6d52e269 |
1 | #!/bin/bash -e |
2 | |
3 | # |
4b645870 |
4 | # it is dangerous to remove the "-e" above; please don't do that. |
6d52e269 |
5 | # |
6 | |
4b645870 |
7 | # |
8 | # run this script as root, on deleuze |
9 | # |
6d52e269 |
10 | |
be9bd94d |
11 | exec >& /var/log/backup-to-s3-log |
44b7f284 |
12 | |
4b645870 |
13 | PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin |
44b7f284 |
14 | #COMPRESS_EXT=.bz2 |
15 | #COMPRESS_PROG=bzip2 |
16 | COMPRESS_EXT=.gz |
17 | COMPRESS_PROG=gzip |
bee5bcbc |
18 | # units for BWLIMIT are KB/s |
451f65fd |
19 | BWLIMIT=325 |
24b2faa6 |
20 | |
4b645870 |
21 | IFS=$'\n' |
22 | |
be9bd94d |
23 | SCRIPTDIR=$(dirname $0) |
6d52e269 |
24 | KEYFILE=/etc/backup-encryption-key |
be9bd94d |
25 | BACKUPDIR=/hcoop.net-backups |
26 | BACKUPTMP=/var/backups/hcoop-backup-testing |
bee5bcbc |
27 | SUBDIR=`date +%Y.%m.%d` |
28 | |
be9bd94d |
29 | S3_ACCESS_KEY=$(cat ~mwolson_admin/.amazon/access.key) |
30 | S3_SECRET_KEY_FILE=~mwolson_admin/.amazon/secret.key |
31 | |
32 | function s3_cmd () { |
33 | local cmd=$1 |
34 | shift |
35 | $SCRIPTDIR/s3-$cmd -k $S3_ACCESS_KEY -s $S3_SECRET_KEY_FILE $@ |
36 | } |
bee5bcbc |
37 | |
38 | function copy_over () { |
39 | # Move file to its offsite destination |
40 | # $1: file, $2: relative directory (optional) |
41 | if test -z "$1" || test -n "$3"; then |
42 | echo "Bad programming" |
43 | exit 1 |
44 | fi |
45 | local FILE=$1 |
46 | local DEST=$BACKUPDIR/$SUBDIR |
47 | if test -n "$2"; then |
48 | DEST=$DEST/$2 |
49 | fi |
be9bd94d |
50 | s3_cmd put -b ${BWLIMIT}K -T $FILE $DEST/$FILE |
bee5bcbc |
51 | rm -f $FILE |
52 | } |
24b2faa6 |
53 | |
be9bd94d |
54 | function prune_old_backups () { |
55 | local oldpwd=$PWD |
56 | cd $BACKUPDIR |
57 | find . -mindepth 1 -maxdepth 1 -type d -ctime +7 \ |
58 | -execdir rm -fr '{}' \; || true |
59 | rm -rf $SUBDIR |
60 | mkdir -p $SUBDIR |
61 | cd $oldpwd |
62 | } |
63 | |
64 | prune_old_backups |
65 | |
bee5bcbc |
66 | mkdir -p $BACKUPTMP |
67 | cd $BACKUPTMP |
24b2faa6 |
68 | |
4b645870 |
69 | groups |
24b2faa6 |
70 | echo 'I am in:' |
71 | pwd |
72 | echo |
6d52e269 |
73 | |
74 | echo building package lists... |
24b2faa6 |
75 | dpkg-query -W -f='${Package}\n' > packages |
4b645870 |
76 | (cd /; find / /usr/ /usr/local/ /var/ -xdev) | sort | uniq > allfiles |
24b2faa6 |
77 | dpkg-query -W -f='${Package}\n' | xargs dpkg -L | sort | uniq > debfiles |
bee5bcbc |
78 | dpkg-query -W -f='${Conffiles}\n' | grep / | cut -b2- | \ |
79 | sed 's_ .*__' | sort | uniq > conffiles |
6d52e269 |
80 | |
81 | diff allfiles debfiles | grep '^<' | cut -b 3- | \ |
82 | grep -v ^/var/cache | \ |
83 | grep -v ^/var/tmp | \ |
84 | grep -v ^/var/lib/dpkg | \ |
85 | grep -v ^/var/backups | \ |
86 | grep -v ^/var/lib/changetrack | \ |
12e40abc |
87 | grep -v ^/var/local/lib/spamd | \ |
6d52e269 |
88 | grep -v ^/var/run | \ |
89 | grep -v ^/var/lock | \ |
90 | grep -v ^/var/lib/ucf | \ |
91 | grep -v ^/vicepa | \ |
92 | grep -v ^/home | \ |
93 | grep -v ^/tmp | \ |
94 | grep -v '^/afs$' | \ |
95 | grep -v '^/$' | \ |
96 | grep -v '^/usr/$' | \ |
97 | grep -v ^/usr/src | \ |
92a7af97 |
98 | grep -v '^/usr/.*\.pyc' | \ |
99 | grep -v '^/usr/.*\.elc' | \ |
100 | grep -v '^/usr/bin/perldoc\.stub$' | \ |
5b84f395 |
101 | grep -v '^/usr/bin/.*\.notslocate$' | \ |
d327aed8 |
102 | grep -v '^/usr/lib/courier/.*\.rand$' | \ |
50f51a78 |
103 | grep -v '^/usr/lib/gconv/gconv-modules\.cache$' | \ |
4df0bc18 |
104 | grep -v '^/usr/lib/graphviz/config$' | \ |
50f51a78 |
105 | grep -v '^/usr/lib/locale/locale-archive$' | \ |
24b2faa6 |
106 | grep -v '^/usr/share/info/dir$' | \ |
50f51a78 |
107 | grep -v '^/usr/share/info/dir\.old$' | \ |
24b2faa6 |
108 | grep -v '^/usr/share/emacs21/site-lisp/' | \ |
109 | grep -v '^/usr/share/emacs22/site-lisp/' | \ |
2c5daf49 |
110 | grep -v '^/usr/share/snmp/mibs/\.index$' | \ |
ae0e82f0 |
111 | grep -v '^/usr/share/vim/addons/doc/tags$' \ |
112 | > backupfiles |
6d52e269 |
113 | |
24b2faa6 |
114 | cat conffiles >> backupfiles |
115 | |
6d52e269 |
116 | cat backupfiles | \ |
117 | grep -v ^/home | \ |
118 | grep -v ^/usr/local | \ |
119 | grep -v ^/var/spool | \ |
120 | grep -v ^/var/log | \ |
121 | grep -v ^/usr/lib/python2.4/ | \ |
122 | grep -v ^/var/lib/python-support | \ |
ae0e82f0 |
123 | grep -v ^/usr/share/jed/lib | \ |
6d52e269 |
124 | grep -v ^/usr/share/man | \ |
4df0bc18 |
125 | grep -v ^/usr/share/perl5/IkiWiki/Plugin | \ |
6d52e269 |
126 | grep -v ^/media | \ |
127 | grep -v ^/vmlinuz | \ |
128 | grep -v ^/vmlinuz.old | \ |
92a7af97 |
129 | grep -v '^/sbin/[a-z\-]*\.modutils$' | \ |
6d52e269 |
130 | grep -v ^/opt/dell/srvadmin/ | \ |
131 | grep -v ^/boot/ | \ |
24b2faa6 |
132 | grep -v ^/dev/ | \ |
6d52e269 |
133 | grep -v ^/etc/ | \ |
134 | grep -v ^/root/ | \ |
135 | grep -v ^/var/ | \ |
136 | grep -v ^/lib/modules/ | \ |
137 | grep -v ^/var/domtool/ | \ |
138 | grep -v ^/var/lib/mysql/ | \ |
139 | grep -v ^/var/lib/postgres/ | \ |
140 | grep -v ^/var/lib/postgresql/ | \ |
bee5bcbc |
141 | xargs -I{} -d\\n -- bash -c "test -L '{}' || echo '{}'" > complain |
6d52e269 |
142 | |
bee5bcbc |
143 | F=hcoop.backup.tar$COMPRESS_EXT.aescrypt |
4b645870 |
144 | tar clpf - --ignore-failed-read --no-recursion -C / -T backupfiles | \ |
eede979f |
145 | $COMPRESS_PROG | \ |
bee5bcbc |
146 | ccrypt -k $KEYFILE -e > $F |
147 | copy_over $F |
481c2d5f |
148 | |
149 | # Acquire lock before messing with spamd |
150 | COUNT=0 |
151 | LOCK=/var/local/lib/spamd/.lock |
152 | while test -f $LOCK; do |
153 | sleep 2m |
154 | COUNT=$(expr $COUNT + 1) |
155 | if test $COUNT -eq 10; then |
156 | # Enough waiting. Kill the process. |
157 | P=$(cat $LOCK) || : |
158 | test -n "$P" && kill $P || : |
159 | rm -f $LOCK |
160 | break |
161 | fi |
162 | done |
163 | touch $LOCK |
164 | |
bee5bcbc |
165 | F=common.spamd.tar$COMPRESS_EXT.aescrypt |
481c2d5f |
166 | tar clpf - --ignore-failed-read -C / /var/local/lib/spamd | \ |
167 | $COMPRESS_PROG | \ |
bee5bcbc |
168 | ccrypt -k $KEYFILE -e > $F.new |
481c2d5f |
169 | rm -f $LOCK |
bee5bcbc |
170 | copy_over $F.new .. |
481c2d5f |
171 | |
bee5bcbc |
172 | test -s $BACKUPDIR/$F.new && \ |
173 | mv $BACKUPDIR/$F.new $BACKUPDIR/$F |
481c2d5f |
174 | |
24b2faa6 |
175 | vos listvol deleuze | \ |
24b2faa6 |
176 | tail -n +2 | \ |
177 | head -n -3 | \ |
178 | cut -b1-34 | \ |
179 | grep -v "\.backup .*$" | \ |
eede979f |
180 | grep -v "\.readonly .*$" | \ |
4b645870 |
181 | sed 's_^ .*__' | \ |
182 | sed 's_ .*$__' | \ |
ae0e82f0 |
183 | grep '[A-Za-z]' \ |
184 | > volumes |
24b2faa6 |
185 | |
4b645870 |
186 | cat volumes | \ |
187 | grep -v not-backed-up | \ |
188 | xargs -I{} -d\\n -- \ |
189 | bash -c \ |
bee5bcbc |
190 | "F={}.dump$COMPRESS_EXT.aescrypt ; |
191 | vos dump -id {} -localauth -clone | |
192 | $COMPRESS_PROG | ccrypt -k $KEYFILE -e > \$F ; |
ae0e82f0 |
193 | < \$F catsync -b $BWLIMIT $BACKUPDIR/$SUBDIR/\$F ; |
bee5bcbc |
194 | rm -f \$F" |
4b645870 |
195 | |
196 | echo backing up databases |
bee5bcbc |
197 | F=databases.tar$COMPRESS_EXT.aescrypt |
4b645870 |
198 | tar -C /var/backups/databases/ -cf - . | \ |
199 | $COMPRESS_PROG | \ |
bee5bcbc |
200 | ccrypt -k $KEYFILE -e > $F |
201 | copy_over $F |
4b645870 |
202 | |
203 | grep '[a-z/]' complain && \ |
bee5bcbc |
204 | mail -a 'From: The Backup Program <backups@deleuze.hcoop.net>' \ |
4b645870 |
205 | -s "automated message: annoying files found on deleuze (please do something about them)" admins@hcoop.net \ |
206 | < complain \ |
207 | || true |
44b7f284 |
208 | |
209 | echo done |
210 | |