Commit | Line | Data |
---|---|---|
6d52e269 | 1 | #!/bin/bash -e |
2 | ||
3 | # | |
4b645870 | 4 | # it is dangerous to remove the "-e" above; please don't do that. |
6d52e269 | 5 | # |
6 | ||
4b645870 | 7 | # |
8 | # run this script as root, on deleuze | |
9 | # | |
6d52e269 | 10 | |
4b645870 | 11 | PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin |
44b7f284 | 12 | #COMPRESS_EXT=.bz2 |
13 | #COMPRESS_PROG=bzip2 | |
14 | COMPRESS_EXT=.gz | |
15 | COMPRESS_PROG=gzip | |
6d52e269 | 16 | KEYFILE=/etc/backup-encryption-key |
976799a9 | 17 | BACKUPTMP=/var/backups/hcoop-backup |
0031afdd | 18 | CURDATE=$(date -u +%Y.%m.%d) |
37839f02 | 19 | |
614d68fa | 20 | MOVE_OVER=$(dirname $0)/rsync.net-move-over |
37839f02 | 21 | |
22 | IFS=$'\n' | |
be9bd94d | 23 | |
614d68fa | 24 | # Initialize storage area |
25 | RSYNCDIR=/vicepa/hcoop-backups/files | |
26 | rm -fr $RSYNCDIR | |
27 | mkdir -p $RSYNCDIR/$CURDATE | |
253d5337 | 28 | chmod og=rx,u=rwx $RSYNCDIR |
0fe4060a | 29 | chmod og= $RSYNCDIR/$CURDATE |
be9bd94d | 30 | |
614d68fa | 31 | # Initialize backup staging area |
bee5bcbc | 32 | mkdir -p $BACKUPTMP |
33 | cd $BACKUPTMP | |
24b2faa6 | 34 | |
4b645870 | 35 | groups |
bc16fd9e | 36 | echo "I am in: $(pwd)" |
24b2faa6 | 37 | echo |
6d52e269 | 38 | |
bc16fd9e | 39 | echo "Building package lists..." |
24b2faa6 | 40 | dpkg-query -W -f='${Package}\n' > packages |
4b645870 | 41 | (cd /; find / /usr/ /usr/local/ /var/ -xdev) | sort | uniq > allfiles |
24b2faa6 | 42 | dpkg-query -W -f='${Package}\n' | xargs dpkg -L | sort | uniq > debfiles |
bee5bcbc | 43 | dpkg-query -W -f='${Conffiles}\n' | grep / | cut -b2- | \ |
44 | sed 's_ .*__' | sort | uniq > conffiles | |
6d52e269 | 45 | |
46 | diff allfiles debfiles | grep '^<' | cut -b 3- | \ | |
47 | grep -v ^/var/cache | \ | |
48 | grep -v ^/var/tmp | \ | |
49 | grep -v ^/var/lib/dpkg | \ | |
50 | grep -v ^/var/backups | \ | |
51 | grep -v ^/var/lib/changetrack | \ | |
12e40abc | 52 | grep -v ^/var/local/lib/spamd | \ |
6d52e269 | 53 | grep -v ^/var/run | \ |
54 | grep -v ^/var/lock | \ | |
55 | grep -v ^/var/lib/ucf | \ | |
56 | grep -v ^/vicepa | \ | |
57 | grep -v ^/home | \ | |
58 | grep -v ^/tmp | \ | |
59 | grep -v '^/afs$' | \ | |
60 | grep -v '^/$' | \ | |
61 | grep -v '^/usr/$' | \ | |
62 | grep -v ^/usr/src | \ | |
92a7af97 | 63 | grep -v '^/usr/.*\.pyc' | \ |
64 | grep -v '^/usr/.*\.elc' | \ | |
65 | grep -v '^/usr/bin/perldoc\.stub$' | \ | |
5b84f395 | 66 | grep -v '^/usr/bin/.*\.notslocate$' | \ |
d327aed8 | 67 | grep -v '^/usr/lib/courier/.*\.rand$' | \ |
50f51a78 | 68 | grep -v '^/usr/lib/gconv/gconv-modules\.cache$' | \ |
7839bb0b | 69 | grep -v '^/usr/lib/ghc[^/*]/package\.conf$' | \ |
70 | grep -v '^/usr/lib/ghc[^/*]/package\.conf\.old$' | \ | |
4df0bc18 | 71 | grep -v '^/usr/lib/graphviz/config$' | \ |
50f51a78 | 72 | grep -v '^/usr/lib/locale/locale-archive$' | \ |
24b2faa6 | 73 | grep -v '^/usr/share/emacs21/site-lisp/' | \ |
74 | grep -v '^/usr/share/emacs22/site-lisp/' | \ | |
7839bb0b | 75 | grep -v '^/usr/share/info/dir$' | \ |
76 | grep -v '^/usr/share/info/dir\.old$' | \ | |
2c5daf49 | 77 | grep -v '^/usr/share/snmp/mibs/\.index$' | \ |
ae0e82f0 | 78 | grep -v '^/usr/share/vim/addons/doc/tags$' \ |
79 | > backupfiles | |
6d52e269 | 80 | |
24b2faa6 | 81 | cat conffiles >> backupfiles |
82 | ||
6d52e269 | 83 | cat backupfiles | \ |
84 | grep -v ^/home | \ | |
85 | grep -v ^/usr/local | \ | |
86 | grep -v ^/var/spool | \ | |
87 | grep -v ^/var/log | \ | |
88 | grep -v ^/usr/lib/python2.4/ | \ | |
89 | grep -v ^/var/lib/python-support | \ | |
ae0e82f0 | 90 | grep -v ^/usr/share/jed/lib | \ |
6d52e269 | 91 | grep -v ^/usr/share/man | \ |
4df0bc18 | 92 | grep -v ^/usr/share/perl5/IkiWiki/Plugin | \ |
6d52e269 | 93 | grep -v ^/media | \ |
94 | grep -v ^/vmlinuz | \ | |
95 | grep -v ^/vmlinuz.old | \ | |
92a7af97 | 96 | grep -v '^/sbin/[a-z\-]*\.modutils$' | \ |
c6bbcb58 | 97 | grep -v ^/opt | \ |
6d52e269 | 98 | grep -v ^/boot/ | \ |
24b2faa6 | 99 | grep -v ^/dev/ | \ |
6d52e269 | 100 | grep -v ^/etc/ | \ |
101 | grep -v ^/root/ | \ | |
102 | grep -v ^/var/ | \ | |
103 | grep -v ^/lib/modules/ | \ | |
104 | grep -v ^/var/domtool/ | \ | |
105 | grep -v ^/var/lib/mysql/ | \ | |
106 | grep -v ^/var/lib/postgres/ | \ | |
107 | grep -v ^/var/lib/postgresql/ | \ | |
04518d71 | 108 | grep -v ^/usr/lib/ghc-6.6/ | \ |
bee5bcbc | 109 | xargs -I{} -d\\n -- bash -c "test -L '{}' || echo '{}'" > complain |
6d52e269 | 110 | |
bee5bcbc | 111 | F=hcoop.backup.tar$COMPRESS_EXT.aescrypt |
3a9bd77a CE |
112 | echo $COMPRESS_PROG $KEYFILE $MOVE_OVER $CURDATE $F |
113 | echo tar clpf - --ignore-failed-read --no-recursion -C / -T backupfiles | \ | |
eede979f | 114 | $COMPRESS_PROG | \ |
a5a60f0c | 115 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 | 116 | $MOVE_OVER $CURDATE $F |
481c2d5f | 117 | |
3a9bd77a | 118 | |
481c2d5f | 119 | # Acquire lock before messing with spamd |
120 | COUNT=0 | |
121 | LOCK=/var/local/lib/spamd/.lock | |
122 | while test -f $LOCK; do | |
123 | sleep 2m | |
124 | COUNT=$(expr $COUNT + 1) | |
125 | if test $COUNT -eq 10; then | |
126 | # Enough waiting. Kill the process. | |
127 | P=$(cat $LOCK) || : | |
128 | test -n "$P" && kill $P || : | |
129 | rm -f $LOCK | |
130 | break | |
131 | fi | |
132 | done | |
133 | touch $LOCK | |
134 | ||
bee5bcbc | 135 | F=common.spamd.tar$COMPRESS_EXT.aescrypt |
481c2d5f | 136 | tar clpf - --ignore-failed-read -C / /var/local/lib/spamd | \ |
137 | $COMPRESS_PROG | \ | |
a5a60f0c | 138 | ccrypt -k $KEYFILE -e > $F |
481c2d5f | 139 | rm -f $LOCK |
3b16fa86 | 140 | < $F $MOVE_OVER $CURDATE $F |
a5a60f0c | 141 | rm -f $F |
481c2d5f | 142 | |
3a9bd77a | 143 | vos listvol fritz | \ |
24b2faa6 | 144 | tail -n +2 | \ |
145 | head -n -3 | \ | |
3a9bd77a | 146 | cut -b1-32 | \ |
24b2faa6 | 147 | grep -v "\.backup .*$" | \ |
eede979f | 148 | grep -v "\.readonly .*$" | \ |
3a9bd77a CE |
149 | grep -v "\.d .*$" | \ |
150 | grep -v not-backed-up | \ | |
4b645870 | 151 | sed 's_^ .*__' | \ |
152 | sed 's_ .*$__' | \ | |
ae0e82f0 | 153 | grep '[A-Za-z]' \ |
154 | > volumes | |
24b2faa6 | 155 | |
4b645870 | 156 | cat volumes | \ |
4b645870 | 157 | xargs -I{} -d\\n -- \ |
2ee15d79 | 158 | bash -e -c \ |
bee5bcbc | 159 | "F={}.dump$COMPRESS_EXT.aescrypt ; |
160 | vos dump -id {} -localauth -clone | | |
a5a60f0c | 161 | $COMPRESS_PROG | ccrypt -k $KEYFILE -e | |
2ee15d79 | 162 | $MOVE_OVER $CURDATE \$F" || : |
4b645870 | 163 | |
bc16fd9e | 164 | echo "Backing up databases ..." |
bee5bcbc | 165 | F=databases.tar$COMPRESS_EXT.aescrypt |
4b645870 | 166 | tar -C /var/backups/databases/ -cf - . | \ |
167 | $COMPRESS_PROG | \ | |
a5a60f0c | 168 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 | 169 | $MOVE_OVER $CURDATE $F |
4b645870 | 170 | |
512ea01a | 171 | # Update file permissions so that rsync.net can access the backups |
253d5337 | 172 | chmod -R go=,u-w $RSYNCDIR/$CURDATE |
173 | chmod u+w $RSYNCDIR/$CURDATE | |
40c0d8c4 | 174 | chown -R rsync $RSYNCDIR/$CURDATE |
512ea01a | 175 | |
176 | # Complain to admins if there are unknown files | |
4b645870 | 177 | grep '[a-z/]' complain && \ |
bee5bcbc | 178 | mail -a 'From: The Backup Program <backups@deleuze.hcoop.net>' \ |
4b645870 | 179 | -s "automated message: annoying files found on deleuze (please do something about them)" admins@hcoop.net \ |
180 | < complain \ | |
bc16fd9e | 181 | || : |
44b7f284 | 182 | |
bc16fd9e | 183 | echo "Done." |