/README
|
|
858
|
|
- echo "Passphrase for backups on friends servers: $BACKUP_TO_FRIENDS_PASSPHRASE" >> /home/$MY_USERNAME/README
|
|
|
850
|
+ echo 'Key file: /root/backupkey' >> /home/$MY_USERNAME/README
|
|
859
|
851
|
echo "To add friends servers create a file called $FRIENDS_SERVERS_LIST"
|
|
860
|
852
|
echo 'and add entries like this:' >> /home/$MY_USERNAME/README
|
|
861
|
853
|
echo '' >> /home/$MY_USERNAME/README
|
|
|
@@ -869,7 +861,20 @@ function backup_to_friends_servers {
|
|
869
|
861
|
|
|
870
|
862
|
echo '#!/bin/bash' > /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
871
|
863
|
echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
872
|
|
- echo "PASSPHRASE='$BACKUP_TO_FRIENDS_PASSPHRASE'" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
864
|
+
|
|
|
865
|
+ echo '# Generate an ssh key used for encrypting backups' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
866
|
+ echo "if [ ! -f /root/backupkey ]; then" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
867
|
+ echo ' ssh-keygen -t rsa -f /root/backupkey -q -N ""' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
868
|
+ echo ' sed -i "s/-----BEGIN RSA PRIVATE KEY-----//g" /root/backupkey' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
869
|
+ echo ' sed -i "s/-----END RSA PRIVATE KEY-----//g" /root/backupkey' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
870
|
+ echo ' sed -i "s/==//g" /root/backupkey' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
871
|
+ echo ' chmod 400 /root/backupkey' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
872
|
+ echo ' rm /root/backupkey.pub' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
873
|
+ echo 'fi' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
874
|
+ echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
875
|
+
|
|
|
876
|
+ echo '# Passphrase is the ssh private key' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
877
|
+ echo "PASSPHRASE=$(</root/backupkey)" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
873
|
878
|
echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
874
|
879
|
echo "if [ ! -f $FRIENDS_SERVERS_LIST ]; then" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
875
|
880
|
echo ' exit 1' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
@@ -905,7 +910,7 @@ function backup_to_friends_servers {
|
|
905
|
910
|
if grep -Fxq "install_blog" $COMPLETION_FILE; then
|
|
906
|
911
|
echo "tar -czvf /home/$MY_USERNAME/tempfiles/blog.tar.gz /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/data" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
907
|
912
|
fi
|
|
908
|
|
- echo "tar -czvf /home/$MY_USERNAME/tempfiles/miscfiles.tar.gz /home/$MY_USERNAME/.gnupg /home/$MY_USERNAME/.muttrc /home/$MY_USERNAME/.procmailrc /home/$MY_USERNAME/.ssh /var/lib/mysql/mysql /var/www /etc/nginx/sites-available /etc/ssl/private /etc/ssl/certs $GITHUB_BACKUP_DIRECTORY /home/$MY_USERNAME/projects /home/$MY_USERNAME/personal /home/$MY_USERNAME/README" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
913
|
+ echo "tar -czvf /home/$MY_USERNAME/tempfiles/miscfiles.tar.gz /home/$MY_USERNAME/.gnupg /home/$MY_USERNAME/.muttrc /home/$MY_USERNAME/.procmailrc /home/$MY_USERNAME/.ssh /root/backupkey /var/lib/mysql/mysql /var/www /etc/nginx/sites-available /etc/ssl/private /etc/ssl/certs $GITHUB_BACKUP_DIRECTORY /home/$MY_USERNAME/projects /home/$MY_USERNAME/personal /home/$MY_USERNAME/README" >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
909
|
914
|
|
|
910
|
915
|
echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
911
|
916
|
echo 'while read remote_server' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
|
|
|
@@ -1013,14 +1018,18 @@ function restore_from_friend {
|
|
1013
|
1018
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
|
|
1014
|
1019
|
fi
|
|
1015
|
1020
|
|
|
1016
|
|
- if [ ! $BACKUP_TO_FRIENDS_PASSPHRASE ]; then
|
|
1017
|
|
- BACKUP_TO_FRIENDS_PASSPHRASE=$(openssl rand -base64 32)
|
|
1018
|
|
- fi
|
|
1019
|
|
-
|
|
1020
|
1021
|
echo '#!/bin/bash' > /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1021
|
1022
|
echo 'SERVER_NAME=$1' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1022
|
1023
|
echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1023
|
|
- echo "PASSPHRASE='$BACKUP_TO_FRIENDS_PASSPHRASE'" >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1024
|
+
|
|
|
1025
|
+ echo '# Check that a backup key exists' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1026
|
+ echo "if [ ! -f /root/backupkey ]; then" >> /usr/bin/$RESTORE_FROM_FRIENDS_SCRIPT_NAME
|
|
|
1027
|
+ echo ' echo "No backup key was found in /root/backupkey"' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1028
|
+ echo ' exit 84' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1029
|
+ echo 'fi' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1030
|
+ echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
|
1031
|
+
|
|
|
1032
|
+ echo "PASSPHRASE=$(</root/backupkey)" >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1024
|
1033
|
echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1025
|
1034
|
echo 'if [ ! $SERVER_NAME ]; then' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
|
1026
|
1035
|
echo " echo '$RESTORE_FROM_FRIEND_SCRIPT_NAME [server]'" >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
|
Bob Mottram
10 年前