-
Provision B2 bucket: https://secure.backblaze.com/b2_buckets.htm
-
Provision B2 app key: https://secure.backblaze.com/app_keys.htm
-
Create
/etc/restic.env:#!/bin/bash RESTIC_REPOSITORY="b2:restic-MYCLUSTER" RESTIC_PASSWORD="" B2_ACCOUNT_ID="" # keyID B2_ACCOUNT_KEY="" # applicationKey
-
Save a copy in bitwarden
-
Secure configuration:
sudo chmod 660 /etc/restic.env
-
Initialize repo:
set -a; source /etc/restic.env; set +a restic init
-
Create
/etc/cron.daily/emergence-restic-backupand enable execution:sudo chmod +x /etc/cron.daily/emergence-restic-backup
-
Verify that daily cron script is set up correctly:
run-parts --test /etc/cron.daily
Last active
July 27, 2020 14:19
-
-
Save themightychris/672b83aa4f34c1ddd1a1251c0a7dca34 to your computer and use it in GitHub Desktop.
Emergence: Backup to B2 via Restic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -a | |
| HOME=/root | |
| source /etc/restic.env | |
| set +a | |
| # snapshot host config to _ | |
| >&2 echo -e "\n==> snapshot host" | |
| /bin/restic backup /emergence \ | |
| --host=_ \ | |
| --exclude='/emergence/services/**' \ | |
| --exclude='/emergence/sites/**' | |
| # snapshot each site to its own host | |
| for site_path in /emergence/sites/*; do | |
| site_name=$(basename ${site_path}) | |
| >&2 echo -e "\n==> snapshot site: ${site_name} @ ${site_path}" | |
| /bin/restic backup "${site_path}/" \ | |
| --host="${site_name}" \ | |
| --exclude='*.log' \ | |
| --exclude='/emergence/sites/*/logs/**' \ | |
| --exclude='/emergence/sites/**/media/*x*/**' | |
| done | |
| # setup mysql | |
| mysql_args="-u root -p$(/bin/jq -r .services.plugins.sql.managerPassword /emergence/config.json) -S /emergence/services/run/mysqld/mysqld.sock" | |
| mysql_query() { | |
| >&2 echo -e "\n==> mysql_query: ${1}" | |
| /usr/bin/mysql $mysql_args -srNe "${1}" | |
| } | |
| mysql_dump() { | |
| >&2 echo -e "\n==> mysql_dump: ${1} ${2}" | |
| /usr/bin/mysqldump ${mysql_args} \ | |
| --force \ | |
| --single-transaction \ | |
| --quick \ | |
| --compact \ | |
| --extended-insert \ | |
| --order-by-primary \ | |
| --ignore-table="${1}.sessions" \ | |
| "${1}" "${2}" | |
| } | |
| # dump each database+table | |
| databases=$(mysql_query 'SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ("information_schema", "mysql", "performance_schema")') | |
| for db_name in $databases; do | |
| if [ -d "/emergence/sites/${db_name}" ]; then | |
| cd "/emergence/sites/${db_name}" | |
| else | |
| cd "/tmp" | |
| fi | |
| mysql_dump "${db_name}" "${table_name}" \ | |
| | /bin/restic backup \ | |
| --host="${db_name}" \ | |
| --stdin \ | |
| --stdin-filename="database.sql" | |
| # restic de-dupe not as effective | |
| # | /bin/gzip --rsyncable \ | |
| done | |
| # thin out snapshots | |
| >&2 echo -e "\n==> restic forget" | |
| /bin/restic forget \ | |
| --keep-last=1 \ | |
| --keep-within=3d \ | |
| --keep-daily=10 \ | |
| --keep-weekly=10 \ | |
| --keep-monthly=1200 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment