Skip to content

Instantly share code, notes, and snippets.

@philfreo
Created April 6, 2012 17:58
Show Gist options
  • Save philfreo/2321650 to your computer and use it in GitHub Desktop.
Save philfreo/2321650 to your computer and use it in GitHub Desktop.
mysqldump cron
#!/bin/sh
# CRON
## delete encrypted backups older than 5 days
#55 3 * * * find /path/to/backups-enc -mtime +5 -exec rm {} \;
## delete un-encrypted backups older than 1 days
#55 3 * * * find /path/to/backups -mtime +0 -exec rm {} \;
## database dump at 4am UTC = 8pm PST (9pm PDT)
#0 4 * * * /path/to/this/script
MASTER="YYYY.us-west-1.rds.amazonaws.com"
SLAVE="XXXX.us-west-1.rds.amazonaws.com"
DB_HOST=$SLAVE
DB_NAME=""
DB_USER=""
DB_PASS=""
FILE_NAME="db-$(date +%Y-%m-%d-%H:%M).sql.gz"
# save only encrypted version
#mysqldump -u ${DB_USER} -p${DB_PASS} -h ${DB_HOST} ${DB_NAME} | gzip -c | openssl aes-256-cbc -salt -e -pass file:/path/to/password.txt > /path/to/backups-enc/${FILE_NAME}.enc
# save unencrypted version
mysqldump -u ${DB_USER} -p${DB_PASS} -h ${DB_HOST} ${DB_NAME} | gzip -c > /path/to/backups/${FILE_NAME}
# encrypt the version that gets backed up offsite
cat /path/to/backups/${FILE_NAME} | openssl aes-256-cbc -salt -e -pass file:/path/to/password.txt > /path/to/backups-enc/${FILE_NAME}.enc
@LorrainePetty
Copy link

This is great but how do we decrypt?

@cytopia
Copy link

cytopia commented Dec 28, 2015

This is a bad idea, you shouldn't specify -p as an option inside this script as it can be read out via ps aux by any system user.
You might find this helpful: https://github.com/cytopia/mysqldump-secure

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment