Last active
June 4, 2025 21:50
-
-
Save xyzulu/dad9df69207484f6e4c0a3653374d541 to your computer and use it in GitHub Desktop.
Backup cPFence settings to a remote location and then delete the backup file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -o errexit | |
| set -o nounset | |
| set -o pipefail | |
| # Configuration | |
| REMOTE_USER="your_user" | |
| REMOTE_HOST="your_remote_host" | |
| REMOTE_DIR="/path/to/remote/destination" | |
| REMOTE_PORT="22" | |
| SSH_KEY_FILE="/path/to/private_key" | |
| LOCAL_FILE_PATTERN="/var/cpf_backups/cpfence_backup_*.tar.gz" | |
| # Ensure required commands exist | |
| check_requirements() { | |
| if ! command -v scp >/dev/null || ! command -v ssh >/dev/null || ! command -v ls >/dev/null || ! command -v cpfence >/dev/null; then | |
| printf "Error: Required commands (scp, ssh, ls, cpfence) not found.\n" >&2 | |
| return 1 | |
| fi | |
| if [[ ! -f "$SSH_KEY_FILE" ]]; then | |
| printf "Error: SSH key file '%s' not found.\n" "$SSH_KEY_FILE" >&2 | |
| return 1 | |
| fi | |
| } | |
| # Run cpfence backup command | |
| run_backup() { | |
| if ! cpfence --backup-cpf-settings; then | |
| printf "Error: Failed to execute cpfence backup.\n" >&2 | |
| return 1 | |
| fi | |
| printf "CPFence backup completed successfully.\n" | |
| } | |
| # Get the latest file matching the pattern | |
| get_latest_file() { | |
| local latest_file | |
| latest_file=$(ls -t $LOCAL_FILE_PATTERN 2>/dev/null | head -n 1 || true) | |
| if [[ -z "$latest_file" ]]; then | |
| printf "Error: No matching files found for pattern '%s'.\n" "$LOCAL_FILE_PATTERN" >&2 | |
| return 1 | |
| fi | |
| printf "%s" "$latest_file" | |
| } | |
| # Get file size in bytes | |
| get_file_size() { | |
| local file="$1" | |
| du -b "$file" | cut -f1 | |
| } | |
| # Transfer file via SCP and rename it on the remote host | |
| transfer_file() { | |
| local file="$1" | |
| local size | |
| local local_hostname | |
| local remote_temp_path | |
| local remote_final_path | |
| if [[ ! -f "$file" ]]; then | |
| printf "Error: File '%s' does not exist.\n" "$file" >&2 | |
| return 1 | |
| fi | |
| local_hostname=$(hostname -s) | |
| size=$(get_file_size "$file") | |
| remote_temp_path="${REMOTE_DIR}/$(basename "$file")" | |
| remote_final_path="${REMOTE_DIR}/${local_hostname}_$(basename "$file")" | |
| if ! scp -P "$REMOTE_PORT" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i "$SSH_KEY_FILE" "$file" \ | |
| "${REMOTE_USER}@${REMOTE_HOST}:${remote_temp_path}"; then | |
| printf "Error: Failed to transfer file '%s' to remote host.\n" "$file" >&2 | |
| return 1 | |
| fi | |
| if ! ssh -p "$REMOTE_PORT" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i "$SSH_KEY_FILE" \ | |
| "${REMOTE_USER}@${REMOTE_HOST}" "mv '${remote_temp_path}' '${remote_final_path}'"; then | |
| printf "Error: Failed to rename file on remote host.\n" >&2 | |
| return 1 | |
| fi | |
| printf "File '%s' successfully transferred to %s@%s:%s\n" "$file" "$REMOTE_USER" "$REMOTE_HOST" "$remote_final_path" | |
| printf "Transferred data size: %s bytes\n" "$size" | |
| } | |
| main() { | |
| check_requirements | |
| run_backup | |
| local latest_file | |
| latest_file=$(get_latest_file) | |
| transfer_file "$latest_file" | |
| } | |
| main "$@" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Updated script to support the new cpfence backup location /var/cpf_backups/
Only the latest backup is transferred, the rest are left for cpfence to cleanup (30 day retention)