From d82305d8ba05081fa4b8ff1736c3b87eb274f046 Mon Sep 17 00:00:00 2001 From: Ludwig Behm Date: Tue, 4 Apr 2023 23:36:20 +0200 Subject: [PATCH] init --- borg-backup@.service | 29 +++++++++++++++++++++++++++++ borg-backup@.timer | 10 ++++++++++ borg-prune@.service | 26 ++++++++++++++++++++++++++ borg-prune@.timer | 10 ++++++++++ init.sh | 25 +++++++++++++++++++++++++ install.sh | 6 ++++++ install_as_link.sh | 6 ++++++ 7 files changed, 112 insertions(+) create mode 100644 borg-backup@.service create mode 100644 borg-backup@.timer create mode 100644 borg-prune@.service create mode 100644 borg-prune@.timer create mode 100644 init.sh create mode 100644 install.sh create mode 100644 install_as_link.sh diff --git a/borg-backup@.service b/borg-backup@.service new file mode 100644 index 0000000..1f3b3a0 --- /dev/null +++ b/borg-backup@.service @@ -0,0 +1,29 @@ +[Unit] +Description=recurring system backup using borg +After=network.target + +[Service] +Type=simple +ExecStart=/usr/bin/borg create -C lz4 -v --stats --one-file-system ::'{hostname}-{now:%%Y-%%m-%%d_%%H-%%M}' / \ + --exclude-caches \ + --exclude /var/cache/ \ + --exclude /var/lib/mysql/ \ + --exclude /var/lib/php/sessions/ \ + --exclude /var/lib/postfix/ \ + --exclude /var/lib/postgresql/ \ + --exclude /opt/backups/ + +ConfigurationDirectory=borg/%i +CacheDirectory=borg/%i + +StandardInput=file:/etc/borg/%i/borg_passphrase + +EnvironmentFile=/etc/borg/%i/config.env +Environment="BORG_RSH=ssh -i /etc/borg/%i/ssh_key" BORG_PASSPHRASE_FD=0 BORG_BASE_DIR=/tmp/ BORG_CONFIG_DIR=/etc/borg/%i BORG_CACHE_DIR=/var/cache/borg/%i + +PrivateTmp=yes +ReadOnlyDirectories=/ +WorkingDirectory=/tmp + +ConfigurationDirectoryMode=550 +CacheDirectoryMode=550 diff --git a/borg-backup@.timer b/borg-backup@.timer new file mode 100644 index 0000000..ca206ec --- /dev/null +++ b/borg-backup@.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Regelmäßiger Aufruf des Backup-Scripts + +[Timer] +OnCalendar=00:11:00 +Persistent=true +Unit=borg-backup@%i.service + +[Install] +WantedBy=timers.target diff --git a/borg-prune@.service b/borg-prune@.service new file mode 100644 index 0000000..2b84950 --- /dev/null +++ b/borg-prune@.service @@ -0,0 +1,26 @@ +[Unit] +Description=recurring borg backup cleanup +After=network.target + +[Service] +Type=simple +ExecStart=/usr/bin/borg prune \ + --keep-daily=31 \ + --keep-weekly=52 \ + --keep-yearly=42 \ + --keep-within 3d \ + --list +ConfigurationDirectory=borg/%i +CacheDirectory=borg/%i + +StandardInput=file:/etc/borg/%i/borg_passphrase + +EnvironmentFile=/etc/borg/%i/config.env +Environment="BORG_RSH=ssh -i /etc/borg/%i/ssh_key" BORG_PASSPHRASE_FD=0 BORG_BASE_DIR=/tmp/ BORG_CONFIG_DIR=/etc/borg/%i BORG_CACHE_DIR=/var/cache/borg/%i + +PrivateTmp=yes +ReadOnlyDirectories=/ +WorkingDirectory=/tmp + +ConfigurationDirectoryMode=550 +CacheDirectoryMode=550 diff --git a/borg-prune@.timer b/borg-prune@.timer new file mode 100644 index 0000000..c588652 --- /dev/null +++ b/borg-prune@.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Regelmäßiger Aufruf des Backup-Cleanup-Scripts + +[Timer] +OnCalendar=00:01:00 +Persistent=true +Unit=borg-prune@%i.service + +[Install] +WantedBy=timers.target diff --git a/init.sh b/init.sh new file mode 100644 index 0000000..262650a --- /dev/null +++ b/init.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +NAME="$1" +DEST="$2" + +die () { + echo $1 >&2 + exit 1 +} +generate_passphrase() { + tr -dc A-Za-z0-9 " +[ "x$DEST" == "x" ] && die "Usage: $0 " + +CONFIGDIR="/etc/borg/$NAME" + +[ -d "$CONFIGDIR" ] && die "Config directory already exists: $CONFIGDIR" + +mkdir -p "$CONFIGDIR" + +echo "BORG_REPO=$DEST" > "$CONFIGDIR/config.env" +generate_passphrase > "$CONFIGDIR/borg_passphrase" +ssh-keygen -t ed25519 -N "" -q -f "$CONFIGDIR/ssh_key" diff --git a/install.sh b/install.sh new file mode 100644 index 0000000..0a9d345 --- /dev/null +++ b/install.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +BASEDIR=$(dirname $0) + +install --owner=0 --group=0 --mode=444 $BASEDIR/borg-{backup,prune}@.{service,timer} /etc/systemd/system/ +mkdir -p /etc/borg diff --git a/install_as_link.sh b/install_as_link.sh new file mode 100644 index 0000000..0a3867c --- /dev/null +++ b/install_as_link.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +BASEDIR=$(dirname $0) + +systemctl link $BASEDIR/borg-{backup,prune}@.{service,timer} +mkdir -p /etc/borg