6d52e269 |
1 | #!/bin/bash -e |
2 | |
3 | # |
4b645870 |
4 | # it is dangerous to remove the "-e" above; please don't do that. |
6d52e269 |
5 | # |
6 | |
4b645870 |
7 | # |
8 | # run this script as root, on deleuze |
9 | # |
6d52e269 |
10 | |
4b645870 |
11 | PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin |
44b7f284 |
12 | #COMPRESS_EXT=.bz2 |
13 | #COMPRESS_PROG=bzip2 |
14 | COMPRESS_EXT=.gz |
15 | COMPRESS_PROG=gzip |
6d52e269 |
16 | KEYFILE=/etc/backup-encryption-key |
976799a9 |
17 | BACKUPTMP=/var/backups/hcoop-backup |
0031afdd |
18 | CURDATE=$(date -u +%Y.%m.%d) |
37839f02 |
19 | |
614d68fa |
20 | MOVE_OVER=$(dirname $0)/rsync.net-move-over |
37839f02 |
21 | |
22 | IFS=$'\n' |
be9bd94d |
23 | |
614d68fa |
24 | # Initialize storage area |
25 | RSYNCDIR=/vicepa/hcoop-backups/files |
26 | rm -fr $RSYNCDIR |
27 | mkdir -p $RSYNCDIR/$CURDATE |
0fe4060a |
28 | chmod og=rx $RSYNCDIR |
29 | chmod og= $RSYNCDIR/$CURDATE |
be9bd94d |
30 | |
614d68fa |
31 | # Initialize backup staging area |
bee5bcbc |
32 | mkdir -p $BACKUPTMP |
33 | cd $BACKUPTMP |
24b2faa6 |
34 | |
4b645870 |
35 | groups |
bc16fd9e |
36 | echo "I am in: $(pwd)" |
24b2faa6 |
37 | echo |
6d52e269 |
38 | |
bc16fd9e |
39 | echo "Building package lists..." |
24b2faa6 |
40 | dpkg-query -W -f='${Package}\n' > packages |
4b645870 |
41 | (cd /; find / /usr/ /usr/local/ /var/ -xdev) | sort | uniq > allfiles |
24b2faa6 |
42 | dpkg-query -W -f='${Package}\n' | xargs dpkg -L | sort | uniq > debfiles |
bee5bcbc |
43 | dpkg-query -W -f='${Conffiles}\n' | grep / | cut -b2- | \ |
44 | sed 's_ .*__' | sort | uniq > conffiles |
6d52e269 |
45 | |
46 | diff allfiles debfiles | grep '^<' | cut -b 3- | \ |
47 | grep -v ^/var/cache | \ |
48 | grep -v ^/var/tmp | \ |
49 | grep -v ^/var/lib/dpkg | \ |
50 | grep -v ^/var/backups | \ |
51 | grep -v ^/var/lib/changetrack | \ |
12e40abc |
52 | grep -v ^/var/local/lib/spamd | \ |
6d52e269 |
53 | grep -v ^/var/run | \ |
54 | grep -v ^/var/lock | \ |
55 | grep -v ^/var/lib/ucf | \ |
56 | grep -v ^/vicepa | \ |
57 | grep -v ^/home | \ |
58 | grep -v ^/tmp | \ |
59 | grep -v '^/afs$' | \ |
60 | grep -v '^/$' | \ |
61 | grep -v '^/usr/$' | \ |
62 | grep -v ^/usr/src | \ |
92a7af97 |
63 | grep -v '^/usr/.*\.pyc' | \ |
64 | grep -v '^/usr/.*\.elc' | \ |
65 | grep -v '^/usr/bin/perldoc\.stub$' | \ |
5b84f395 |
66 | grep -v '^/usr/bin/.*\.notslocate$' | \ |
d327aed8 |
67 | grep -v '^/usr/lib/courier/.*\.rand$' | \ |
50f51a78 |
68 | grep -v '^/usr/lib/gconv/gconv-modules\.cache$' | \ |
4df0bc18 |
69 | grep -v '^/usr/lib/graphviz/config$' | \ |
50f51a78 |
70 | grep -v '^/usr/lib/locale/locale-archive$' | \ |
24b2faa6 |
71 | grep -v '^/usr/share/info/dir$' | \ |
50f51a78 |
72 | grep -v '^/usr/share/info/dir\.old$' | \ |
24b2faa6 |
73 | grep -v '^/usr/share/emacs21/site-lisp/' | \ |
74 | grep -v '^/usr/share/emacs22/site-lisp/' | \ |
2c5daf49 |
75 | grep -v '^/usr/share/snmp/mibs/\.index$' | \ |
ae0e82f0 |
76 | grep -v '^/usr/share/vim/addons/doc/tags$' \ |
77 | > backupfiles |
6d52e269 |
78 | |
24b2faa6 |
79 | cat conffiles >> backupfiles |
80 | |
6d52e269 |
81 | cat backupfiles | \ |
82 | grep -v ^/home | \ |
83 | grep -v ^/usr/local | \ |
84 | grep -v ^/var/spool | \ |
85 | grep -v ^/var/log | \ |
86 | grep -v ^/usr/lib/python2.4/ | \ |
87 | grep -v ^/var/lib/python-support | \ |
ae0e82f0 |
88 | grep -v ^/usr/share/jed/lib | \ |
6d52e269 |
89 | grep -v ^/usr/share/man | \ |
4df0bc18 |
90 | grep -v ^/usr/share/perl5/IkiWiki/Plugin | \ |
6d52e269 |
91 | grep -v ^/media | \ |
92 | grep -v ^/vmlinuz | \ |
93 | grep -v ^/vmlinuz.old | \ |
92a7af97 |
94 | grep -v '^/sbin/[a-z\-]*\.modutils$' | \ |
c6bbcb58 |
95 | grep -v ^/opt | \ |
6d52e269 |
96 | grep -v ^/boot/ | \ |
24b2faa6 |
97 | grep -v ^/dev/ | \ |
6d52e269 |
98 | grep -v ^/etc/ | \ |
99 | grep -v ^/root/ | \ |
100 | grep -v ^/var/ | \ |
101 | grep -v ^/lib/modules/ | \ |
102 | grep -v ^/var/domtool/ | \ |
103 | grep -v ^/var/lib/mysql/ | \ |
104 | grep -v ^/var/lib/postgres/ | \ |
105 | grep -v ^/var/lib/postgresql/ | \ |
bee5bcbc |
106 | xargs -I{} -d\\n -- bash -c "test -L '{}' || echo '{}'" > complain |
6d52e269 |
107 | |
bee5bcbc |
108 | F=hcoop.backup.tar$COMPRESS_EXT.aescrypt |
4b645870 |
109 | tar clpf - --ignore-failed-read --no-recursion -C / -T backupfiles | \ |
eede979f |
110 | $COMPRESS_PROG | \ |
a5a60f0c |
111 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 |
112 | $MOVE_OVER $CURDATE $F |
481c2d5f |
113 | |
114 | # Acquire lock before messing with spamd |
115 | COUNT=0 |
116 | LOCK=/var/local/lib/spamd/.lock |
117 | while test -f $LOCK; do |
118 | sleep 2m |
119 | COUNT=$(expr $COUNT + 1) |
120 | if test $COUNT -eq 10; then |
121 | # Enough waiting. Kill the process. |
122 | P=$(cat $LOCK) || : |
123 | test -n "$P" && kill $P || : |
124 | rm -f $LOCK |
125 | break |
126 | fi |
127 | done |
128 | touch $LOCK |
129 | |
bee5bcbc |
130 | F=common.spamd.tar$COMPRESS_EXT.aescrypt |
481c2d5f |
131 | tar clpf - --ignore-failed-read -C / /var/local/lib/spamd | \ |
132 | $COMPRESS_PROG | \ |
a5a60f0c |
133 | ccrypt -k $KEYFILE -e > $F |
481c2d5f |
134 | rm -f $LOCK |
3b16fa86 |
135 | < $F $MOVE_OVER $CURDATE $F |
a5a60f0c |
136 | rm -f $F |
481c2d5f |
137 | |
24b2faa6 |
138 | vos listvol deleuze | \ |
24b2faa6 |
139 | tail -n +2 | \ |
140 | head -n -3 | \ |
141 | cut -b1-34 | \ |
142 | grep -v "\.backup .*$" | \ |
eede979f |
143 | grep -v "\.readonly .*$" | \ |
4b645870 |
144 | sed 's_^ .*__' | \ |
145 | sed 's_ .*$__' | \ |
ae0e82f0 |
146 | grep '[A-Za-z]' \ |
147 | > volumes |
24b2faa6 |
148 | |
4b645870 |
149 | cat volumes | \ |
150 | grep -v not-backed-up | \ |
151 | xargs -I{} -d\\n -- \ |
2ee15d79 |
152 | bash -e -c \ |
bee5bcbc |
153 | "F={}.dump$COMPRESS_EXT.aescrypt ; |
154 | vos dump -id {} -localauth -clone | |
a5a60f0c |
155 | $COMPRESS_PROG | ccrypt -k $KEYFILE -e | |
2ee15d79 |
156 | $MOVE_OVER $CURDATE \$F" || : |
4b645870 |
157 | |
bc16fd9e |
158 | echo "Backing up databases ..." |
bee5bcbc |
159 | F=databases.tar$COMPRESS_EXT.aescrypt |
4b645870 |
160 | tar -C /var/backups/databases/ -cf - . | \ |
161 | $COMPRESS_PROG | \ |
a5a60f0c |
162 | ccrypt -k $KEYFILE -e | \ |
3b16fa86 |
163 | $MOVE_OVER $CURDATE $F |
4b645870 |
164 | |
512ea01a |
165 | # Update file permissions so that rsync.net can access the backups |
166 | chmod -R go=,u-w $RSYNCDIR |
0fe4060a |
167 | chmod u+w $RSYNCDIR $RSYNCDIR/$CURDATE |
40c0d8c4 |
168 | chown -R rsync $RSYNCDIR/$CURDATE |
512ea01a |
169 | |
170 | # Complain to admins if there are unknown files |
4b645870 |
171 | grep '[a-z/]' complain && \ |
bee5bcbc |
172 | mail -a 'From: The Backup Program <backups@deleuze.hcoop.net>' \ |
4b645870 |
173 | -s "automated message: annoying files found on deleuze (please do something about them)" admins@hcoop.net \ |
174 | < complain \ |
bc16fd9e |
175 | || : |
44b7f284 |
176 | |
bc16fd9e |
177 | echo "Done." |