6d52e269 |
1 | #!/bin/bash -e |
2 | |
3 | # |
4b645870 |
4 | # it is dangerous to remove the "-e" above; please don't do that. |
6d52e269 |
5 | # |
6 | |
4b645870 |
7 | # |
8 | # run this script as root, on deleuze |
9 | # |
6d52e269 |
10 | |
4b645870 |
11 | PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin |
44b7f284 |
12 | #COMPRESS_EXT=.bz2 |
13 | #COMPRESS_PROG=bzip2 |
14 | COMPRESS_EXT=.gz |
15 | COMPRESS_PROG=gzip |
6d52e269 |
16 | KEYFILE=/etc/backup-encryption-key |
976799a9 |
17 | BACKUPTMP=/var/backups/hcoop-backup |
0031afdd |
18 | CURDATE=$(date -u +%Y.%m.%d) |
37839f02 |
19 | |
614d68fa |
20 | MOVE_OVER=$(dirname $0)/rsync.net-move-over |
37839f02 |
21 | |
22 | IFS=$'\n' |
be9bd94d |
23 | |
614d68fa |
24 | # Initialize storage area |
25 | RSYNCDIR=/vicepa/hcoop-backups/files |
26 | rm -fr $RSYNCDIR |
27 | mkdir -p $RSYNCDIR/$CURDATE |
be9bd94d |
28 | |
614d68fa |
29 | # Initialize backup staging area |
bee5bcbc |
30 | mkdir -p $BACKUPTMP |
31 | cd $BACKUPTMP |
24b2faa6 |
32 | |
4b645870 |
33 | groups |
bc16fd9e |
34 | echo "I am in: $(pwd)" |
24b2faa6 |
35 | echo |
6d52e269 |
36 | |
bc16fd9e |
37 | echo "Building package lists..." |
24b2faa6 |
38 | dpkg-query -W -f='${Package}\n' > packages |
4b645870 |
39 | (cd /; find / /usr/ /usr/local/ /var/ -xdev) | sort | uniq > allfiles |
24b2faa6 |
40 | dpkg-query -W -f='${Package}\n' | xargs dpkg -L | sort | uniq > debfiles |
bee5bcbc |
41 | dpkg-query -W -f='${Conffiles}\n' | grep / | cut -b2- | \ |
42 | sed 's_ .*__' | sort | uniq > conffiles |
6d52e269 |
43 | |
44 | diff allfiles debfiles | grep '^<' | cut -b 3- | \ |
45 | grep -v ^/var/cache | \ |
46 | grep -v ^/var/tmp | \ |
47 | grep -v ^/var/lib/dpkg | \ |
48 | grep -v ^/var/backups | \ |
49 | grep -v ^/var/lib/changetrack | \ |
12e40abc |
50 | grep -v ^/var/local/lib/spamd | \ |
6d52e269 |
51 | grep -v ^/var/run | \ |
52 | grep -v ^/var/lock | \ |
53 | grep -v ^/var/lib/ucf | \ |
54 | grep -v ^/vicepa | \ |
55 | grep -v ^/home | \ |
56 | grep -v ^/tmp | \ |
57 | grep -v '^/afs$' | \ |
58 | grep -v '^/$' | \ |
59 | grep -v '^/usr/$' | \ |
60 | grep -v ^/usr/src | \ |
92a7af97 |
61 | grep -v '^/usr/.*\.pyc' | \ |
62 | grep -v '^/usr/.*\.elc' | \ |
63 | grep -v '^/usr/bin/perldoc\.stub$' | \ |
5b84f395 |
64 | grep -v '^/usr/bin/.*\.notslocate$' | \ |
d327aed8 |
65 | grep -v '^/usr/lib/courier/.*\.rand$' | \ |
50f51a78 |
66 | grep -v '^/usr/lib/gconv/gconv-modules\.cache$' | \ |
4df0bc18 |
67 | grep -v '^/usr/lib/graphviz/config$' | \ |
50f51a78 |
68 | grep -v '^/usr/lib/locale/locale-archive$' | \ |
24b2faa6 |
69 | grep -v '^/usr/share/info/dir$' | \ |
50f51a78 |
70 | grep -v '^/usr/share/info/dir\.old$' | \ |
24b2faa6 |
71 | grep -v '^/usr/share/emacs21/site-lisp/' | \ |
72 | grep -v '^/usr/share/emacs22/site-lisp/' | \ |
2c5daf49 |
73 | grep -v '^/usr/share/snmp/mibs/\.index$' | \ |
ae0e82f0 |
74 | grep -v '^/usr/share/vim/addons/doc/tags$' \ |
75 | > backupfiles |
6d52e269 |
76 | |
24b2faa6 |
77 | cat conffiles >> backupfiles |
78 | |
6d52e269 |
79 | cat backupfiles | \ |
80 | grep -v ^/home | \ |
81 | grep -v ^/usr/local | \ |
82 | grep -v ^/var/spool | \ |
83 | grep -v ^/var/log | \ |
84 | grep -v ^/usr/lib/python2.4/ | \ |
85 | grep -v ^/var/lib/python-support | \ |
ae0e82f0 |
86 | grep -v ^/usr/share/jed/lib | \ |
6d52e269 |
87 | grep -v ^/usr/share/man | \ |
4df0bc18 |
88 | grep -v ^/usr/share/perl5/IkiWiki/Plugin | \ |
6d52e269 |
89 | grep -v ^/media | \ |
90 | grep -v ^/vmlinuz | \ |
91 | grep -v ^/vmlinuz.old | \ |
92a7af97 |
92 | grep -v '^/sbin/[a-z\-]*\.modutils$' | \ |
c6bbcb58 |
93 | grep -v ^/opt | \ |
6d52e269 |
94 | grep -v ^/boot/ | \ |
24b2faa6 |
95 | grep -v ^/dev/ | \ |
6d52e269 |
96 | grep -v ^/etc/ | \ |
97 | grep -v ^/root/ | \ |
98 | grep -v ^/var/ | \ |
99 | grep -v ^/lib/modules/ | \ |
100 | grep -v ^/var/domtool/ | \ |
101 | grep -v ^/var/lib/mysql/ | \ |
102 | grep -v ^/var/lib/postgres/ | \ |
103 | grep -v ^/var/lib/postgresql/ | \ |
bee5bcbc |
104 | xargs -I{} -d\\n -- bash -c "test -L '{}' || echo '{}'" > complain |
6d52e269 |
105 | |
bee5bcbc |
106 | F=hcoop.backup.tar$COMPRESS_EXT.aescrypt |
4b645870 |
107 | tar clpf - --ignore-failed-read --no-recursion -C / -T backupfiles | \ |
eede979f |
108 | $COMPRESS_PROG | \ |
a5a60f0c |
109 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 |
110 | $MOVE_OVER $CURDATE $F |
481c2d5f |
111 | |
112 | # Acquire lock before messing with spamd |
113 | COUNT=0 |
114 | LOCK=/var/local/lib/spamd/.lock |
115 | while test -f $LOCK; do |
116 | sleep 2m |
117 | COUNT=$(expr $COUNT + 1) |
118 | if test $COUNT -eq 10; then |
119 | # Enough waiting. Kill the process. |
120 | P=$(cat $LOCK) || : |
121 | test -n "$P" && kill $P || : |
122 | rm -f $LOCK |
123 | break |
124 | fi |
125 | done |
126 | touch $LOCK |
127 | |
bee5bcbc |
128 | F=common.spamd.tar$COMPRESS_EXT.aescrypt |
481c2d5f |
129 | tar clpf - --ignore-failed-read -C / /var/local/lib/spamd | \ |
130 | $COMPRESS_PROG | \ |
a5a60f0c |
131 | ccrypt -k $KEYFILE -e > $F |
481c2d5f |
132 | rm -f $LOCK |
3b16fa86 |
133 | < $F $MOVE_OVER $CURDATE $F |
a5a60f0c |
134 | rm -f $F |
481c2d5f |
135 | |
24b2faa6 |
136 | vos listvol deleuze | \ |
24b2faa6 |
137 | tail -n +2 | \ |
138 | head -n -3 | \ |
139 | cut -b1-34 | \ |
140 | grep -v "\.backup .*$" | \ |
eede979f |
141 | grep -v "\.readonly .*$" | \ |
4b645870 |
142 | sed 's_^ .*__' | \ |
143 | sed 's_ .*$__' | \ |
ae0e82f0 |
144 | grep '[A-Za-z]' \ |
145 | > volumes |
24b2faa6 |
146 | |
4b645870 |
147 | cat volumes | \ |
148 | grep -v not-backed-up | \ |
149 | xargs -I{} -d\\n -- \ |
2ee15d79 |
150 | bash -e -c \ |
bee5bcbc |
151 | "F={}.dump$COMPRESS_EXT.aescrypt ; |
152 | vos dump -id {} -localauth -clone | |
a5a60f0c |
153 | $COMPRESS_PROG | ccrypt -k $KEYFILE -e | |
2ee15d79 |
154 | $MOVE_OVER $CURDATE \$F" || : |
4b645870 |
155 | |
bc16fd9e |
156 | echo "Backing up databases ..." |
bee5bcbc |
157 | F=databases.tar$COMPRESS_EXT.aescrypt |
4b645870 |
158 | tar -C /var/backups/databases/ -cf - . | \ |
159 | $COMPRESS_PROG | \ |
a5a60f0c |
160 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 |
161 | $MOVE_OVER $CURDATE $F |
4b645870 |
162 | |
512ea01a |
163 | # Update file permissions so that rsync.net can access the backups |
164 | chmod -R go=,u-w $RSYNCDIR |
74bfc8b7 |
165 | chmod u+w $RSYNCDIR |
512ea01a |
166 | chown -R rsync $RSYNCDIR |
167 | |
168 | # Complain to admins if there are unknown files |
4b645870 |
169 | grep '[a-z/]' complain && \ |
bee5bcbc |
170 | mail -a 'From: The Backup Program <backups@deleuze.hcoop.net>' \ |
4b645870 |
171 | -s "automated message: annoying files found on deleuze (please do something about them)" admins@hcoop.net \ |
172 | < complain \ |
bc16fd9e |
173 | || : |
44b7f284 |
174 | |
bc16fd9e |
175 | echo "Done." |