init

2023-04-04 23:36:20 +02:00 · 2023-04-04 23:36:20 +02:00 · d82305d8ba
parent fae6da63f5
commit d82305d8ba
7 changed files with 112 additions and 0 deletions
--- a/borg-backup@.service
+++ b/borg-backup@.service
@ -0,0 +1,29 @@
+[Unit]
+Description=recurring system backup using borg
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/borg create -C lz4 -v --stats --one-file-system ::'{hostname}-{now:%%Y-%%m-%%d_%%H-%%M}' / \
+    --exclude-caches			\
+    --exclude /var/cache/		\
+    --exclude /var/lib/mysql/		\
+    --exclude /var/lib/php/sessions/	\
+    --exclude /var/lib/postfix/		\
+    --exclude /var/lib/postgresql/	\
+    --exclude /opt/backups/
+
+ConfigurationDirectory=borg/%i
+CacheDirectory=borg/%i
+
+StandardInput=file:/etc/borg/%i/borg_passphrase
+
+EnvironmentFile=/etc/borg/%i/config.env
+Environment="BORG_RSH=ssh -i /etc/borg/%i/ssh_key" BORG_PASSPHRASE_FD=0 BORG_BASE_DIR=/tmp/ BORG_CONFIG_DIR=/etc/borg/%i BORG_CACHE_DIR=/var/cache/borg/%i
+
+PrivateTmp=yes
+ReadOnlyDirectories=/
+WorkingDirectory=/tmp
+
+ConfigurationDirectoryMode=550
+CacheDirectoryMode=550
--- a/borg-backup@.timer
+++ b/borg-backup@.timer
@ -0,0 +1,10 @@
+[Unit]
+Description=Regelmäßiger Aufruf des Backup-Scripts
+
+[Timer]
+OnCalendar=00:11:00
+Persistent=true
+Unit=borg-backup@%i.service
+
+[Install]
+WantedBy=timers.target
--- a/borg-prune@.service
+++ b/borg-prune@.service
@ -0,0 +1,26 @@
+[Unit]
+Description=recurring borg backup cleanup
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/borg prune \
+	--keep-daily=31 \
+	--keep-weekly=52 \
+	--keep-yearly=42 \
+	--keep-within 3d \
+	--list
+ConfigurationDirectory=borg/%i
+CacheDirectory=borg/%i
+
+StandardInput=file:/etc/borg/%i/borg_passphrase
+
+EnvironmentFile=/etc/borg/%i/config.env
+Environment="BORG_RSH=ssh -i /etc/borg/%i/ssh_key" BORG_PASSPHRASE_FD=0 BORG_BASE_DIR=/tmp/ BORG_CONFIG_DIR=/etc/borg/%i BORG_CACHE_DIR=/var/cache/borg/%i
+
+PrivateTmp=yes
+ReadOnlyDirectories=/
+WorkingDirectory=/tmp
+
+ConfigurationDirectoryMode=550
+CacheDirectoryMode=550
--- a/borg-prune@.timer
+++ b/borg-prune@.timer
@ -0,0 +1,10 @@
+[Unit]
+Description=Regelmäßiger Aufruf des Backup-Cleanup-Scripts
+
+[Timer]
+OnCalendar=00:01:00
+Persistent=true
+Unit=borg-prune@%i.service
+
+[Install]
+WantedBy=timers.target
--- a/init.sh
+++ b/init.sh
@ -0,0 +1,25 @@
+#!/bin/bash
+
+NAME="$1"
+DEST="$2"
+
+die () {
+	echo $1 >&2
+	exit 1
+}
+generate_passphrase() {
+	tr -dc A-Za-z0-9 </dev/urandom | head -c 64
+}
+
+[ "x$NAME" == "x" ] && die "Usage: $0 <name> <destination>"
+[ "x$DEST" == "x" ] && die "Usage: $0 <name> <destination>"
+
+CONFIGDIR="/etc/borg/$NAME"
+
+[ -d "$CONFIGDIR" ] && die "Config directory already exists: $CONFIGDIR"
+
+mkdir -p "$CONFIGDIR"
+
+echo "BORG_REPO=$DEST" > "$CONFIGDIR/config.env"
+generate_passphrase > "$CONFIGDIR/borg_passphrase"
+ssh-keygen -t ed25519 -N "" -q -f "$CONFIGDIR/ssh_key"
--- a/install.sh
+++ b/install.sh
@ -0,0 +1,6 @@
+#!/bin/bash
+
+BASEDIR=$(dirname $0)
+
+install --owner=0 --group=0 --mode=444 $BASEDIR/borg-{backup,prune}@.{service,timer} /etc/systemd/system/
+mkdir -p /etc/borg
--- a/install_as_link.sh
+++ b/install_as_link.sh
@ -0,0 +1,6 @@
+#!/bin/bash
+
+BASEDIR=$(dirname $0)
+
+systemctl link $BASEDIR/borg-{backup,prune}@.{service,timer}
+mkdir -p /etc/borg