Add backup scripts

2024-03-30 15:12:05 +01:00 · 2024-03-30 15:12:05 +01:00 · d851805534
parent d3c0b3d9f9
commit d851805534
3 changed files with 213 additions and 3 deletions
--- a/scripts/backup.sh
+++ b/scripts/backup.sh
@ -0,0 +1,189 @@
+#!/bin/bash
+
+##########################################
+#  Tokens                                #
+##########################################
+
+set -o pipefail
+source "$XDG_CONFIG_HOME"/zsh/secrets.sh
+export XDG_RUNTIME_DIR=/run/user/1000
+
+##########################################
+# Create sqlite3 backup for Vaultwarden  #
+##########################################
+
+rm /home/server/Containers/pw.thomasave.be/data/backup.sqlite3 /home/server/Containers/robbertave.com/data/backup.sqlite3
+sqlite3 /home/server/Containers/pw.thomasave.be/data/db.sqlite3 "VACUUM INTO '/home/server/Containers/pw.thomasave.be/data/backup.sqlite3'"
+sqlite3 /home/server/Containers/robbertave.com/data/database.sqlite "VACUUM INTO '/home/server/Containers/robbertave.com/data/backup.sqlite3'"
+
+##########################################
+# Unlock the Vault                       #
+##########################################
+
+echo "$ZFS_PASSPHRASE" | ssh vault /home/server/Storage/Thomas/Scripts/Mount/borg_unlock.sh
+
+##########################################
+# Run the backups                        #
+##########################################
+
+echo -e '\n\n\n'
+echo "Running Caddy Backups"
+borg create -s --progress \
+    --exclude /home/server/Containers/Caddy/Data\
+    10.4.0.1:Storage/Thomas/Borg/Containers/caddy::'{hostname}-{now}' \
+    /home/server/Containers/Caddy\
+
+echo -e '\n\n\n'
+echo "Running git.thomasave.be Backups"
+borg create -s --progress \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/sessions \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/jwt \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/ssh \
+    10.4.0.1:Storage/Thomas/Borg/Containers/git.thomasave.be::'{hostname}-{now}' \
+    /home/server/Containers/git.thomasave.be
+
+echo -e '\n\n\n'
+echo "Running pw.thomasave.be Backups"
+borg create -s --progress \
+    --exclude /home/server/Containers/pw.thomasave.be/data/icon_cache \
+    --exclude /home/server/Containers/pw.thomasave.be/data/sends \
+    10.4.0.1:Storage/Thomas/Borg/Containers/pw.thomasave.be::'{hostname}-{now}' \
+    /home/server/Containers/pw.thomasave.be
+
+echo -e '\n\n\n'
+echo "Running stats.thomasave.be Backups"
+borg create -s --progress \
+    --exclude /home/server/Containers/stats.thomasave.be/logs \
+    10.4.0.1:Storage/Thomas/Borg/Containers/stats.thomasave.be::'{hostname}-{now}' \
+    /home/server/Containers/stats.thomasave.be
+
+echo -e '\n\n\n'
+echo "Running robbertave.com Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Containers/robbertave.com::'{hostname}-{now}' \
+    /home/server/Containers/robbertave.com
+
+echo -e '\n\n\n'
+echo "Running DNS Backups"
+borg create -s --progress \
+    --exclude /home/server/Containers/adguard.thomasave.be/work \
+    10.4.0.1:Storage/Thomas/Borg/Adguard::'{hostname}-{now}' \
+    /home/server/Containers/adguard.thomasave.be
+
+echo -e '\n\n\n'
+echo "Running Workspace Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Workspace::'{hostname}-{now}' \
+    /home/server/Workspace/
+borg prune --keep-daily 7 --keep-weekly 4 --keep-monthly -1 --save-space 10.4.0.1:Storage/Thomas/Borg/Workspace
+borg compact 10.4.0.1:Storage/Thomas/Borg/Workspace
+
+echo -e '\n\n\n'
+echo "Running photos.thomasave.be Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Containers/photos.thomasave.be::'{hostname}-{now}' \
+    /home/server/Containers/photos.thomasave.be
+borg prune --keep-daily 7 --keep-weekly 4 --keep-monthly -1 --save-space 10.4.0.1:Storage/Thomas/Borg/Containers/photos.thomasave.be
+borg compact 10.4.0.1:Storage/Thomas/Borg/Containers/photos.thomasave.be
+
+
+echo -e '\n\n\n'
+echo "Running Authentik Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Containers/auth.thomasave.be::'{now:%Y-%m-%d}' \
+    /home/server/Containers/auth.thomasave.be
+
+
+echo -e '\n\n\n'
+echo "Running Yolande Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Yolande::'{hostname}-{now}' \
+    /home/server/Storage/Yolande
+borg prune --keep-daily 7 --keep-weekly 4 --keep-monthly -1 --save-space 10.4.0.1:Storage/Thomas/Borg/Yolande
+borg compact 10.4.0.1:Storage/Thomas/Borg/Yolande
+
+
+echo -e '\n\n\n'
+echo "Running Thomas Backups"
+borg create -s --progress \
+    10.4.0.1:Storage/Thomas/Borg/Thomas::'{hostname}-{now}' \
+    /home/server/Storage/Thomas/Documents \
+    /home/server/Storage/Thomas/Pictures \
+    /home/server/Storage/Thomas/Videos \
+    /home/server/Storage/Thomas/Crypt
+borg prune --keep-daily 7 --keep-weekly 4 --keep-monthly -1 --save-space 10.4.0.1:Storage/Thomas/Borg/Thomas
+borg compact 10.4.0.1:Storage/Thomas/Borg/Thomas
+
+
+echo -e '\n\n\n'
+echo "Running Niels Backups"
+borg create -s --progress \
+    --exclude /home/server/Storage/Niels/Backups \
+    10.4.0.1:Storage/Thomas/Borg/Niels::'{now:%Y-%m-%d}' \
+    /home/server/Storage/Niels/
+borg prune --keep-daily 7 --keep-weekly 4 --keep-monthly 12 --save-space 10.4.0.1:Storage/Thomas/Borg/Niels
+borg compact 10.4.0.1:Storage/Thomas/Borg/Niels
+
+
+# echo -e '\n\n\n'
+# echo "Running Experiment Backups"
+# borg create -s --progress \
+#     10.4.0.1:Storage/Thomas/Borg/Containers/exp.thomasave.be::'{hostname}-{now}' \
+#     /home/server/Workspace/Experiments/Backend/data/
+
+##########################################
+#  Perpare Cloud Backup                  #
+##########################################
+
+echo -e '\n\n\n'
+echo "Peparing cloud backup"
+
+borg create -s --progress \
+    --exclude /home/server/Containers/pw.thomasave.be/data/icon_cache \
+    --exclude /home/server/Containers/pw.thomasave.be/data/sends \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/sessions \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/ssh \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/jwt \
+    --exclude /home/server/Containers/Caddy/Data\
+    10.4.0.1:Storage/Thomas/Borg/Cloud::'{hostname}-{now}' \
+    /home/server/Containers/pw.thomasave.be\
+    /home/server/Containers/robbertave.com\
+    /home/server/Containers/auth.thomasave.be\
+    /home/server/Containers/git.thomasave.be\
+    /home/server/Containers/Boaty \
+    /home/server/Containers/Caddy \
+
+borg prune -d 365 --save-space 10.4.0.1:Storage/Thomas/Borg/Cloud
+borg compact 10.4.0.1:Storage/Thomas/Borg/Cloud
+ssh vault /home/server/Storage/Thomas/Borg/Sync.sh
+
+##########################################
+# Lock the Vault                         #
+##########################################
+
+ssh vault /home/server/Storage/Thomas/Scripts/Mount/borg_lock.sh
+
+##########################################
+#  Backups to Oracle Cloud               #
+##########################################
+
+echo "Running Oracle Cloud Backup, containing Vaultwarden, robbertave.com, git.thomasave.be, Boaty, Stats, Caddy, and Niels."
+
+borg create -s --progress \
+    --exclude /home/server/Containers/pw.thomasave.be/data/icon_cache \
+    --exclude /home/server/Containers/pw.thomasave.be/data/sends \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/sessions \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/ssh \
+    --exclude /home/server/Containers/git.thomasave.be/gitea/gitea/jwt \
+    --exclude /home/server/Containers/stats.thomasave.be/logs \
+    --exclude /home/server/Containers/Caddy/Data\
+    --exclude /home/server/Storage/Niels/Backups \
+    ubuntu@10.0.0.6:~/Backups/Borg::'{hostname}-{now}' \
+    /home/server/Containers/pw.thomasave.be\
+    /home/server/Containers/robbertave.com\
+    /home/server/Containers/git.thomasave.be\
+    /home/server/Containers/auth.thomasave.be\
+    /home/server/Containers/Boaty \
+    /home/server/Containers/Caddy \
+    /home/server/Containers/stats.thomasave.be \
+    /home/server/Storage/Niels \
--- a/scripts/sync_vault.sh
+++ b/scripts/sync_vault.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+source "$XDG_CONFIG_HOME"/zsh/secrets.sh
+
+for _ in {1..2}; do
+    OUTPUT=$(echo "$ZFS_PASSPHRASE" | ssh 10.4.0.1 zfs load-key Vault/Thomas/Encrypted  2>&1);
+    if [ "$OUTPUT" == "Key load error: Key already loaded for 'Vault/Thomas/Encrypted'." ]; then
+        echo "Key successfully loaded, starting syncoid"
+        syncoid --no-privilege-elevation --no-sync-snap tank/Storage/Thomas/Workspace 10.4.0.1:Vault/Thomas/Encrypted/Storage/Workspace
+        syncoid --no-privilege-elevation --no-sync-snap tank/Storage/Thomas 10.4.0.1:Vault/Thomas/Encrypted/Storage/T
+        syncoid --no-privilege-elevation --no-sync-snap tank/Storage/Niels 10.4.0.1:Vault/Thomas/Encrypted/Storage/N
+        syncoid --no-privilege-elevation --no-sync-snap tank/Storage/Yolande 10.4.0.1:Vault/Thomas/Encrypted/Storage/Y
+        syncoid --no-privilege-elevation --no-sync-snap tank/Containers 10.4.0.1:Vault/Thomas/Encrypted/Containers
+        ssh 10.4.0.1 zfs unload-key Vault/Thomas/Encrypted
+        exit 0
+    fi
+done
+
+echo "Found output instead: $OUTPUT"
+echo "Failed to load key: $OUTPUT" | sendmail
+exit 1
--- a/zsh/.zshrc
+++ b/zsh/.zshrc
@ -124,12 +124,12 @@ function zvm_after_init() {
                PATHS="$PATHS\n$(fd . ~/Containers -t d -d 2)"
            fi
            if [ -d ~/Storage/Shared ]; then
-                PATHS="$PATHS\n~/Storage/Shared"
+                PATHS="$PATHS\n/home/server/Storage/Shared"
                PATHS="$PATHS\n$(fd . ~/Storage/Shared -t d -d 2)"
            fi
            if [ -d ~/Storage/Thomas ]; then
-                PATHS="$PATHS\n~/Storage/Thomas"
-                PATHS="$PATHS\n$(fd . ~/Storage/Thomas -t d -d 1)"
+                PATHS="$PATHS\n/home/server/Storage/Thomas"
+                PATHS="$PATHS\n$(fd . ~/Storage/Thomas -t d -d 5)"
            fi
            echo -e $PATHS > $FZY_CACHE
        fi