mirror of
https://github.com/deajan/obackup.git
synced 2024-12-04 12:43:42 +01:00
257 lines
12 KiB
Bash
257 lines
12 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
###### obackup - Local or Remote, push or pull backup script for files & mysql databases
|
|
###### (C) 2013-2019 by Orsiris de Jong (www.netpower.fr)
|
|
|
|
[GENERAL]
|
|
CONFIG_FILE_REVISION=2.1
|
|
|
|
## Backup identification string.
|
|
INSTANCE_ID="test-backup"
|
|
|
|
## Log file location. Leaving this empty will create log file at /var/log/obackup.INSTANCE_ID.log (or current directory if /var/log doesn't exist).
|
|
LOGFILE=""
|
|
|
|
## Elements to backup
|
|
SQL_BACKUP=true
|
|
FILE_BACKUP=true
|
|
|
|
## Backups can be done local, pulled from another server or pushed to a backup server. Available options are [local,pull,push].
|
|
## Pulled backups are the safest option, as the backup server contains the RSA key and cannot be compromised by another server.
|
|
BACKUP_TYPE=local
|
|
|
|
[BACKUP STORAGE]
|
|
|
|
## Storage paths of the backups (absolute paths of the local or remote system). Please use ${HOME} instead of ~ if needed.
|
|
SQL_STORAGE="/home/storage/backup/sql"
|
|
FILE_STORAGE="/home/storage/backup/files"
|
|
|
|
## Backup encryption using GPG and rsync.
|
|
## Push backups get encrypted locally in CRYPT_STORAGE before they are sent to the remote system
|
|
## Local and pull backups get encrypted after backup, in CRYPT_STORAGE
|
|
ENCRYPTION=false
|
|
|
|
## Backup encryption needs a temporary storage space in order to encrypt files before sending them (absolute paths of the local or remote system)
|
|
## In case of a pull backup, an encrypted copy of FILE_BACKUP goes here
|
|
CRYPT_STORAGE=/home/storage/backup/crpyt
|
|
|
|
## GPG recipient (pubkey for this recipient must exist, see gpg2 --list-keys or gpg --list-keys
|
|
GPG_RECIPIENT="John Doe"
|
|
|
|
## Use n CPUs for encryption / decryption where n is an integer. Defaults to 1
|
|
PARALLEL_ENCRYPTION_PROCESSES=
|
|
|
|
## Create backup directories if they do not exist
|
|
CREATE_DIRS=true
|
|
|
|
## Keep absolute source path in your backup, eg: /your/backup/storage/the/remote/server/files
|
|
## You should leave this enabled if you intend to use 'backup task division' functionality of oBackup, or everything will end up in the same directory.
|
|
KEEP_ABSOLUTE_PATHS=true
|
|
|
|
## Generate an alert if backup size is lower than given value in Kb (this can also help identifying empty mount dirs).
|
|
BACKUP_SIZE_MINIMUM=1024
|
|
|
|
## Check backup size before proceeding
|
|
GET_BACKUP_SIZE=true
|
|
|
|
## Generate an alert if storage free space is lower than given value in Kb.
|
|
## Keep in mind that disabling backup file size test will only test min space against SQL backup size.
|
|
SQL_WARN_MIN_SPACE=1048576
|
|
FILE_WARN_MIN_SPACE=1048576
|
|
|
|
[REMOTE_OPTIONS]
|
|
|
|
## In case of pulled or pushed backups, remote system URI needs to be supplied.
|
|
REMOTE_SYSTEM_URI="ssh://backupuser@remote.system.tld:22/"
|
|
|
|
## You can specify a RSA key (please use full path). If not defined, the default ~/.ssh/id_rsa will be used. See documentation for further information.
|
|
SSH_RSA_PRIVATE_KEY="${HOME}/.ssh/id_rsa"
|
|
|
|
## Alternatively, you may specify an SSH password file (less secure). Needs sshpass utility installed.
|
|
SSH_PASSWORD_FILE=""
|
|
|
|
## When using ssh filter, you must specify a remote token matching the one setup in authorized_keys
|
|
_REMOTE_TOKEN=SomeAlphaNumericToken9
|
|
|
|
## ssh compression should be used unless your remote connection is good enough (LAN)
|
|
SSH_COMPRESSION=true
|
|
|
|
## Ignore ssh known hosts verification. DANGER WILL ROBINSON DANGER: This can lead to security risks. Only enable if you know what you're doing.
|
|
## Works on Redhat / CentOS, doesn't work on Debian / Ubunutu
|
|
SSH_IGNORE_KNOWN_HOSTS=false
|
|
|
|
## Remote rsync executable path. Leave this empty in most cases
|
|
RSYNC_REMOTE_PATH=""
|
|
|
|
## Check for connectivity to remote host before launching remote backup tasks. Be sure the hosts responds to ping. Failing to ping will skip current task.
|
|
REMOTE_HOST_PING=true
|
|
|
|
## Check for internet access by pinging one or more 3rd party hosts before remote backup tasks. Leave empty if you don't want this check to be be performed. Failing to ping will skip current task.
|
|
REMOTE_3RD_PARTY_HOSTS="www.kernel.org www.google.com"
|
|
|
|
## If enabled, commands will be executed as superuser on remote side. See documentation for /etc/sudoers configuration ("find", "du", "tee" and "rsync" need to be allowed). Requiretty needs to be disabled.
|
|
SUDO_EXEC=false
|
|
|
|
[DATABASE BACKUP SETTINGS]
|
|
|
|
## Database backup user (should be the same you are running obackup with)
|
|
SQL_USER=root
|
|
|
|
## Enabling the following option will save all databases on local or remote given SQL instance except the ones specified in the exclude list.
|
|
## Every found database will be backed up as separate backup task.
|
|
DATABASES_ALL=true
|
|
DATABASES_ALL_EXCLUDE_LIST="test;mysql"
|
|
DATABASES_LIST=""
|
|
|
|
## Alternatively, if DATABASES_ALL=false, you can specify a list of databases to backup separated by semi-colons.
|
|
#DATABASES_LIST="somedatabase"
|
|
|
|
## Max backup execution time per Database task. Soft max exec time generates a warning only. Hard max exec time generates a warning and stops current backup task.
|
|
## If a task gets stopped, next one in the task list gets executed. Time is specified in seconds.
|
|
SOFT_MAX_EXEC_TIME_DB_TASK=3600
|
|
HARD_MAX_EXEC_TIME_DB_TASK=7200
|
|
|
|
## mysqldump options (ex: --extended-insert, --single-transaction, --quick...). See MySQL / MariaDB manual
|
|
## default option: --opt
|
|
MYSQLDUMP_OPTIONS="--opt --single-transaction"
|
|
|
|
## Preferred SQL dump compression. Compression methods can be xz, lzma, pigz or gzip (will fallback from xz to gzip depending if available)
|
|
## Generally, level 5 is a good compromise between cpu, memory hunger and compress ratio. Gzipped files are set to be rsyncable.
|
|
## If you use encryption, compression will only bring small benefits as GPG already has pretty good compression included
|
|
COMPRESSION_LEVEL=3
|
|
|
|
[FILE BACKUP SETTINGS]
|
|
|
|
## File backups are divided in tasks. Every directory in DIRECTORY_LIST will be processed as a unique task.
|
|
## Every subdirectory of each directory in RECURSIVE_DIRECTORY_LIST will be processed as a unique task.
|
|
## Example: RECURSIVE_DIRECTORY_LIST="/home;/var" will create backup tasks tasks "/home/dir1, "/home/dir2", ... "/home/dirN", "/var/log", "/var/lib"... "/var/something".
|
|
## You can exclude directories from the avove backup task creation, ex: avoid backing up "/home/dir2" by adding it to RECURSIVE_EXCLUDE_LIST.
|
|
## Note that since we recurse only by one level, excluding /home/dir2/somedir won't have any effect.
|
|
## Please use ${HOME} instead of ~ if needed.
|
|
|
|
## Directories backup list. List of semicolon separated directories that will be backed up.
|
|
DIRECTORY_LIST="/var/named"
|
|
RECURSIVE_DIRECTORY_LIST="/home"
|
|
RECURSIVE_EXCLUDE_LIST="/home/backupuser;/home/lost+found"
|
|
|
|
## Rsync exclude / include order (the option set here will be set first, eg: include will make include then exclude patterns)
|
|
RSYNC_PATTERN_FIRST=include
|
|
|
|
## List of files / directories to incldue / exclude from sync on both sides (see rsync patterns, wildcards work).
|
|
## Paths are relative to sync dirs. List elements are separated by a semicolon. Specifying "cache" will remove every found cache subdirectory.
|
|
RSYNC_INCLUDE_PATTERN=""
|
|
RSYNC_EXCLUDE_PATTERN=""
|
|
#RSYNC_EXCLUDE_PATTERN="tmp;archives;cache"
|
|
|
|
## Files that contains lists of files / directories to include / exclude from sync on both sides. Leave this empty if you don't want to use an exclusion file.
|
|
## This file has to be in the same directory as the config file
|
|
## Paths are relative to sync dirs. One element per line.
|
|
RSYNC_INCLUDE_FROM=""
|
|
RSYNC_EXCLUDE_FROM=""
|
|
#RSYNC_EXCLUDE_FROM="exclude.list"
|
|
|
|
## List separator char. You may set an alternative separator char for your directories lists above.
|
|
PATH_SEPARATOR_CHAR=";"
|
|
|
|
## Optional arguments passed to rsync executable. The following are already managed by the program and shoul never be passed here
|
|
## -rltD -n -P -o -g --executability -A -X -zz -L -K -H -8 -u -i --stats --checksum --bwlimit --partial --partial-dir --exclude --exclude-from --include--from --no-whole-file --whole-file --list-only
|
|
## When dealing with different filesystems for sync, or using SMB mountpoints, try adding --modify-window=2 --omit-dir-times as optional arguments
|
|
RSYNC_OPTIONAL_ARGS=""
|
|
|
|
## Preserve basic linux permissions
|
|
PRESERVE_PERMISSIONS=true
|
|
PRESERVE_OWNER=true
|
|
PRESERVE_GROUP=true
|
|
## On MACOS X, does not work and will be ignored
|
|
PRESERVE_EXECUTABILITY=true
|
|
|
|
## Preserve ACLS. Make sure source and target FS can hold same ACLs or you'll get loads of errors.
|
|
PRESERVE_ACL=false
|
|
## Preserve Xattr. MAke sure source and target FS can hold same Xattr or you'll get loads of errors.
|
|
PRESERVE_XATTR=false
|
|
|
|
## Transforms symlinks into referent files/dirs
|
|
COPY_SYMLINKS=true
|
|
## Treat symlinked dirs as dirs. CAUTION: This also follows symlinks outside of the replica root.
|
|
KEEP_DIRLINKS=true
|
|
## Preserve hard links. Make sure source and target FS can manage hard links or you will lose them.
|
|
PRESERVE_HARDLINKS=false
|
|
|
|
|
|
## Let RSYNC compress file transfers. Do not use this on local-local backup schemes. Also, this is not useful if SSH compression is enabled.
|
|
RSYNC_COMPRESS=false
|
|
|
|
## Max execution time per file backup task. Soft is warning only. Hard is warning, stopping backup and processing next one one file list. Tilme is specified in seconds
|
|
SOFT_MAX_EXEC_TIME_FILE_TASK=3600
|
|
HARD_MAX_EXEC_TIME_FILE_TASK=7200
|
|
|
|
## Keep partial uploads that can be resumed on next run, experimental feature
|
|
PARTIAL=false
|
|
|
|
## Delete files on destination that vanished from source. Do not turn this on unless you enabled backup rotation or a snapshotting FS like zfs to keep those vanished files on the destination.
|
|
DELETE_VANISHED_FILES=false
|
|
|
|
## Use delta copy algortithm (usefull when local paths are network drives), defaults to true
|
|
DELTA_COPIES=true
|
|
|
|
## Bandwidth limit Kbytes / second for file backups. Leave 0 to disable limitation.
|
|
BANDWIDTH=0
|
|
|
|
## Paranoia option. Don't change this unless you read the documentation.
|
|
RSYNC_EXECUTABLE=rsync
|
|
|
|
[ALERT_OPTIONS]
|
|
|
|
## Alert email addresses separated by a space character
|
|
DESTINATION_MAILS="your@mail.address"
|
|
|
|
## Optional change of mail body encoding (using iconv)
|
|
## By default, all mails are sent in UTF-8 format without header (because of maximum compatibility of all platforms)
|
|
## You may specify an optional encoding here (like "ISO-8859-1" or whatever iconv can handle)
|
|
MAIL_BODY_CHARSET=""
|
|
|
|
## Environment specific mail options (used with busybox sendemail, mailsend.exe from muquit, http://github.com/muquit/mailsend or sendemail.exe from Brandon Zehm, http://caspian.dotconf.net/menu/Software/SendEmail)
|
|
SENDER_MAIL="alert@your.system.tld"
|
|
SMTP_SERVER=smtp.your.isp.tld
|
|
SMTP_PORT=25
|
|
# encryption can be tls, ssl or none
|
|
SMTP_ENCRYPTION=none
|
|
SMTP_USER=
|
|
SMTP_PASSWORD=
|
|
|
|
[BACKUP SETTINGS]
|
|
|
|
## Max execution time of whole backup process. Soft max exec time generates a warning only.
|
|
## Hard max exec time generates a warning and stops the whole backup execution.
|
|
SOFT_MAX_EXEC_TIME_TOTAL=30000
|
|
HARD_MAX_EXEC_TIME_TOTAL=36000
|
|
|
|
## Log a message every KEEP_LOGGING seconds just to know the task is still alive
|
|
KEEP_LOGGING=1801
|
|
|
|
## Backup Rotation. You may rotate backups if you don't use snapshots on your backup server.
|
|
ROTATE_SQL_BACKUPS=false
|
|
ROTATE_SQL_COPIES=7
|
|
ROTATE_FILE_BACKUPS=false
|
|
ROTATE_FILE_COPIES=7
|
|
|
|
[EXECUTION_HOOKS]
|
|
|
|
## Commands can will be run before and / or after backup execution (remote execution will only happen if REMOTE_BACKUP is set).
|
|
## This is useful to make a snapshot before backing up data, or even handle snapshots of backed up data.
|
|
LOCAL_RUN_BEFORE_CMD=""
|
|
LOCAL_RUN_AFTER_CMD=""
|
|
|
|
REMOTE_RUN_BEFORE_CMD=""
|
|
REMOTE_RUN_AFTER_CMD=""
|
|
|
|
## Max execution time of commands before they get force killed. Leave 0 if you don't want this to happen. Time is specified in seconds.
|
|
MAX_EXEC_TIME_PER_CMD_BEFORE=0
|
|
MAX_EXEC_TIME_PER_CMD_AFTER=0
|
|
|
|
## Stops whole backup execution if one of the above commands fail
|
|
STOP_ON_CMD_ERROR=false
|
|
|
|
## Run local and remote after backup cmd's even on failure
|
|
RUN_AFTER_CMD_ON_ERROR=false
|