From 32c898c6d2d5dd92c9d9d542067bed76ee3209d7 Mon Sep 17 00:00:00 2001 From: Love Billenius Date: Fri, 12 Jul 2024 14:38:31 +0200 Subject: [PATCH] backup part --- backup-gitea.sh | 89 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 backup-gitea.sh diff --git a/backup-gitea.sh b/backup-gitea.sh new file mode 100644 index 0000000..5c00c7a --- /dev/null +++ b/backup-gitea.sh @@ -0,0 +1,89 @@ +#!/bin/bash + +BACKUP_DIR="/mnt/hardestdrive/gitea-backup" +LOG_DIR="/mnt/hardestdrive/gitea-backup-logs" +DATA_DIR="/mnt/hardestdrive/gitea" +DB_USER="root" +DB_NAME="gitea" +TIMESTAMP=$(date +"%Y%m%d-%H%M%S") +DB_BACKUP_FILE="${BACKUP_DIR}/gitea-database-backup-${TIMESTAMP}.sql.zst" +ARCHIVE_FILE="${BACKUP_DIR}/gitea-backup-${TIMESTAMP}.tar.zst" +ENCRYPTED_DB_BACKUP_FILE="${DB_BACKUP_FILE}.enc" +ENCRYPTED_ARCHIVE_FILE="${ARCHIVE_FILE}.enc" +KEY_FILE="/mnt/hardestdrive/gitea-backup.key" +REMOTE_USER="tom" +REMOTE_HOST="nordicdatarefinement.com" +REMOTE_PORT="23" +REMOTE_DIR="/mnt/hdd/gitea-backup" + +REQUIRED_PROGRAMS=("rsync" "mysqldump" "zstd" "tar" "systemctl" "openssl") +for prog in "${REQUIRED_PROGRAMS[@]}"; do + if ! command -v "$prog" &>/dev/null; then + echo "Error: $prog is not installed." >&2 + exit 1 + fi +done + +if [[ ! -f "$KEY_FILE" ]]; then + printf "Key file doesn't exist at '%s'\n" "$KEY_FILE" + exit 1 +fi + +mkdir -p "${LOG_DIR}" +log() { + local msg + msg="$(date +"%Y-%m-%d %H:%M:%S") $1" + echo "$msg" | tee -a "${LOG_DIR}/$TIMESTAMP.log" +} + +log "Stopping Gitea service..." +systemctl stop gitea + +log "Creating backup directories..." +mkdir -p "$BACKUP_DIR" + +log "Creating archive of Gitea..." +tar -cf - -C "${DATA_DIR}" . | zstd -o "${ARCHIVE_FILE}" + +log "Backing up MySQL database..." +mysqldump --single-transaction -u "${DB_USER}" "${DB_NAME}" | zstd >"${DB_BACKUP_FILE}" +if [ $? -ne 0 ]; then + log "Error during database backup." + systemctl start gitea + exit 1 +fi + +log "Starting Gitea service..." +systemctl start gitea + +log "Encrypting the SQL dump..." +openssl enc -aes-256-cbc -salt -pbkdf2 -in "${DB_BACKUP_FILE}" -out "${ENCRYPTED_DB_BACKUP_FILE}" -pass file:"${KEY_FILE}" +# openssl enc -aes-256-cbc -d -pbkdf2 -in "${ENCRYPTED_DB_BACKUP_FILE}" -out "gitea-database-backup-${TIMESTAMP}.sql.zst" -pass file:"${KEY_FILE}" +if [ $? -ne 0 ]; then + log "Error during SQL dump encryption." + exit 1 +fi +rm "${DB_BACKUP_FILE}" + +log "Encrypting the tarball..." +openssl enc -aes-256-cbc -salt -pbkdf2 -in "${ARCHIVE_FILE}" -out "${ENCRYPTED_ARCHIVE_FILE}" -pass file:"${KEY_FILE}" +# openssl enc -aes-256-cbc -d -pbkdf2 -in "${ENCRYPTED_ARCHIVE_FILE}" -out "gitea-backup-${TIMESTAMP}.tar.zst" -pass file:"${KEY_FILE}" +if [ $? -ne 0 ]; then + log "Error during tarball encryption." + exit 1 +fi +rm "${ARCHIVE_FILE}" + +log "Gitea backup completed successfully and encrypted." + +log "Sending backups to remote server..." +rsync -av --progress -e "ssh -p ${REMOTE_PORT}" "${ENCRYPTED_DB_BACKUP_FILE}" "${ENCRYPTED_ARCHIVE_FILE}" "${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_DIR}" +if [ $? -ne 0 ]; then + log "Error during rsync to remote server." + exit 1 +fi + +log "Backups sent successfully." + +log "Removing dumps locally" +rm -r "${BACKUP_DIR}"