evobackup: zzz_evobackup upstream release 22.12, and call zzz_evobackup with bash ; base: install bash, now needed for zzz_evobackup script
This commit is contained in:
parent
9c450ff11b
commit
81d8774885
|
@ -65,6 +65,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
* ospf: do not repeat use of command, use variable instead with output of command
|
* ospf: do not repeat use of command, use variable instead with output of command
|
||||||
* nagios-nrpe: changed check_load to make it more relevant
|
* nagios-nrpe: changed check_load to make it more relevant
|
||||||
* nagios-nrpe: check_ipsecctl.sh is never used standalone for check_vpn, always called by check_ipsecctl_critiques.sh
|
* nagios-nrpe: check_ipsecctl.sh is never used standalone for check_vpn, always called by check_ipsecctl_critiques.sh
|
||||||
|
* evobackup: zzz_evobackup upstream release 22.12, and call zzz_evobackup with bash
|
||||||
|
* base: install bash, now needed for zzz_evobackup script
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
- mtr--
|
- mtr--
|
||||||
- iftop
|
- iftop
|
||||||
- sudo--
|
- sudo--
|
||||||
|
- bash
|
||||||
tags:
|
tags:
|
||||||
- pkg
|
- pkg
|
||||||
|
|
||||||
|
|
|
@ -1,26 +1,24 @@
|
||||||
#!/bin/sh
|
#!/bin/bash
|
||||||
#
|
#
|
||||||
# Script Evobackup client
|
# Script Evobackup client
|
||||||
# See https://gitea.evolix.org/evolix/evobackup
|
# See https://gitea.evolix.org/evolix/evobackup
|
||||||
#
|
#
|
||||||
# Author: Gregory Colpart <reg@evolix.fr>
|
# Authors: Evolix <info@evolix.fr>,
|
||||||
# Contributors:
|
# Gregory Colpart <reg@evolix.fr>,
|
||||||
# Romain Dessort <rdessort@evolix.fr>
|
# Romain Dessort <rdessort@evolix.fr>,
|
||||||
# Benoît Série <bserie@evolix.fr>
|
# Benoit Série <bserie@evolix.fr>,
|
||||||
# Tristan Pilat <tpilat@evolix.fr>
|
# Tristan Pilat <tpilat@evolix.fr>,
|
||||||
# Victor Laborie <vlaborie@evolix.fr>
|
# Victor Laborie <vlaborie@evolix.fr>,
|
||||||
# Jérémy Lecour <jlecour@evolix.fr>
|
# Jérémy Lecour <jlecour@evolix.fr>
|
||||||
|
# and others.
|
||||||
#
|
#
|
||||||
# Licence: AGPLv3
|
# Licence: AGPLv3
|
||||||
#
|
#
|
||||||
# /!\ DON'T FORGET TO SET "MAIL" and "SERVERS" VARIABLES
|
# /!\ DON'T FORGET TO SET "MAIL" and "SERVERS" VARIABLES
|
||||||
|
|
||||||
# Fail on unassigned variables
|
|
||||||
set -u
|
|
||||||
|
|
||||||
##### Configuration ###################################################
|
##### Configuration ###################################################
|
||||||
|
|
||||||
VERSION="22.03"
|
VERSION="22.12"
|
||||||
|
|
||||||
# email adress for notifications
|
# email adress for notifications
|
||||||
MAIL=jdoe@example.com
|
MAIL=jdoe@example.com
|
||||||
|
@ -28,7 +26,10 @@ MAIL=jdoe@example.com
|
||||||
# list of hosts (hostname or IP) and SSH port for Rsync
|
# list of hosts (hostname or IP) and SSH port for Rsync
|
||||||
SERVERS="node0.backup.example.com:2XXX node1.backup.example.com:2XXX"
|
SERVERS="node0.backup.example.com:2XXX node1.backup.example.com:2XXX"
|
||||||
|
|
||||||
# Should we fallback on servers when the first is unreachable ?
|
# explicit PATH
|
||||||
|
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin
|
||||||
|
|
||||||
|
# Should we fallback on other servers when the first one is unreachable?
|
||||||
SERVERS_FALLBACK=${SERVERS_FALLBACK:-1}
|
SERVERS_FALLBACK=${SERVERS_FALLBACK:-1}
|
||||||
|
|
||||||
# timeout (in seconds) for SSH connections
|
# timeout (in seconds) for SSH connections
|
||||||
|
@ -47,31 +48,479 @@ PIDFILE="/var/run/${PROGNAME}.pid"
|
||||||
# Customize the log path if you have multiple scripts and with separate logs
|
# Customize the log path if you have multiple scripts and with separate logs
|
||||||
LOGFILE="/var/log/evobackup.log"
|
LOGFILE="/var/log/evobackup.log"
|
||||||
|
|
||||||
# Enable/Disable tasks
|
# Full Rsync log file, reset each time
|
||||||
LOCAL_TASKS=${LOCAL_TASKS:-1}
|
RSYNC_LOGFILE="/var/log/${PROGNAME}.rsync.log"
|
||||||
SYNC_TASKS=${SYNC_TASKS:-1}
|
|
||||||
|
|
||||||
HOSTNAME=$(hostname)
|
HOSTNAME=$(hostname)
|
||||||
|
|
||||||
##### SETUP AND FUNCTIONS #############################################
|
|
||||||
|
|
||||||
START_EPOCH=$(/bin/date +%s)
|
|
||||||
DATE_FORMAT="%Y-%m-%d %H:%M:%S"
|
DATE_FORMAT="%Y-%m-%d %H:%M:%S"
|
||||||
|
|
||||||
# shellcheck disable=SC2174
|
# Enable/disable local tasks (default: enabled)
|
||||||
mkdir -p -m 700 ${LOCAL_BACKUP_DIR}
|
: "${LOCAL_TASKS:=1}"
|
||||||
|
# Enable/disable sync tasks (default: enabled)
|
||||||
|
: "${SYNC_TASKS:=1}"
|
||||||
|
|
||||||
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin
|
CANARY_FILE="/zzz_evobackup_canary"
|
||||||
|
|
||||||
## lang = C for english outputs
|
# Source paths can be customized
|
||||||
export LANGUAGE=C
|
# Empty lines, and lines containing # or ; are ignored
|
||||||
export LANG=C
|
RSYNC_INCLUDES="
|
||||||
|
/etc
|
||||||
|
/root
|
||||||
|
/var
|
||||||
|
/home
|
||||||
|
"
|
||||||
|
|
||||||
## Force umask
|
# Excluded paths can be customized
|
||||||
umask 077
|
# Empty lines, and lines beginning with # or ; are ignored
|
||||||
|
RSYNC_EXCLUDES="
|
||||||
|
/dev
|
||||||
|
/proc
|
||||||
|
/run
|
||||||
|
/sys
|
||||||
|
/tmp
|
||||||
|
/usr/doc
|
||||||
|
/usr/obj
|
||||||
|
/usr/share/doc
|
||||||
|
/usr/src
|
||||||
|
/var/apt
|
||||||
|
/var/cache
|
||||||
|
/var/db/munin/*.tmp
|
||||||
|
/var/lib/amavis/amavisd.sock
|
||||||
|
/var/lib/amavis/tmp
|
||||||
|
/var/lib/clamav/*.tmp
|
||||||
|
/var/lib/elasticsearch
|
||||||
|
/var/lib/metche
|
||||||
|
/var/lib/mongodb
|
||||||
|
/var/lib/munin/*tmp*
|
||||||
|
/var/lib/mysql
|
||||||
|
/var/lib/php/sessions
|
||||||
|
/var/lib/php5
|
||||||
|
/var/lib/postgres
|
||||||
|
/var/lib/postgresql
|
||||||
|
/var/lib/sympa
|
||||||
|
/var/lock
|
||||||
|
/var/run
|
||||||
|
/var/spool/postfix
|
||||||
|
/var/spool/smtpd
|
||||||
|
/var/spool/squid
|
||||||
|
/var/state
|
||||||
|
/var/tmp
|
||||||
|
lost+found
|
||||||
|
.nfs.*
|
||||||
|
lxc/*/rootfs/tmp
|
||||||
|
lxc/*/rootfs/usr/doc
|
||||||
|
lxc/*/rootfs/usr/obj
|
||||||
|
lxc/*/rootfs/usr/share/doc
|
||||||
|
lxc/*/rootfs/usr/src
|
||||||
|
lxc/*/rootfs/var/apt
|
||||||
|
lxc/*/rootfs/var/cache
|
||||||
|
lxc/*/rootfs/var/lib/php5
|
||||||
|
lxc/*/rootfs/var/lib/php/sessions
|
||||||
|
lxc/*/rootfs/var/lock
|
||||||
|
lxc/*/rootfs/var/run
|
||||||
|
lxc/*/rootfs/var/state
|
||||||
|
lxc/*/rootfs/var/tmp
|
||||||
|
/home/mysqltmp
|
||||||
|
"
|
||||||
|
|
||||||
## Initialize variable to store SSH connection errors
|
|
||||||
SERVERS_SSH_ERRORS=""
|
##### FUNCTIONS #######################################################
|
||||||
|
|
||||||
|
local_tasks() {
|
||||||
|
log "START LOCAL_TASKS"
|
||||||
|
|
||||||
|
# You can comment or uncomment sections below to customize the backup
|
||||||
|
|
||||||
|
## OpenLDAP : example with slapcat
|
||||||
|
# slapcat -n 0 -l ${LOCAL_BACKUP_DIR}/config.ldap.bak
|
||||||
|
# slapcat -n 1 -l ${LOCAL_BACKUP_DIR}/data.ldap.bak
|
||||||
|
# slapcat -l ${LOCAL_BACKUP_DIR}/ldap.bak
|
||||||
|
|
||||||
|
## MySQL
|
||||||
|
|
||||||
|
## Purge previous dumps
|
||||||
|
# rm -f ${LOCAL_BACKUP_DIR}/mysql.*.gz
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/mysql
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/mysqlhotcopy
|
||||||
|
# rm -rf /home/mysqldump
|
||||||
|
# find ${LOCAL_BACKUP_DIR}/ -type f -name '*.err' -delete
|
||||||
|
|
||||||
|
## example with global and compressed mysqldump
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||||
|
# --opt --all-databases --force --events --hex-blob 2> ${LOCAL_BACKUP_DIR}/mysql.bak.err | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (global compressed) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/mysql.bak.err"
|
||||||
|
# rc=101
|
||||||
|
# fi
|
||||||
|
|
||||||
|
## example with compressed SQL dump (with data) for each databases
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
|
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
||||||
|
# | grep --extended-regexp --invert-match "^(Database|information_schema|performance_schema|sys)"); do
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i 2> ${LOCAL_BACKUP_DIR}/${i}.err | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (${i} compressed) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/${i}.err"
|
||||||
|
# rc=102
|
||||||
|
# fi
|
||||||
|
# done
|
||||||
|
|
||||||
|
## Dump all grants (requires 'percona-toolkit' package)
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
|
# pt-show-grants --flush --no-header 2> ${LOCAL_BACKUP_DIR}/mysql/all_grants.err > ${LOCAL_BACKUP_DIR}/mysql/all_grants.sql
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "pt-show-grants returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/mysql/all_grants.err"
|
||||||
|
# rc=103
|
||||||
|
# fi
|
||||||
|
|
||||||
|
# Dump all variables
|
||||||
|
# mysql -A -e"SHOW GLOBAL VARIABLES;" 2> ${LOCAL_BACKUP_DIR}/MySQLCurrentSettings.err > ${LOCAL_BACKUP_DIR}/MySQLCurrentSettings.txt
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysql (variables) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/MySQLCurrentSettings.err"
|
||||||
|
# rc=104
|
||||||
|
# fi
|
||||||
|
|
||||||
|
## example with SQL dump (schema only, no data) for each databases
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
|
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
||||||
|
# | grep --extended-regexp --invert-match "^(Database|information_schema|performance_schema|sys)"); do
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --no-data --databases $i 2> ${LOCAL_BACKUP_DIR}/${i}.schema.err > ${LOCAL_BACKUP_DIR}/mysql/${i}.schema.sql
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (${i} schema) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/${i}.schema.err"
|
||||||
|
# rc=105
|
||||||
|
# fi
|
||||||
|
# done
|
||||||
|
|
||||||
|
## example with *one* uncompressed SQL dump for *one* database (MYBASE)
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/MYBASE
|
||||||
|
# chown -RL mysql ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \
|
||||||
|
# --opt --events --hex-blob --skip-comments -T ${LOCAL_BACKUP_DIR}/mysql/MYBASE MYBASE 2> ${LOCAL_BACKUP_DIR}/mysql/MYBASE.err
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (MYBASE) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/mysql/MYBASE.err"
|
||||||
|
# rc=106
|
||||||
|
# fi
|
||||||
|
|
||||||
|
## example with two dumps for each table (.sql/.txt) for all databases
|
||||||
|
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||||
|
# | grep --extended-regexp --invert-match "^(Database|information_schema|performance_schema|sys)" ); do
|
||||||
|
# mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
||||||
|
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i 2> /home/mysqldump/$i.err"
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (${i} files) returned an error ${last_rc}, check /home/mysqldump/$i.err"
|
||||||
|
# rc=107
|
||||||
|
# fi
|
||||||
|
# done
|
||||||
|
|
||||||
|
## example with mysqlhotcopy
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
||||||
|
# mysqlhotcopy MYBASE ${LOCAL_BACKUP_DIR}/mysqlhotcopy/ 2> ${LOCAL_BACKUP_DIR}/mysqlhotcopy/MYBASE.err
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqlhotcopy returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/mysqlhotcopy/MYBASE.err"
|
||||||
|
# rc=108
|
||||||
|
# fi
|
||||||
|
|
||||||
|
## example for multiples MySQL instances
|
||||||
|
# mysqladminpasswd=$(grep -m1 'password = .*' /root/.my.cnf|cut -d" " -f3)
|
||||||
|
# grep --extended-regexp "^port\s*=\s*\d*" /etc/mysql/my.cnf | while read instance; do
|
||||||
|
# instance=$(echo "$instance"|awk '{ print $3 }')
|
||||||
|
# if [ "$instance" != "3306" ]
|
||||||
|
# then
|
||||||
|
# mysqldump -P $instance --opt --all-databases --hex-blob -u mysqladmin -p$mysqladminpasswd 2> ${LOCAL_BACKUP_DIR}/mysql.${instance}.err | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.${instance}.bak.gz
|
||||||
|
# last_rc=$?
|
||||||
|
# if [ ${last_rc} -ne 0 ]; then
|
||||||
|
# error "mysqldump (instance ${instance}) returned an error ${last_rc}, check ${LOCAL_BACKUP_DIR}/mysql.${instance}.err"
|
||||||
|
# rc=107
|
||||||
|
# fi
|
||||||
|
# fi
|
||||||
|
# done
|
||||||
|
|
||||||
|
## PostgreSQL
|
||||||
|
|
||||||
|
## Purge previous dumps
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/pg.*.gz
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/pg-backup.tar
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/postgresql/*
|
||||||
|
|
||||||
|
## example with pg_dumpall (warning: you need space in ~postgres)
|
||||||
|
# su - postgres -c "pg_dumpall > ~/pg.dump.bak"
|
||||||
|
# mv ~postgres/pg.dump.bak ${LOCAL_BACKUP_DIR}/
|
||||||
|
|
||||||
|
## another method with gzip directly piped
|
||||||
|
# (
|
||||||
|
# cd /var/lib/postgresql;
|
||||||
|
# sudo -u postgres pg_dumpall | gzip > ${LOCAL_BACKUP_DIR}/pg.dump.bak.gz
|
||||||
|
# )
|
||||||
|
|
||||||
|
## example with all tables from MYBASE excepts TABLE1 and TABLE2
|
||||||
|
# pg_dump -p 5432 -h 127.0.0.1 -U USER --clean -F t --inserts -f ${LOCAL_BACKUP_DIR}/pg-backup.tar -t 'TABLE1' -t 'TABLE2' MYBASE
|
||||||
|
|
||||||
|
## example with only TABLE1 and TABLE2 from MYBASE
|
||||||
|
# pg_dump -p 5432 -h 127.0.0.1 -U USER --clean -F t --inserts -f ${LOCAL_BACKUP_DIR}/pg-backup.tar -T 'TABLE1' -T 'TABLE2' MYBASE
|
||||||
|
|
||||||
|
## example with compressed PostgreSQL dump for each databases
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/postgresql
|
||||||
|
# chown postgres:postgres ${LOCAL_BACKUP_DIR}/postgresql
|
||||||
|
# (
|
||||||
|
# cd /var/lib/postgresql
|
||||||
|
# dbs=$(sudo -u postgres psql -U postgres -lt | awk -F\| '{print $1}' |grep -v template*)
|
||||||
|
# for databases in $dbs ; do sudo -u postgres /usr/bin/pg_dump --create -s -U postgres -d $databases | gzip --best -c > ${LOCAL_BACKUP_DIR}/postgresql/$databases.sql.gz ; done
|
||||||
|
# )
|
||||||
|
|
||||||
|
## MongoDB
|
||||||
|
|
||||||
|
## don't forget to create use with read-only access
|
||||||
|
## > use admin
|
||||||
|
## > db.createUser( { user: "mongobackup", pwd: "PASS", roles: [ "backup", ] } )
|
||||||
|
## Purge previous dumps
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/mongodump/
|
||||||
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mongodump/
|
||||||
|
# mongodump --quiet -u mongobackup -pPASS -o ${LOCAL_BACKUP_DIR}/mongodump/
|
||||||
|
# if [ $? -ne 0 ]; then
|
||||||
|
# echo "Error with mongodump!"
|
||||||
|
# fi
|
||||||
|
|
||||||
|
## Redis
|
||||||
|
|
||||||
|
## Purge previous dumps
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/redis/
|
||||||
|
# rm -rf ${LOCAL_BACKUP_DIR}/redis-*
|
||||||
|
## Copy dump.rdb file for each found instance
|
||||||
|
# for instance in $(find /var/lib/ -mindepth 1 -maxdepth 1 -type d -name 'redis*'); do
|
||||||
|
# if [ -f "${instance}/dump.rdb" ]; then
|
||||||
|
# name=$(basename $instance)
|
||||||
|
# mkdir -p ${LOCAL_BACKUP_DIR}/${name}
|
||||||
|
# cp -a "${instance}/dump.rdb" "${LOCAL_BACKUP_DIR}/${name}"
|
||||||
|
# fi
|
||||||
|
# done
|
||||||
|
|
||||||
|
## ElasticSearch
|
||||||
|
|
||||||
|
## Take a snapshot as a backup.
|
||||||
|
## Warning: You need to have a path.repo configured.
|
||||||
|
## See: https://wiki.evolix.org/HowtoElasticsearch#snapshots-et-sauvegardes
|
||||||
|
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/snapshot.daily" >> "${LOGFILE}"
|
||||||
|
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot.daily?wait_for_completion=true" >> "${LOGFILE}"
|
||||||
|
## Clustered version here
|
||||||
|
## It basically the same thing except that you need to check that NFS is mounted
|
||||||
|
# if ss | grep ':nfs' | grep -q 'ip\.add\.res\.s1' && ss | grep ':nfs' | grep -q 'ip\.add\.res\.s2'
|
||||||
|
# then
|
||||||
|
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/snapshot.daily" >> "${LOGFILE}"
|
||||||
|
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot.daily?wait_for_completion=true" >> "${LOGFILE}"
|
||||||
|
# else
|
||||||
|
# echo 'Cannot make a snapshot of elasticsearch, at least one node is not mounting the repository.'
|
||||||
|
# fi
|
||||||
|
## If you need to keep older snapshot, for example the last 10 daily snapshots, replace the XDELETE and XPUT lines by :
|
||||||
|
# for snapshot in $(curl -s -XGET "localhost:9200/_snapshot/snaprepo/_all?pretty=true" | grep -Eo 'snapshot_[0-9]{4}-[0-9]{2}-[0-9]{2}' | head -n -10); do
|
||||||
|
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/${snapshot}" | grep -v -Fx '{"acknowledged":true}'
|
||||||
|
# done
|
||||||
|
# date=$(/bin/date +%F)
|
||||||
|
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot_${date}?wait_for_completion=true" >> "${LOGFILE}"
|
||||||
|
|
||||||
|
## RabbitMQ
|
||||||
|
|
||||||
|
## export config
|
||||||
|
# rabbitmqadmin export ${LOCAL_BACKUP_DIR}/rabbitmq.config >> "${LOGFILE}"
|
||||||
|
|
||||||
|
## MegaCli config
|
||||||
|
|
||||||
|
# megacli -CfgSave -f ${LOCAL_BACKUP_DIR}/megacli_conf.dump -a0 >/dev/null
|
||||||
|
|
||||||
|
## Dump network routes with mtr and traceroute (warning: could be long with aggressive firewalls)
|
||||||
|
network_targets="8.8.8.8 www.evolix.fr travaux.evolix.net"
|
||||||
|
mtr_bin=$(command -v mtr)
|
||||||
|
if [ -n "${mtr_bin}" ]; then
|
||||||
|
for addr in ${network_targets}; do
|
||||||
|
${mtr_bin} -r "${addr}" > "${LOCAL_BACKUP_DIR}/mtr-${addr}"
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
traceroute_bin=$(command -v traceroute)
|
||||||
|
if [ -n "${traceroute_bin}" ]; then
|
||||||
|
for addr in ${network_targets}; do
|
||||||
|
${traceroute_bin} -n "${addr}" > "${LOCAL_BACKUP_DIR}/traceroute-${addr}" 2>&1
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
server_state_dir="${LOCAL_BACKUP_DIR}/server-state"
|
||||||
|
|
||||||
|
dump_server_state_bin=$(command -v dump-server-state)
|
||||||
|
if [ -z "${dump_server_state_bin}" ]; then
|
||||||
|
error "dump-server-state is missing"
|
||||||
|
rc=1
|
||||||
|
else
|
||||||
|
if [ "${SYSTEM}" = "linux" ]; then
|
||||||
|
${dump_server_state_bin} --all --force --dump-dir "${server_state_dir}"
|
||||||
|
last_rc=$?
|
||||||
|
if [ ${last_rc} -ne 0 ]; then
|
||||||
|
error "dump-server-state returned an error ${last_rc}, check ${server_state_dir}"
|
||||||
|
rc=1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
${dump_server_state_bin} --all --force --dump-dir "${server_state_dir}"
|
||||||
|
last_rc=$?
|
||||||
|
if [ ${last_rc} -ne 0 ]; then
|
||||||
|
error "dump-server-state returned an error ${last_rc}, check ${server_state_dir}"
|
||||||
|
rc=1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
## Dump rights
|
||||||
|
# getfacl -R /var > ${server_state_dir}/rights-var.txt
|
||||||
|
# getfacl -R /etc > ${server_state_dir}/rights-etc.txt
|
||||||
|
# getfacl -R /usr > ${server_state_dir}/rights-usr.txt
|
||||||
|
# getfacl -R /home > ${server_state_dir}/rights-home.txt
|
||||||
|
|
||||||
|
log "STOP LOCAL_TASKS"
|
||||||
|
}
|
||||||
|
build_rsync_main_cmd() {
|
||||||
|
###################################################################
|
||||||
|
# /!\ WARNING /!\ WARNING /!\ WARNING /!\ WARNING /!\ WARNING /!\ #
|
||||||
|
###################################################################
|
||||||
|
# DO NOT USE COMMENTS in rsync lines #
|
||||||
|
# DO NOT ADD WHITESPACES AFTER \ in rsync lines #
|
||||||
|
# It breaks the command and destroys data #
|
||||||
|
# You should not modify this, unless you are really REALLY sure #
|
||||||
|
###################################################################
|
||||||
|
|
||||||
|
# Create a temp file for excludes and includes
|
||||||
|
includes_file="$(mktemp "${PROGNAME}.includes.XXXXXX")"
|
||||||
|
excludes_file="$(mktemp "${PROGNAME}.excludes.XXXXXX")"
|
||||||
|
# … and add them to the list of files to delete at exit
|
||||||
|
temp_files="${temp_files} ${includes_file} ${excludes_file}"
|
||||||
|
|
||||||
|
# Store includes/excludes in files
|
||||||
|
# without blank lines of comments (# or ;)
|
||||||
|
echo "${RSYNC_INCLUDES}" | sed -e 's/\s*\(#\|;\).*//; /^\s*$/d' > "${includes_file}"
|
||||||
|
echo "${RSYNC_EXCLUDES}" | sed -e 's/\s*\(#\|;\).*//; /^\s*$/d' > "${excludes_file}"
|
||||||
|
|
||||||
|
# Rsync command
|
||||||
|
cmd="$(command -v rsync)"
|
||||||
|
|
||||||
|
# Rsync main options
|
||||||
|
cmd="${cmd} --archive"
|
||||||
|
cmd="${cmd} --itemize-changes"
|
||||||
|
cmd="${cmd} --quiet"
|
||||||
|
cmd="${cmd} --stats"
|
||||||
|
cmd="${cmd} --human-readable"
|
||||||
|
cmd="${cmd} --relative"
|
||||||
|
cmd="${cmd} --partial"
|
||||||
|
cmd="${cmd} --delete"
|
||||||
|
cmd="${cmd} --delete-excluded"
|
||||||
|
cmd="${cmd} --force"
|
||||||
|
cmd="${cmd} --ignore-errors"
|
||||||
|
cmd="${cmd} --log-file=${RSYNC_LOGFILE}"
|
||||||
|
cmd="${cmd} --rsh='ssh -p ${SSH_PORT} -o \"ConnectTimeout ${SSH_CONNECT_TIMEOUT}\"'"
|
||||||
|
|
||||||
|
# Rsync excludes
|
||||||
|
while read line ; do
|
||||||
|
cmd="${cmd} --exclude ${line}"
|
||||||
|
done < "${excludes_file}"
|
||||||
|
|
||||||
|
# Rsync local sources
|
||||||
|
cmd="${cmd} ${default_includes}"
|
||||||
|
while read line ; do
|
||||||
|
cmd="${cmd} ${line}"
|
||||||
|
done < "${includes_file}"
|
||||||
|
|
||||||
|
# Rsync remote destination
|
||||||
|
cmd="${cmd} root@${SSH_SERVER}:/var/backup/"
|
||||||
|
|
||||||
|
# output final command
|
||||||
|
echo "${cmd}"
|
||||||
|
}
|
||||||
|
build_rsync_canary_cmd() {
|
||||||
|
# Rsync command
|
||||||
|
cmd="$(command -v rsync)"
|
||||||
|
# Rsync options
|
||||||
|
cmd="${cmd} --rsh='ssh -p ${SSH_PORT} -o \"ConnectTimeout ${SSH_CONNECT_TIMEOUT}\"'"
|
||||||
|
# Rsync local source
|
||||||
|
cmd="${cmd} ${CANARY_FILE}"
|
||||||
|
# Rsync remote destination
|
||||||
|
cmd="${cmd} root@${SSH_SERVER}:/var/backup/"
|
||||||
|
|
||||||
|
# output final command
|
||||||
|
echo "${cmd}"
|
||||||
|
}
|
||||||
|
sync_tasks() {
|
||||||
|
n=0
|
||||||
|
server=""
|
||||||
|
if [ "${SERVERS_FALLBACK}" = "1" ]; then
|
||||||
|
# We try to find a suitable server
|
||||||
|
while :; do
|
||||||
|
server=$(pick_server "${n}")
|
||||||
|
test $? = 0 || exit 2
|
||||||
|
|
||||||
|
if test_server "${server}"; then
|
||||||
|
break
|
||||||
|
else
|
||||||
|
server=""
|
||||||
|
n=$(( n + 1 ))
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
# we force the server
|
||||||
|
server=$(pick_server "${n}")
|
||||||
|
fi
|
||||||
|
|
||||||
|
SSH_SERVER=$(echo "${server}" | cut -d':' -f1)
|
||||||
|
SSH_PORT=$(echo "${server}" | cut -d':' -f2)
|
||||||
|
|
||||||
|
log "START SYNC_TASKS - server=${server}"
|
||||||
|
|
||||||
|
# default paths, depending on system
|
||||||
|
if [ "${SYSTEM}" = "linux" ]; then
|
||||||
|
default_includes="/bin /boot /lib /opt /sbin /usr"
|
||||||
|
else
|
||||||
|
default_includes="/bsd /bin /sbin /usr"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# reset Rsync log file
|
||||||
|
if [ -n "$(command -v truncate)" ]; then
|
||||||
|
truncate -s 0 "${RSYNC_LOGFILE}"
|
||||||
|
else
|
||||||
|
printf "" > "${RSYNC_LOGFILE}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Build the final Rsync command
|
||||||
|
rsync_main_cmd=$(build_rsync_main_cmd)
|
||||||
|
|
||||||
|
# … log it
|
||||||
|
log "SYNC_TASKS - Rsync main command : ${rsync_main_cmd}"
|
||||||
|
|
||||||
|
# … execute it
|
||||||
|
eval "${rsync_main_cmd}"
|
||||||
|
|
||||||
|
rsync_main_rc=$?
|
||||||
|
|
||||||
|
# Copy last lines of rsync log to the main log
|
||||||
|
tail -n 30 "${RSYNC_LOGFILE}" >> "${LOGFILE}"
|
||||||
|
|
||||||
|
if [ ${rsync_main_rc} -ne 0 ]; then
|
||||||
|
error "rsync returned an error ${rsync_main_rc}, check ${LOGFILE}"
|
||||||
|
rc=201
|
||||||
|
else
|
||||||
|
# Build the canary Rsync command
|
||||||
|
rsync_canary_cmd=$(build_rsync_canary_cmd)
|
||||||
|
|
||||||
|
# … log it
|
||||||
|
log "SYNC_TASKS - Rsync canary command : ${rsync_canary_cmd}"
|
||||||
|
|
||||||
|
# … execute it
|
||||||
|
eval "${rsync_canary_cmd}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
log "STOP SYNC_TASKS - server=${server}"
|
||||||
|
}
|
||||||
|
|
||||||
# Call test_server with "HOST:PORT" string
|
# Call test_server with "HOST:PORT" string
|
||||||
# It will return with 0 if the server is reachable.
|
# It will return with 0 if the server is reachable.
|
||||||
|
@ -133,11 +582,29 @@ log() {
|
||||||
"$(/bin/date +"${DATE_FORMAT}")" "${PROGNAME}" "${pid}" "${msg}" \
|
"$(/bin/date +"${DATE_FORMAT}")" "${PROGNAME}" "${pid}" "${msg}" \
|
||||||
>> "${LOGFILE}"
|
>> "${LOGFILE}"
|
||||||
}
|
}
|
||||||
|
error() {
|
||||||
|
msg="${1:-$(cat /dev/stdin)}"
|
||||||
|
pid=$$
|
||||||
|
printf "[%s] %s[%s]: %s\\n" \
|
||||||
|
"$(/bin/date +"${DATE_FORMAT}")" "${PROGNAME}" "${pid}" "${msg}" \
|
||||||
|
>&2
|
||||||
|
}
|
||||||
|
|
||||||
log "START GLOBAL - VERSION=${VERSION} LOCAL_TASKS=${LOCAL_TASKS} SYNC_TASKS=${SYNC_TASKS}"
|
main() {
|
||||||
|
START_EPOCH=$(/bin/date +%s)
|
||||||
|
log "START GLOBAL - VERSION=${VERSION} LOCAL_TASKS=${LOCAL_TASKS} SYNC_TASKS=${SYNC_TASKS}"
|
||||||
|
|
||||||
## Verify other evobackup process and kill if needed
|
# shellcheck disable=SC2174
|
||||||
if [ -e "${PIDFILE}" ]; then
|
mkdir -p -m 700 ${LOCAL_BACKUP_DIR}
|
||||||
|
|
||||||
|
## Force umask
|
||||||
|
umask 077
|
||||||
|
|
||||||
|
## Initialize variable to store SSH connection errors
|
||||||
|
SERVERS_SSH_ERRORS=""
|
||||||
|
|
||||||
|
## Verify other evobackup process and kill if needed
|
||||||
|
if [ -e "${PIDFILE}" ]; then
|
||||||
pid=$(cat "${PIDFILE}")
|
pid=$(cat "${PIDFILE}")
|
||||||
# Does process still exist ?
|
# Does process still exist ?
|
||||||
if kill -0 "${pid}" 2> /dev/null; then
|
if kill -0 "${pid}" 2> /dev/null; then
|
||||||
|
@ -151,373 +618,53 @@ if [ -e "${PIDFILE}" ]; then
|
||||||
else
|
else
|
||||||
rm -f "${PIDFILE}"
|
rm -f "${PIDFILE}"
|
||||||
fi
|
fi
|
||||||
fi
|
|
||||||
echo "$$" > "${PIDFILE}"
|
|
||||||
# shellcheck disable=SC2064
|
|
||||||
trap "rm -f ${PIDFILE}" EXIT
|
|
||||||
|
|
||||||
##### LOCAL BACKUP ####################################################
|
|
||||||
|
|
||||||
if [ "${LOCAL_TASKS}" = "1" ]; then
|
|
||||||
log "START LOCAL_TASKS"
|
|
||||||
|
|
||||||
# You can comment or uncomment sections below to customize the backup
|
|
||||||
|
|
||||||
## OpenLDAP : example with slapcat
|
|
||||||
# slapcat -n 0 -l ${LOCAL_BACKUP_DIR}/config.ldap.bak
|
|
||||||
# slapcat -n 1 -l ${LOCAL_BACKUP_DIR}/data.ldap.bak
|
|
||||||
# slapcat -l ${LOCAL_BACKUP_DIR}/ldap.bak
|
|
||||||
|
|
||||||
## MySQL
|
|
||||||
|
|
||||||
## Purge previous dumps
|
|
||||||
# rm -f ${LOCAL_BACKUP_DIR}/mysql.*.gz
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/mysql
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/mysqlhotcopy
|
|
||||||
# rm -rf /home/mysqldump
|
|
||||||
|
|
||||||
## example with global and compressed mysqldump
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
|
||||||
# --opt --all-databases --force --events --hex-blob | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz
|
|
||||||
|
|
||||||
## example with compressed SQL dump (with data) for each databases
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
|
||||||
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
|
||||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
|
||||||
# done
|
|
||||||
|
|
||||||
## Dump all grants (requires 'percona-toolkit' package)
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
|
||||||
# pt-show-grants --flush --no-header > ${LOCAL_BACKUP_DIR}/mysql/all_grants.sql
|
|
||||||
|
|
||||||
# Dump all variables
|
|
||||||
# mysql -A -e"SHOW GLOBAL VARIABLES;" > ${LOCAL_BACKUP_DIR}/MySQLCurrentSettings.txt
|
|
||||||
|
|
||||||
## example with SQL dump (schema only, no data) for each databases
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
|
||||||
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
|
||||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --no-data --databases $i > ${LOCAL_BACKUP_DIR}/mysql/${i}.schema.sql
|
|
||||||
# done
|
|
||||||
|
|
||||||
## example with *one* uncompressed SQL dump for *one* database (MYBASE)
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/MYBASE
|
|
||||||
# chown -RL mysql ${LOCAL_BACKUP_DIR}/mysql/
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \
|
|
||||||
# --opt --events --hex-blob --skip-comments -T ${LOCAL_BACKUP_DIR}/mysql/MYBASE MYBASE
|
|
||||||
|
|
||||||
## example with two dumps for each table (.sql/.txt) for all databases
|
|
||||||
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
|
||||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \
|
|
||||||
# do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
|
||||||
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done
|
|
||||||
|
|
||||||
## example with mysqlhotcopy
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
|
||||||
# mysqlhotcopy MYBASE ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
|
||||||
|
|
||||||
## example for multiples MySQL instances
|
|
||||||
# mysqladminpasswd=$(grep -m1 'password = .*' /root/.my.cnf|cut -d" " -f3)
|
|
||||||
# grep -E "^port\s*=\s*\d*" /etc/mysql/my.cnf |while read instance; do
|
|
||||||
# instance=$(echo "$instance"|awk '{ print $3 }')
|
|
||||||
# if [ "$instance" != "3306" ]
|
|
||||||
# then
|
|
||||||
# mysqldump -P $instance --opt --all-databases --hex-blob -u mysqladmin -p$mysqladminpasswd | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.$instance.bak.gz
|
|
||||||
# fi
|
|
||||||
# done
|
|
||||||
|
|
||||||
## PostgreSQL
|
|
||||||
|
|
||||||
## Purge previous dumps
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/pg.*.gz
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/pg-backup.tar
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/postgresql/*
|
|
||||||
## example with pg_dumpall (warning: you need space in ~postgres)
|
|
||||||
# su - postgres -c "pg_dumpall > ~/pg.dump.bak"
|
|
||||||
# mv ~postgres/pg.dump.bak ${LOCAL_BACKUP_DIR}/
|
|
||||||
## another method with gzip directly piped
|
|
||||||
# cd /var/lib/postgresql
|
|
||||||
# sudo -u postgres pg_dumpall | gzip > ${LOCAL_BACKUP_DIR}/pg.dump.bak.gz
|
|
||||||
# cd - > /dev/null
|
|
||||||
|
|
||||||
## example with all tables from MYBASE excepts TABLE1 and TABLE2
|
|
||||||
# pg_dump -p 5432 -h 127.0.0.1 -U USER --clean -F t --inserts -f ${LOCAL_BACKUP_DIR}/pg-backup.tar -t 'TABLE1' -t 'TABLE2' MYBASE
|
|
||||||
|
|
||||||
## example with only TABLE1 and TABLE2 from MYBASE
|
|
||||||
# pg_dump -p 5432 -h 127.0.0.1 -U USER --clean -F t --inserts -f ${LOCAL_BACKUP_DIR}/pg-backup.tar -T 'TABLE1' -T 'TABLE2' MYBASE
|
|
||||||
|
|
||||||
## example with compressed PostgreSQL dump for each databases
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/postgresql
|
|
||||||
# chown postgres:postgres ${LOCAL_BACKUP_DIR}/postgresql
|
|
||||||
# dbs=$(sudo -u postgres psql -U postgres -lt | awk -F\| '{print $1}' |grep -v template*)
|
|
||||||
#
|
|
||||||
# for databases in $dbs ; do sudo -u postgres /usr/bin/pg_dump --create -s -U postgres -d $databases | gzip --best -c > ${LOCAL_BACKUP_DIR}/postgresql/$databases.sql.gz ; done
|
|
||||||
|
|
||||||
## MongoDB
|
|
||||||
|
|
||||||
## don't forget to create use with read-only access
|
|
||||||
## > use admin
|
|
||||||
## > db.createUser( { user: "mongobackup", pwd: "PASS", roles: [ "backup", ] } )
|
|
||||||
## Purge previous dumps
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/mongodump/
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mongodump/
|
|
||||||
# mongodump --quiet -u mongobackup -pPASS -o ${LOCAL_BACKUP_DIR}/mongodump/
|
|
||||||
# if [ $? -ne 0 ]; then
|
|
||||||
# echo "Error with mongodump!"
|
|
||||||
# fi
|
|
||||||
|
|
||||||
## Redis
|
|
||||||
|
|
||||||
## Purge previous dumps
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/redis/
|
|
||||||
# rm -rf ${LOCAL_BACKUP_DIR}/redis-*
|
|
||||||
## example with copy .rdb file
|
|
||||||
## for the default instance :
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/redis/
|
|
||||||
# cp /var/lib/redis/dump.rdb ${LOCAL_BACKUP_DIR}/redis/
|
|
||||||
## for multiple instances :
|
|
||||||
# for instance in $(ls -d /var/lib/redis-*); do
|
|
||||||
# name=$(basename $instance)
|
|
||||||
# mkdir -p ${LOCAL_BACKUP_DIR}/${name}
|
|
||||||
# cp -a ${instance}/dump.rdb ${LOCAL_BACKUP_DIR}/${name}
|
|
||||||
# done
|
|
||||||
|
|
||||||
## ElasticSearch
|
|
||||||
|
|
||||||
## Take a snapshot as a backup.
|
|
||||||
## Warning: You need to have a path.repo configured.
|
|
||||||
## See: https://wiki.evolix.org/HowtoElasticsearch#snapshots-et-sauvegardes
|
|
||||||
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/snapshot.daily" -o /tmp/es_delete_snapshot.daily.log
|
|
||||||
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot.daily?wait_for_completion=true" -o /tmp/es_snapshot.daily.log
|
|
||||||
## Clustered version here
|
|
||||||
## It basically the same thing except that you need to check that NFS is mounted
|
|
||||||
# if ss | grep ':nfs' | grep -q 'ip\.add\.res\.s1' && ss | grep ':nfs' | grep -q 'ip\.add\.res\.s2'
|
|
||||||
# then
|
|
||||||
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/snapshot.daily" -o /tmp/es_delete_snapshot.daily.log
|
|
||||||
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot.daily?wait_for_completion=true" -o /tmp/es_snapshot.daily.log
|
|
||||||
# else
|
|
||||||
# echo 'Cannot make a snapshot of elasticsearch, at least one node is not mounting the repository.'
|
|
||||||
# fi
|
|
||||||
## If you need to keep older snapshot, for example the last 10 daily snapshots, replace the XDELETE and XPUT lines by :
|
|
||||||
# for snapshot in $(curl -s -XGET "localhost:9200/_snapshot/snaprepo/_all?pretty=true" | grep -Eo 'snapshot_[0-9]{4}-[0-9]{2}-[0-9]{2}' | head -n -10); do
|
|
||||||
# curl -s -XDELETE "localhost:9200/_snapshot/snaprepo/${snapshot}" | grep -v -Fx '{"acknowledged":true}'
|
|
||||||
# done
|
|
||||||
# date=$(/bin/date +%F)
|
|
||||||
# curl -s -XPUT "localhost:9200/_snapshot/snaprepo/snapshot_${date}?wait_for_completion=true" -o /tmp/es_snapshot_${date}.log
|
|
||||||
|
|
||||||
## RabbitMQ
|
|
||||||
|
|
||||||
## export config
|
|
||||||
#rabbitmqadmin export ${LOCAL_BACKUP_DIR}/rabbitmq.config >> $LOGFILE
|
|
||||||
|
|
||||||
## MegaCli config
|
|
||||||
|
|
||||||
#megacli -CfgSave -f ${LOCAL_BACKUP_DIR}/megacli_conf.dump -a0 >/dev/null
|
|
||||||
|
|
||||||
## Dump network routes with mtr and traceroute (warning: could be long with aggressive firewalls)
|
|
||||||
for addr in 8.8.8.8 www.evolix.fr travaux.evolix.net; do
|
|
||||||
mtr -r ${addr} > ${LOCAL_BACKUP_DIR}/mtr-${addr}
|
|
||||||
traceroute -n ${addr} > ${LOCAL_BACKUP_DIR}/traceroute-${addr} 2>&1
|
|
||||||
done
|
|
||||||
|
|
||||||
server_state_dir="${LOCAL_BACKUP_DIR}/server-state"
|
|
||||||
|
|
||||||
dump_server_state_bin=$(command -v dump-server-state)
|
|
||||||
|
|
||||||
if [ "${SYSTEM}" = "linux" ]; then
|
|
||||||
if [ -n "${dump_server_state_bin}" ]; then
|
|
||||||
${dump_server_state_bin} --all --force --dump-dir "${server_state_dir}"
|
|
||||||
else
|
|
||||||
mkdir -p "${server_state_dir}"
|
|
||||||
|
|
||||||
## Dump system and kernel versions
|
|
||||||
uname -a > ${server_state_dir}/uname.txt
|
|
||||||
|
|
||||||
## Dump process with ps
|
|
||||||
ps auwwx > ${server_state_dir}/ps.txt
|
|
||||||
|
|
||||||
## Dump network connections with ss
|
|
||||||
ss -taupen > ${server_state_dir}/netstat.txt
|
|
||||||
|
|
||||||
## List Debian packages
|
|
||||||
dpkg -l > ${server_state_dir}/packages
|
|
||||||
dpkg --get-selections > ${server_state_dir}/packages.getselections
|
|
||||||
apt-cache dumpavail > ${server_state_dir}/packages.available
|
|
||||||
|
|
||||||
## Dump iptables
|
|
||||||
if [ -x /sbin/iptables ]; then
|
|
||||||
{ /sbin/iptables -L -n -v; /sbin/iptables -t filter -L -n -v; } > ${server_state_dir}/iptables.txt
|
|
||||||
fi
|
fi
|
||||||
|
echo "$$" > "${PIDFILE}"
|
||||||
|
|
||||||
## Dump findmnt(8) output
|
# Initialize a list of files to delete at exit
|
||||||
FINDMNT_BIN=$(command -v findmnt)
|
# Any file added to the list will also be deleted at exit
|
||||||
if [ -x "${FINDMNT_BIN}" ]; then
|
temp_files="${PIDFILE}"
|
||||||
${FINDMNT_BIN} > ${server_state_dir}/findmnt.txt
|
|
||||||
fi
|
|
||||||
|
|
||||||
## Dump MBR / table partitions
|
# shellcheck disable=SC2064
|
||||||
disks=$(lsblk -l | grep disk | grep -v -E '(drbd|fd[0-9]+)' | awk '{print $1}')
|
trap "rm -f ${temp_files}" EXIT
|
||||||
for disk in ${disks}; do
|
|
||||||
dd if="/dev/${disk}" of="${server_state_dir}/MBR-${disk}" bs=512 count=1 2>&1 | grep -Ev "(records in|records out|512 bytes)"
|
|
||||||
fdisk -l "/dev/${disk}" > "${server_state_dir}/partitions-${disk}" 2>&1
|
|
||||||
done
|
|
||||||
cat ${server_state_dir}/partitions-* > ${server_state_dir}/partitions
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
if [ -n "${dump_server_state_bin}" ]; then
|
|
||||||
${dump_server_state_bin} --all --force --dump-dir "${server_state_dir}"
|
|
||||||
else
|
|
||||||
mkdir -p "${server_state_dir}"
|
|
||||||
|
|
||||||
## Dump system and kernel versions
|
|
||||||
uname -a > ${server_state_dir}/uname
|
|
||||||
|
|
||||||
## Dump process with ps
|
|
||||||
ps auwwx > ${server_state_dir}/ps.out
|
|
||||||
|
|
||||||
## Dump network connections with fstat
|
|
||||||
fstat | head -1 > ${server_state_dir}/netstat.out
|
|
||||||
fstat | grep internet >> ${server_state_dir}/netstat.out
|
|
||||||
|
|
||||||
## List OpenBSD packages
|
|
||||||
pkg_info -m > ${server_state_dir}/packages
|
|
||||||
|
|
||||||
## Dump MBR / table partitions
|
|
||||||
disklabel sd0 > ${server_state_dir}/partitions
|
|
||||||
|
|
||||||
## Dump pf infos
|
|
||||||
pfctl -sa > ${server_state_dir}/pfctl-sa.txt
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
## Dump rights
|
|
||||||
#getfacl -R /var > ${server_state_dir}/rights-var.txt
|
|
||||||
#getfacl -R /etc > ${server_state_dir}/rights-etc.txt
|
|
||||||
#getfacl -R /usr > ${server_state_dir}/rights-usr.txt
|
|
||||||
#getfacl -R /home > ${server_state_dir}/rights-home.txt
|
|
||||||
|
|
||||||
log "STOP LOCAL_TASKS"
|
|
||||||
fi
|
|
||||||
|
|
||||||
##### REMOTE BACKUP ###################################################
|
|
||||||
|
|
||||||
|
|
||||||
if [ "${SYNC_TASKS}" = "1" ]; then
|
|
||||||
n=0
|
|
||||||
server=""
|
|
||||||
if [ "${SERVERS_FALLBACK}" = "1" ]; then
|
|
||||||
# We try to find a suitable server
|
|
||||||
while :; do
|
|
||||||
server=$(pick_server "${n}")
|
|
||||||
test $? = 0 || exit 2
|
|
||||||
|
|
||||||
if test_server "${server}"; then
|
|
||||||
break
|
|
||||||
else
|
|
||||||
server=""
|
|
||||||
n=$(( n + 1 ))
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
else
|
|
||||||
# we force the server
|
|
||||||
server=$(pick_server "${n}")
|
|
||||||
fi
|
|
||||||
|
|
||||||
SSH_SERVER=$(echo "${server}" | cut -d':' -f1)
|
|
||||||
SSH_PORT=$(echo "${server}" | cut -d':' -f2)
|
|
||||||
|
|
||||||
if [ "${SYSTEM}" = "linux" ]; then
|
|
||||||
rep="/bin /boot /lib /opt /sbin /usr"
|
|
||||||
else
|
|
||||||
rep="/bsd /bin /sbin /usr"
|
|
||||||
fi
|
|
||||||
|
|
||||||
log "START SYNC_TASKS - server=${server}"
|
|
||||||
|
|
||||||
|
# Update canary to keep track of each run
|
||||||
update-evobackup-canary --who "${PROGNAME}"
|
update-evobackup-canary --who "${PROGNAME}"
|
||||||
|
|
||||||
# /!\ DO NOT USE COMMENTS in the rsync command /!\
|
if [ "${LOCAL_TASKS}" = "1" ]; then
|
||||||
# It breaks the command and destroys data, simply remove (or add) lines.
|
local_tasks
|
||||||
|
fi
|
||||||
|
|
||||||
# Remote shell command
|
if [ "${SYNC_TASKS}" = "1" ]; then
|
||||||
RSH_COMMAND="ssh -p ${SSH_PORT} -o 'ConnectTimeout ${SSH_CONNECT_TIMEOUT}'"
|
sync_tasks
|
||||||
|
fi
|
||||||
|
|
||||||
# ignore check because we want it to split the different arguments to $rep
|
STOP_EPOCH=$(/bin/date +%s)
|
||||||
# shellcheck disable=SC2086
|
|
||||||
rsync -avzh --relative --stats --delete --delete-excluded --force --ignore-errors --partial \
|
|
||||||
--exclude "dev" \
|
|
||||||
--exclude "lost+found" \
|
|
||||||
--exclude ".nfs.*" \
|
|
||||||
--exclude "/usr/doc" \
|
|
||||||
--exclude "/usr/obj" \
|
|
||||||
--exclude "/usr/share/doc" \
|
|
||||||
--exclude "/usr/src" \
|
|
||||||
--exclude "/var/apt" \
|
|
||||||
--exclude "/var/cache" \
|
|
||||||
--exclude "/var/lib/amavis/amavisd.sock" \
|
|
||||||
--exclude "/var/lib/amavis/tmp" \
|
|
||||||
--exclude "/var/lib/clamav/*.tmp" \
|
|
||||||
--exclude "/var/lib/elasticsearch" \
|
|
||||||
--exclude "/var/lib/metche" \
|
|
||||||
--exclude "/var/lib/munin/*tmp*" \
|
|
||||||
--exclude "/var/db/munin/*.tmp" \
|
|
||||||
--exclude "/var/lib/mysql" \
|
|
||||||
--exclude "/var/lib/php5" \
|
|
||||||
--exclude "/var/lib/php/sessions" \
|
|
||||||
--exclude "/var/lib/postgres" \
|
|
||||||
--exclude "/var/lib/postgresql" \
|
|
||||||
--exclude "/var/lib/sympa" \
|
|
||||||
--exclude "/var/lock" \
|
|
||||||
--exclude "/var/run" \
|
|
||||||
--exclude "/var/spool/postfix" \
|
|
||||||
--exclude "/var/spool/smtpd" \
|
|
||||||
--exclude "/var/spool/squid" \
|
|
||||||
--exclude "/var/state" \
|
|
||||||
--exclude "/var/tmp" \
|
|
||||||
--exclude "lxc/*/rootfs/tmp" \
|
|
||||||
--exclude "lxc/*/rootfs/usr/doc" \
|
|
||||||
--exclude "lxc/*/rootfs/usr/obj" \
|
|
||||||
--exclude "lxc/*/rootfs/usr/share/doc" \
|
|
||||||
--exclude "lxc/*/rootfs/usr/src" \
|
|
||||||
--exclude "lxc/*/rootfs/var/apt" \
|
|
||||||
--exclude "lxc/*/rootfs/var/cache" \
|
|
||||||
--exclude "lxc/*/rootfs/var/lib/php5" \
|
|
||||||
--exclude "lxc/*/rootfs/var/lib/php/sessions" \
|
|
||||||
--exclude "lxc/*/rootfs/var/lock" \
|
|
||||||
--exclude "lxc/*/rootfs/var/log" \
|
|
||||||
--exclude "lxc/*/rootfs/var/run" \
|
|
||||||
--exclude "lxc/*/rootfs/var/state" \
|
|
||||||
--exclude "lxc/*/rootfs/var/tmp" \
|
|
||||||
--exclude "/home/mysqltmp" \
|
|
||||||
${rep} \
|
|
||||||
/etc \
|
|
||||||
/root \
|
|
||||||
/var \
|
|
||||||
/home \
|
|
||||||
/zzz_evobackup_canary \
|
|
||||||
-e "${RSH_COMMAND}" \
|
|
||||||
"root@${SSH_SERVER}:/var/backup/" \
|
|
||||||
| tail -30 >> $LOGFILE
|
|
||||||
|
|
||||||
log "STOP SYNC_TASKS - server=${server}"
|
if [ "${SYSTEM}" = "openbsd" ]; then
|
||||||
fi
|
|
||||||
|
|
||||||
##### REPORTING #######################################################
|
|
||||||
|
|
||||||
STOP_EPOCH=$(/bin/date +%s)
|
|
||||||
|
|
||||||
if [ "${SYSTEM}" = "openbsd" ]; then
|
|
||||||
start_time=$(/bin/date -f "%s" -j "${START_EPOCH}" +"${DATE_FORMAT}")
|
start_time=$(/bin/date -f "%s" -j "${START_EPOCH}" +"${DATE_FORMAT}")
|
||||||
stop_time=$(/bin/date -f "%s" -j "${STOP_EPOCH}" +"${DATE_FORMAT}")
|
stop_time=$(/bin/date -f "%s" -j "${STOP_EPOCH}" +"${DATE_FORMAT}")
|
||||||
else
|
else
|
||||||
start_time=$(/bin/date --date="@${START_EPOCH}" +"${DATE_FORMAT}")
|
start_time=$(/bin/date --date="@${START_EPOCH}" +"${DATE_FORMAT}")
|
||||||
stop_time=$(/bin/date --date="@${STOP_EPOCH}" +"${DATE_FORMAT}")
|
stop_time=$(/bin/date --date="@${STOP_EPOCH}" +"${DATE_FORMAT}")
|
||||||
fi
|
fi
|
||||||
duration=$(( STOP_EPOCH - START_EPOCH ))
|
duration=$(( STOP_EPOCH - START_EPOCH ))
|
||||||
|
|
||||||
log "STOP GLOBAL - start='${start_time}' stop='${stop_time}' duration=${duration}s"
|
log "STOP GLOBAL - start='${start_time}' stop='${stop_time}' duration=${duration}s"
|
||||||
|
|
||||||
tail -20 "${LOGFILE}" \
|
tail -20 "${LOGFILE}" | mail -s "[info] EvoBackup - Client ${HOSTNAME}" ${MAIL}
|
||||||
| mail -s "[info] EvoBackup - Client ${HOSTNAME}" ${MAIL}
|
}
|
||||||
|
|
||||||
|
# set all programs to C language (english)
|
||||||
|
export LC_ALL=C
|
||||||
|
|
||||||
|
# Error on unassigned variable
|
||||||
|
set -u
|
||||||
|
|
||||||
|
# Default return-code (0 == succes)
|
||||||
|
rc=0
|
||||||
|
|
||||||
|
# execute main funciton
|
||||||
|
main
|
||||||
|
|
||||||
|
exit ${rc}
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
---
|
---
|
||||||
|
# Info : old zzz_evobackup used sh, and since "sh" match "bash", we keep "sh" for regex commands
|
||||||
|
|
||||||
- name: "Copy zzz_evobackup script"
|
- name: "Copy zzz_evobackup script"
|
||||||
copy:
|
copy:
|
||||||
src: zzz_evobackup
|
src: zzz_evobackup
|
||||||
|
@ -22,7 +24,7 @@
|
||||||
- name: "Add evobackup cron (disabled)"
|
- name: "Add evobackup cron (disabled)"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/daily.local
|
path: /etc/daily.local
|
||||||
line: '#sh /usr/share/scripts/zzz_evobackup'
|
line: '#bash /usr/share/scripts/zzz_evobackup'
|
||||||
owner: root
|
owner: root
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
create: true
|
create: true
|
||||||
|
|
Loading…
Reference in a new issue