2016-05-25 19:56:08 +02:00
#!/usr/bin/env bash
###### obackup - Local or Remote, push or pull backup script for files & mysql databases
###### (C) 2013-2016 by Orsiris de Jong (www.netpower.fr)
2017-01-02 13:12:56 +01:00
###### obackup v2.1x config file rev 2017010201
2013-06-14 22:27:11 +02:00
2015-11-12 01:26:38 +01:00
###### GENERAL BACKUP OPTIONS
2013-06-14 22:27:11 +02:00
2015-11-12 01:26:38 +01:00
## Backup identification string.
INSTANCE_ID="test-backup"
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
## Log file location. Leaving this empty will create log file at /var/log/obackup.INSTANCE_ID.log (or current directory if /var/log doesn't exist).
2013-08-18 11:58:55 +02:00
LOGFILE=""
2015-11-12 01:26:38 +01:00
## Elements to backup
SQL_BACKUP=yes
FILE_BACKUP=yes
## Backups can be done local, pulled from another server or pushed to a backup server. Available options are [local,pull,push].
## Pulled backups are the safest option, as the backup server contains the RSA key and cannot be compromised by another server.
BACKUP_TYPE=local
###### BACKUP STORAGE
2013-06-14 22:27:11 +02:00
2016-08-30 18:24:02 +02:00
## Storage paths of the backups (absolute paths of the local or remote system). Please use ${HOME} instead of ~ if needed.
2015-11-12 01:26:38 +01:00
SQL_STORAGE="/home/storage/backup/sql"
FILE_STORAGE="/home/storage/backup/files"
2013-11-02 18:55:17 +01:00
2016-08-30 18:24:02 +02:00
## Backup encryption using GPG and rsync.
2016-12-28 22:20:30 +01:00
## Push backups get encrypted locally in CRYPT_STORAGE before they are sent to the remote system
## Local and pull backups get encrypted after backup, in CRYPT_STORAGE
2015-11-12 01:26:38 +01:00
ENCRYPTION=no
2013-11-02 18:55:17 +01:00
2016-08-30 18:24:02 +02:00
## Backup encryption needs a temporary storage space in order to encrypt files before sending them (absolute paths of the local or remote system)
2016-10-23 17:54:41 +02:00
## In case of a pull backup, an encrypted copy of FILE_BACKUP goes here
2016-09-01 16:07:20 +02:00
CRYPT_STORAGE=/home/storage/backup/crpyt
2016-08-30 18:24:02 +02:00
2016-09-01 16:07:20 +02:00
## GPG recipient (pubkey for this recipient must exist, see gpg2 --list-keys or gpg --list-keys
2016-10-23 17:54:41 +02:00
GPG_RECIPIENT="John Doe"
2016-08-30 18:24:02 +02:00
2017-01-02 13:12:56 +01:00
## Use n CPUs for encryption / decryption where n is an integer
PARALLEL_ENCRYPTION_PROCESSES=
2013-11-02 18:55:17 +01:00
## Create backup directories if they do not exist
CREATE_DIRS=yes
## Keep absolute source path in your backup, eg: /your/backup/storage/the/remote/server/files
2015-11-12 01:26:38 +01:00
## You should leave this enabled if you intend to use 'backup task division' functionality of oBackup, or everything will end up in the same directory.
KEEP_ABSOLUTE_PATHS=yes
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
## Generate an alert if backup size is lower than given value in Kb (this can also help identifying empty mount dirs).
2013-06-14 22:27:11 +02:00
BACKUP_SIZE_MINIMUM=1024
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
## Check backup size before proceeding
GET_BACKUP_SIZE=yes
2013-06-14 22:27:11 +02:00
2015-11-12 01:26:38 +01:00
## Generate an alert if storage free space is lower than given value in Kb.
## Keep in mind that disabling backup file size test will only test min space against SQL backup size.
SQL_WARN_MIN_SPACE=1048576
FILE_WARN_MIN_SPACE=1048576
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
###### REMOTE ONLY OPTIONS
2013-06-14 22:27:11 +02:00
2015-11-12 01:26:38 +01:00
## In case of pulled or pushed backups, remote system URI needs to be supplied.
2015-11-15 14:50:41 +01:00
REMOTE_SYSTEM_URI="ssh://backupuser@remote.system.tld:22/"
2015-11-12 01:26:38 +01:00
## You can specify a RSA key (please use full path). If not defined, the default ~/.ssh/id_rsa will be used. See documentation for further information.
2016-08-31 11:25:09 +02:00
SSH_RSA_PRIVATE_KEY="${HOME}/.ssh/id_rsa"
2013-11-02 18:55:17 +01:00
2016-10-23 17:54:41 +02:00
## Alternatively, you may specify an SSH password file (less secure). Needs sshpass utility installed.
SSH_PASSWORD_FILE=""
2013-06-14 22:27:11 +02:00
## ssh compression should be used unless your remote connection is good enough (LAN)
SSH_COMPRESSION=yes
2015-11-12 01:26:38 +01:00
2016-03-25 20:07:27 +01:00
## Ignore ssh known hosts verification. DANGER WILL ROBINSON DANGER: This can lead to security risks. Only enable if you know what you're doing.
2016-10-23 17:54:41 +02:00
## Works on Redhat / CentOS, doesn't work on Debian / Ubunutu
2016-03-25 20:07:27 +01:00
SSH_IGNORE_KNOWN_HOSTS=no
2013-11-02 18:55:17 +01:00
## Remote rsync executable path. Leave this empty in most cases
2014-03-23 17:46:08 +01:00
RSYNC_REMOTE_PATH=""
2013-11-02 18:55:17 +01:00
2013-06-14 22:27:11 +02:00
## Check for connectivity to remote host before launching remote backup tasks. Be sure the hosts responds to ping. Failing to ping will skip current task.
REMOTE_HOST_PING=yes
2015-11-12 01:26:38 +01:00
2013-06-14 22:27:11 +02:00
## Check for internet access by pinging one or more 3rd party hosts before remote backup tasks. Leave empty if you don't want this check to be be performed. Failing to ping will skip current task.
2013-08-24 19:41:18 +02:00
REMOTE_3RD_PARTY_HOSTS="www.kernel.org www.google.com"
2013-06-14 22:27:11 +02:00
2015-11-18 13:31:02 +01:00
## If enabled, commands will be executed as superuser on remote side. See documentation for /etc/sudoers configuration ("find", "du", "tee" and "rsync" need to be allowed). Requiretty needs to be disabled.
2016-03-11 12:04:18 +01:00
SUDO_EXEC=no
2015-11-18 13:31:02 +01:00
2015-11-12 01:26:38 +01:00
###### DATABASE SPECIFIC OPTIONS
2013-11-02 18:55:17 +01:00
2016-08-30 18:24:02 +02:00
## Database backup user (should be the same you are running obackup with)
SQL_USER=root
2013-11-02 18:55:17 +01:00
2015-02-12 11:46:54 +01:00
## Enabling the following option will save all databases on local or remote given SQL instance except the ones specified in the exclude list.
2013-11-02 18:55:17 +01:00
## Every found database will be backed up as separate backup task.
2013-06-14 22:27:11 +02:00
DATABASES_ALL=yes
2016-08-30 18:24:02 +02:00
DATABASES_ALL_EXCLUDE_LIST="test;mysql"
2017-01-02 12:00:24 +01:00
## Alternatively, if DATABASES_ALL=no, you can specify a list of databases to backup separated by semi-colons.
2015-11-12 01:26:38 +01:00
#DATABASES_LIST="somedatabase"
2013-11-02 18:55:17 +01:00
2015-02-12 11:46:54 +01:00
## Max backup execution time per Database task. Soft max exec time generates a warning only. Hard max exec time generates a warning and stops current backup task.
2013-11-02 18:55:17 +01:00
## If a task gets stopped, next one in the task list gets executed. Time is specified in seconds.
2013-06-14 22:27:11 +02:00
SOFT_MAX_EXEC_TIME_DB_TASK=3600
HARD_MAX_EXEC_TIME_DB_TASK=7200
2013-11-02 18:55:17 +01:00
2016-08-31 11:15:12 +02:00
## mysqldump options (ex: --extended-insert, --single-transaction, --quick...). See MySQL / MariaDB manual
## default option: --opt
MYSQLDUMP_OPTIONS="--opt --single-transaction"
2014-11-24 10:28:23 +01:00
## Preferred SQL dump compression. Compression methods can be xz, lzma, pigz or gzip (will fallback from xz to gzip depending if available)
## Generally, level 5 is a good compromise between cpu, memory hunger and compress ratio. Gzipped files are set to be rsyncable.
2016-09-01 16:07:20 +02:00
## If you use encryption, compression will only bring small benefits as GPG already has pretty good compression included
2013-06-14 22:27:11 +02:00
COMPRESSION_LEVEL=3
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
###### FILES SPECIFIC OPTIONS
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
## File backups are divided in tasks. Every directory in DIRECTORY_LIST will be processed as a unique task.
## Every subdirectory of each directory in RECURSIVE_DIRECTORY_LIST will be processed as a unique task.
## Example: RECURSIVE_DIRECTORY_LIST="/home;/var" will create backup tasks tasks "/home/dir1, "/home/dir2", ... "/home/dirN", "/var/log", "/var/lib"... "/var/something".
## You can exclude directories from the avove backup task creation, ex: avoid backing up "/home/dir2" by adding it to RECURSIVE_EXCLUDE_LIST.
2016-08-30 18:24:02 +02:00
## Please use ${HOME} instead of ~ if needed.
2013-11-02 18:55:17 +01:00
2015-11-12 01:26:38 +01:00
## Directories backup list. List of semicolon separated directories that will be backed up.
DIRECTORY_LIST="/var/named"
RECURSIVE_DIRECTORY_LIST="/home"
RECURSIVE_EXCLUDE_LIST="/home/backupuser;/home/lost+found"
2013-11-02 18:55:17 +01:00
2015-11-28 12:48:19 +01:00
## Rsync exclude / include order (the option set here will be set first, eg: include will make include then exclude patterns)
RSYNC_PATTERN_FIRST=include
2013-11-02 18:55:17 +01:00
2015-11-28 12:48:19 +01:00
## List of files / directories to incldue / exclude from sync on both sides (see rsync patterns, wildcards work).
## Paths are relative to sync dirs. List elements are separated by a semicolon.
RSYNC_INCLUDE_PATTERN=""
RSYNC_EXCLUDE_PATTERN=""
#RSYNC_EXCLUDE_PATTERN="tmp;archives"
## Files that contains lists of files / directories to include / exclude from sync on both sides. Leave this empty if you don't want to use an exclusion file.
2014-11-24 10:28:23 +01:00
## This file has to be in the same directory as the config file
## Paths are relative to sync dirs. One element per line.
2015-11-28 12:48:19 +01:00
RSYNC_INCLUDE_FROM=""
RSYNC_EXCLUDE_FROM=""
2014-11-24 10:28:23 +01:00
#RSYNC_EXCLUDE_FROM="exclude.list"
2015-02-12 11:46:54 +01:00
## List separator char. You may set an alternative separator char for your directories lists above.
2013-11-02 18:55:17 +01:00
PATH_SEPARATOR_CHAR=";"
2016-12-19 23:15:42 +01:00
## Optional arguments passed to rsync executable. The following are already managed by the program and shoul never be passed here
## -rltD -n -P -o -g --executability -A -X -zz -L -K -H -8 -u -i --stats --checksum --bwlimit --partial --partial-dir --exclude --exclude-from --include--from --no-whole-file --whole-file --list-only
RSYNC_OPTIONAL_ARGS=""
2016-08-17 17:21:32 +02:00
## Preserve basic linux permissions
PRESERVE_PERMISSIONS=yes
PRESERVE_OWNER=yes
PRESERVE_GROUP=yes
## On MACOS X, does not work and will be ignored
PRESERVE_EXECUTABILITY=yes
2013-11-02 18:55:17 +01:00
## Preserve ACLS. Make sure source and target FS can hold same ACLs or you'll get loads of errors.
2013-08-04 16:16:27 +02:00
PRESERVE_ACL=no
2013-11-02 18:55:17 +01:00
## Preserve Xattr. MAke sure source and target FS can hold same Xattr or you'll get loads of errors.
2013-08-04 16:16:27 +02:00
PRESERVE_XATTR=no
2013-11-02 18:55:17 +01:00
2014-11-27 15:35:56 +01:00
## Transforms symlinks into referent files/dirs
COPY_SYMLINKS=yes
## Treat symlinked dirs as dirs. CAUTION: This also follows symlinks outside of the replica root.
KEEP_DIRLINKS=yes
## Preserve hard links. Make sure source and target FS can manage hard links or you will lose them.
PRESERVE_HARDLINKS=no
2015-02-12 11:46:54 +01:00
## Let RSYNC compress file transfers. Do not use this on local-local backup schemes. Also, this is not useful if SSH compression is enabled.
2013-11-02 18:55:17 +01:00
RSYNC_COMPRESS=no
2013-06-14 22:27:11 +02:00
## Max execution time per file backup task. Soft is warning only. Hard is warning, stopping backup and processing next one one file list. Tilme is specified in seconds
SOFT_MAX_EXEC_TIME_FILE_TASK=3600
HARD_MAX_EXEC_TIME_FILE_TASK=7200
2015-02-12 11:46:54 +01:00
## Keep partial uploads that can be resumed on next run, experimental feature
2014-11-27 15:35:56 +01:00
PARTIAL=no
2015-01-08 17:16:57 +01:00
## Delete files on destination that vanished from source. Do not turn this on unless you enabled backup rotation or a snapshotting FS like zfs to keep those vanished files on the destination.
2015-01-08 18:52:19 +01:00
DELETE_VANISHED_FILES=no
2015-01-08 17:16:57 +01:00
2015-04-24 22:34:38 +02:00
## Use delta copy algortithm (usefull when local paths are network drives), defaults to yes
DELTA_COPIES=yes
2015-11-12 01:26:38 +01:00
## Bandwidth limit Kbytes / second for file backups. Leave 0 to disable limitation.
BANDWIDTH=0
## Paranoia option. Don't change this unless you read the documentation.
RSYNC_EXECUTABLE=rsync
###### ALERT OPTIONS
2013-11-02 18:55:17 +01:00
2015-02-12 11:46:54 +01:00
## Alert email addresses separated by a space character
2013-06-16 11:28:00 +02:00
DESTINATION_MAILS="your@mail.address"
2013-06-14 22:27:11 +02:00
2016-10-23 17:54:41 +02:00
## Environment specific mail options (used with busybox sendemail, mailsend.exe from muquit, http://github.com/muquit/mailsend or sendemail.exe from Brandon Zehm, http://caspian.dotconf.net/menu/Software/SendEmail)
2016-05-25 19:56:08 +02:00
SENDER_MAIL="alert@your.system.tld"
SMTP_SERVER=smtp.your.isp.tld
SMTP_PORT=25
# encryption can be tls, ssl or none
SMTP_ENCRYPTION=none
2013-09-22 12:04:09 +02:00
SMTP_USER=
SMTP_PASSWORD=
2015-11-12 01:26:38 +01:00
###### GENERAL BACKUP OPTIONS
2013-11-02 18:55:17 +01:00
## Max execution time of whole backup process. Soft max exec time generates a warning only.
## Hard max exec time generates a warning and stops the whole backup execution.
2013-06-14 22:27:11 +02:00
SOFT_MAX_EXEC_TIME_TOTAL=30000
HARD_MAX_EXEC_TIME_TOTAL=36000
2016-08-16 21:13:37 +02:00
## Log a message every KEEP_LOGGING seconds just to know the task is still alive
KEEP_LOGGING=1801
2013-11-02 18:55:17 +01:00
## Backup Rotation. You may rotate backups if you don't use snapshots on your backup server.
2015-11-12 01:26:38 +01:00
ROTATE_SQL_BACKUPS=no
2015-11-16 12:52:15 +01:00
ROTATE_SQL_COPIES=7
2015-11-12 01:26:38 +01:00
ROTATE_FILE_BACKUPS=no
2015-11-16 12:52:15 +01:00
ROTATE_FILE_COPIES=7
2013-06-16 11:28:00 +02:00
2015-11-12 01:26:38 +01:00
###### EXECUTION HOOKS
2013-11-02 18:55:17 +01:00
## Commands can will be run before and / or after backup execution (remote execution will only happen if REMOTE_BACKUP is set).
2015-02-12 11:46:54 +01:00
## This is useful to make a snapshot before backing up data, or even handle snapshots of backed up data.
2013-06-16 13:54:20 +02:00
LOCAL_RUN_BEFORE_CMD=""
LOCAL_RUN_AFTER_CMD=""
2013-06-16 11:28:00 +02:00
REMOTE_RUN_BEFORE_CMD=""
REMOTE_RUN_AFTER_CMD=""
2015-02-12 11:46:54 +01:00
## Max execution time of commands before they get force killed. Leave 0 if you don't want this to happen. Time is specified in seconds.
2013-06-16 13:11:30 +02:00
MAX_EXEC_TIME_PER_CMD_BEFORE=0
MAX_EXEC_TIME_PER_CMD_AFTER=0
2013-06-16 11:28:00 +02:00
2013-11-02 18:55:17 +01:00
## Stops whole backup execution if one of the above commands fail
2013-09-11 16:21:22 +02:00
STOP_ON_CMD_ERROR=no
2016-04-06 20:47:04 +02:00
## Run local and remote after backup cmd's even on failure
RUN_AFTER_CMD_ON_ERROR=no