diff --git a/zzz_evobackup b/zzz_evobackup index d20c6d8..28324f1 100755 --- a/zzz_evobackup +++ b/zzz_evobackup @@ -31,6 +31,7 @@ SSH_CONNECT_TIMEOUT=${SSH_CONNECT_TIMEOUT:-30} ## We use /home/backup : feel free to use your own dir LOCAL_BACKUP_DIR="/home/backup" +SYSTEM_BACKUP_DIR="${LOCAL_BACKUP_DIR}/system" # You can set "linux" or "bsd" manually or let it choose automatically SYSTEM=$(uname | tr '[:upper:]' '[:lower:]') @@ -49,6 +50,8 @@ BEGINNING=$(/bin/date +"%d-%m-%Y ; %H:%M") # shellcheck disable=SC2174 mkdir -p -m 700 ${LOCAL_BACKUP_DIR} +# shellcheck disable=SC2174 +mkdir -p -m 700 ${SYSTEM_BACKUP_DIR} PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin @@ -148,47 +151,55 @@ if [ "${LOCAL_TASKS}" = "1" ]; then # --opt --all-databases --force --events --hex-blob | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz ## example with two dumps for each table (.sql/.txt) for all databases + # MYSQLDUMP_DIR=/home/mysqldump # for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \ # | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \ - # do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \ + # do mkdir -p -m 700 ${MYSQLDUMP_DIR}/$i ; chown -RL mysql ${MYSQLDUMP_DIR} ; \ # mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \ - # --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done + # --fields-enclosed-by='\"' --fields-terminated-by=',' -T ${MYSQLDUMP_DIR}/$i $i; done ## example with compressed SQL dump for each databases - # mkdir -p -m 700 /home/mysqldump/ + # MYSQLDUMP_DIR=/home/mysqldump + # mkdir -p -m 700 ${MYSQLDUMP_DIR} # for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \ # | egrep -v "^(Database|information_schema|performance_schema|sys)"); do - # mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > /home/mysqldump/${i}.sql.gz + # mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${MYSQLDUMP_DIR}/${i}.sql.gz # done ## example with *one* uncompressed SQL dump for *one* database (MYBASE) - # mkdir -p -m 700 /home/mysqldump/MYBASE - # chown -RL mysql /home/mysqldump/ + # MYSQLDUMP_DIR=/home/mysqldump + # mkdir -p -m 700 ${MYSQLDUMP_DIR}/MYBASE + # chown -RL mysql ${MYSQLDUMP_DIR}/ # mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \ - # --opt --events --hex-blob --skip-comments -T /home/mysqldump/MYBASE MYBASE + # --opt --events --hex-blob --skip-comments -T ${MYSQLDUMP_DIR}/MYBASE MYBASE ## example with mysqlhotcopy - # mkdir -p -m 700 /home/mysqlhotcopy/ - # mysqlhotcopy BASE /home/mysqlhotcopy/ + # MYSQLHOTCOPY_DIR=/home/mysqlhotcopy + # mkdir -p -m 700 ${MYSQLHOTCOPY_DIR} + # mysqlhotcopy BASE ${MYSQLHOTCOPY_DIR}/ ## example for multiples MySQL instances + # MYSQLDUMP_DIR=/home/mysqldump + # mkdir -p -m 700 ${MYSQLDUMP_DIR} # mysqladminpasswd=$(grep -m1 'password = .*' /root/.my.cnf|cut -d" " -f3) # grep -E "^port\s*=\s*\d*" /etc/mysql/my.cnf |while read instance; do # instance=$(echo "$instance"|awk '{ print $3 }') # if [ "$instance" != "3306" ] # then - # mysqldump -P $instance --opt --all-databases --hex-blob -u mysqladmin -p$mysqladminpasswd > ${LOCAL_BACKUP_DIR}/mysql.$instance.bak + # mysqldump -P $instance --opt --all-databases --hex-blob -u mysqladmin -p$mysqladminpasswd > ${MYSQLDUMP_DIR}/mysql.$instance.bak # fi # done ### PostgreSQL ## example with pg_dumpall (warning: you need space in ~postgres) + # PGDUMP_DIR=/home/pgdump + # mkdir -p -m 700 ${PGDUMP_DIR} # su - postgres -c "pg_dumpall > ~/pg.dump.bak" - # mv ~postgres/pg.dump.bak ${LOCAL_BACKUP_DIR}/ + # mv ~postgres/pg.dump.bak ${PGDUMP_DIR}/ ## another method with gzip directly piped # cd /var/lib/postgresql - # sudo -u postgres pg_dumpall | gzip > ${LOCAL_BACKUP_DIR}/pg.dump.bak.gz + # sudo -u postgres pg_dumpall | gzip > ${PGDUMP_DIR}/pg.dump.bak.gz # cd - > /dev/null ## example with all tables from MYBASE excepts TABLE1 and TABLE2 @@ -201,9 +212,10 @@ if [ "${LOCAL_TASKS}" = "1" ]; then ## don't forget to create use with read-only access ## > use admin ## > db.createUser( { user: "mongobackup", pwd: "PASS", roles: [ "backup", ] } ) - # test -d ${LOCAL_BACKUP_DIR}/mongodump/ && rm -rf ${LOCAL_BACKUP_DIR}/mongodump/ - # mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mongodump/ - # mongodump --quiet -u mongobackup -pPASS -o ${LOCAL_BACKUP_DIR}/mongodump/ + # MONGODUMP_DIR="${LOCAL_BACKUP_DIR}/mongodump" + # test -d ${MONGODUMP_DIR} && rm -rf ${MONGODUMP_DIR} + # mkdir -p -m 700 ${MONGODUMP_DIR} + # mongodump --quiet -u mongobackup -pPASS -o ${MONGODUMP_DIR}/ # if [ $? -ne 0 ]; then # echo "Error with mongodump!" # fi @@ -239,64 +251,64 @@ if [ "${LOCAL_TASKS}" = "1" ]; then #megacli -CfgSave -f ${LOCAL_BACKUP_DIR}/megacli_conf.dump -a0 >/dev/null ## Dump system and kernel versions - uname -a > ${LOCAL_BACKUP_DIR}/uname + uname -a > ${SYSTEM_BACKUP_DIR}/uname ## Dump network routes with mtr and traceroute (warning: could be long with aggressive firewalls) for addr in 8.8.8.8 www.evolix.fr travaux.evolix.net; do - mtr -r ${addr} > ${LOCAL_BACKUP_DIR}/mtr-${addr} - traceroute -n ${addr} > ${LOCAL_BACKUP_DIR}/traceroute-${addr} 2>&1 + mtr -r ${addr} > ${SYSTEM_BACKUP_DIR}/mtr-${addr} + traceroute -n ${addr} > ${SYSTEM_BACKUP_DIR}/traceroute-${addr} 2>&1 done ## Dump process with ps - ps auwwx >${LOCAL_BACKUP_DIR}/ps.out + ps auwwx >${SYSTEM_BACKUP_DIR}/ps.out if [ "${SYSTEM}" = "linux" ]; then ## Dump network connections with ss - ss -taupen > ${LOCAL_BACKUP_DIR}/netstat.out + ss -taupen > ${SYSTEM_BACKUP_DIR}/netstat.out ## List Debian packages - dpkg -l > ${LOCAL_BACKUP_DIR}/packages - dpkg --get-selections > ${LOCAL_BACKUP_DIR}/packages.getselections - apt-cache dumpavail > ${LOCAL_BACKUP_DIR}/packages.available + dpkg -l > ${SYSTEM_BACKUP_DIR}/packages + dpkg --get-selections > ${SYSTEM_BACKUP_DIR}/packages.getselections + apt-cache dumpavail > ${SYSTEM_BACKUP_DIR}/packages.available ## Dump MBR / table partitions disks=$(lsblk -l | grep disk | grep -v drbd | awk '{print $1}') for disk in ${disks}; do - dd if="/dev/${disk}" of="${LOCAL_BACKUP_DIR}/MBR-${disk}" bs=512 count=1 2>&1 | grep -Ev "(records in|records out|512 bytes)" - fdisk -l "/dev/${disk}" > "${LOCAL_BACKUP_DIR}/partitions-${disk}" + dd if="/dev/${disk}" of="${SYSTEM_BACKUP_DIR}/MBR-${disk}" bs=512 count=1 2>&1 | grep -Ev "(records in|records out|512 bytes)" + fdisk -l "/dev/${disk}" > "${SYSTEM_BACKUP_DIR}/partitions-${disk}" done - cat ${LOCAL_BACKUP_DIR}/partitions-* > ${LOCAL_BACKUP_DIR}/partitions + cat ${SYSTEM_BACKUP_DIR}/partitions-* > ${SYSTEM_BACKUP_DIR}/partitions ## Dump iptables if [ -x /sbin/iptables ]; then - { /sbin/iptables -L -n -v; /sbin/iptables -t filter -L -n -v; } > ${LOCAL_BACKUP_DIR}/iptables.txt + { /sbin/iptables -L -n -v; /sbin/iptables -t filter -L -n -v; } > ${SYSTEM_BACKUP_DIR}/iptables.txt fi ## Dump findmnt(8) output FINDMNT_BIN=$(command -v findmnt) if [ -x ${FINDMNT_BIN} ]; then - ${FINDMNT_BIN} > ${LOCAL_BACKUP_DIR}/findmnt.txt + ${FINDMNT_BIN} > ${SYSTEM_BACKUP_DIR}/findmnt.txt fi else ## Dump network connections with netstat - netstat -finet -atn > ${LOCAL_BACKUP_DIR}/netstat.out + netstat -finet -atn > ${SYSTEM_BACKUP_DIR}/netstat.out ## List OpenBSD packages - pkg_info -m > ${LOCAL_BACKUP_DIR}/packages + pkg_info -m > ${SYSTEM_BACKUP_DIR}/packages ## Dump MBR / table partitions - ##disklabel sd0 > ${LOCAL_BACKUP_DIR}/partitions + ##disklabel sd0 > ${SYSTEM_BACKUP_DIR}/partitions ## Dump pf infos - pfctl -sa |> ${LOCAL_BACKUP_DIR}/pfctl-sa.txt + pfctl -sa |> ${SYSTEM_BACKUP_DIR}/pfctl-sa.txt fi ## Dump rights - #getfacl -R /var > ${LOCAL_BACKUP_DIR}/rights-var.txt - #getfacl -R /etc > ${LOCAL_BACKUP_DIR}/rights-etc.txt - #getfacl -R /usr > ${LOCAL_BACKUP_DIR}/rights-usr.txt - #getfacl -R /home > ${LOCAL_BACKUP_DIR}/rights-home.txt + #getfacl -R /var > ${SYSTEM_BACKUP_DIR}/rights-var.txt + #getfacl -R /etc > ${SYSTEM_BACKUP_DIR}/rights-etc.txt + #getfacl -R /usr > ${SYSTEM_BACKUP_DIR}/rights-usr.txt + #getfacl -R /home > ${SYSTEM_BACKUP_DIR}/rights-home.txt fi @@ -344,39 +356,41 @@ if [ "${SYNC_TASKS}" = "1" ]; then rsync -avzh --stats --delete --delete-excluded --force --ignore-errors --partial \ --exclude "lost+found" \ --exclude ".nfs.*" \ - --exclude "/var/log" \ - --exclude "/var/log/evobackup*" \ - --exclude "/var/lib/mysql" \ - --exclude "/var/lib/postgres" \ - --exclude "/var/lib/postgresql" \ - --exclude "/var/lib/sympa" \ - --exclude "/var/lib/metche" \ - --exclude "/var/run" \ - --exclude "/var/lock" \ - --exclude "/var/state" \ + --exclude "dev" \ + --exclude "/usr/doc" \ + --exclude "/usr/obj" \ + --exclude "/usr/share/doc" \ + --exclude "/usr/src" \ --exclude "/var/apt" \ --exclude "/var/cache" \ - --exclude "/usr/src" \ - --exclude "/usr/doc" \ - --exclude "/usr/share/doc" \ - --exclude "/usr/obj" \ - --exclude "dev" \ - --exclude "/var/spool/postfix" \ --exclude "/var/lib/amavis/amavisd.sock" \ - --exclude "/var/lib/munin/*tmp*" \ - --exclude "/var/lib/php5" \ - --exclude "/var/spool/squid" \ - --exclude "/var/lib/elasticsearch" \ --exclude "/var/lib/amavis/tmp" \ --exclude "/var/lib/clamav/*.tmp" \ - --exclude "/home/mysqltmp" \ + --exclude "/var/lib/elasticsearch" \ + --exclude "/var/lib/metche" \ + --exclude "/var/lib/munin/*tmp*" \ + --exclude "/var/lib/mysql" \ + --exclude "/var/lib/php5" \ --exclude "/var/lib/php/sessions" \ + --exclude "/var/lib/postgres" \ + --exclude "/var/lib/postgresql" \ + --exclude "/var/lib/redis*" \ + --exclude "/var/lib/sympa" \ + --exclude "/var/lock" \ + --exclude "/var/log" \ + --exclude "/var/log/evobackup*" \ + --exclude "/var/run" \ + --exclude "/var/spool/postfix" \ + --exclude "/var/spool/squid" \ + --exclude "/var/state" \ + --exclude "/home/mysqltmp" \ ${rep} \ /etc \ /root \ /var \ /home \ /srv \ + ${SYSTEM_BACKUP_DIR} \ -e "${RSH_COMMAND}" \ "root@${SSH_SERVER}:/var/backup/" \ | tail -30 >> $LOGFILE