Backup Enhance control panel server assets that are needed in the event of a server disaster

enhance_control_backup.sh

#!/bin/bash

##############################################################################
# At the least you will need to set the remote transfer credentials and paths.
# This script will keep 14 days of backups on your destination host.
##############################################################################

TEMP_DIR="/temp"
TIMESTAMP=$(date +%Y%m%d%H%M%S)
ARCHIVE_NAME="$TEMP_DIR/control-backup_$TIMESTAMP.tar.gz"
REMOTE_USER="user"
REMOTE_HOST="destination"
REMOTE_PORT="2222"
REMOTE_PATH="/path"
SSH_KEY="/home/user/.ssh/keyfile"

create_temp_dir() {
    mkdir -p "$TEMP_DIR"
}

dump_postgres_databases() {
    printf "Dumping PostgreSQL databases...\n"
    sudo -u orchd pg_dump -O -d orchd > "$TEMP_DIR/orchd.sql" || {
        printf "Failed to dump orchd database\n" >&2
        return 1
    }
    sudo -u orchd pg_dump -O -d authd > "$TEMP_DIR/authd.sql" || {
        printf "Failed to dump authd database\n" >&2
        return 1
    }
}

get_backup_paths() {
    local backup_paths=(
        "/etc/ssl/certs/enhance"
        "/etc/ssl/private/enhance"
        "/var/local/enhance/orchd/private"
        "/var/local/enhance/rca.pw"
        "/var/www/control-panel/assets"
    )

    if [[ -d "/etc/powerdns/zones" ]]; then
        backup_paths+=("/etc/powerdns/zones")
    fi
    if [[ -f "/var/local/enhance/orchd/cloudflare.key" ]]; then
        backup_paths+=("/var/local/enhance/orchd/cloudflare.key")
    fi
    
    printf "%s\n" "${backup_paths[@]}"
}

create_backup_archive() {
    printf "Creating backup archive...\n"

    local paths; paths=$(get_backup_paths)
    if [[ -z "$paths" ]]; then
        printf "No valid backup paths found\n" >&2
        return 1
    fi

    tar -czf "$ARCHIVE_NAME" -C "$TEMP_DIR" orchd.sql authd.sql $paths || {
        printf "Failed to create archive\n" >&2
        return 1
    }

    printf "Backup archive created: %s\n" "$ARCHIVE_NAME"
}

transfer_backup() {
    printf "Transferring backup to remote server...\n"
    scp -i "$SSH_KEY" -P "$REMOTE_PORT" "$ARCHIVE_NAME" "${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_PATH}" || {
        printf "Failed to transfer backup to remote server\n" >&2
        return 1
    }

    printf "Transfer complete.\n"

    printf "Cleaning up old backups on remote server... older than 14 days\n"
    ssh -i "$SSH_KEY" -p "$REMOTE_PORT" "${REMOTE_USER}@${REMOTE_HOST}" "find '${REMOTE_PATH}' -type f -mtime +14 -delete" || {
        printf "Failed to clean up old backups on remote server\n" >&2
        return 1
    }

    printf "Old backups deleted.\n"
}

cleanup_local_temp() {
    printf "Cleaning up temporary files...\n"
    rm -rf "$TEMP_DIR" || {
        printf "Failed to clean temporary files\n" >&2
        return 1
    }
    printf "Cleanup complete.\n"
}

main() {
    create_temp_dir
    dump_postgres_databases || return 1
    create_backup_archive || return 1
    transfer_backup || return 1
    cleanup_local_temp || return 1
    printf "Backup completed successfully.\n"
}

main

This version handles errors and variables better. I also added the backup of /etc/powerdns/zones (if it exists) to this archive. For this to work, you will need to have the dns role added to your control server as well.

Hey xyzulu. Question. If let`s say i have 2 servers, and i have backup role only on master server ( control server ) and on the other server in the cluster i dont have backup role but i want to create a backup for both servers, your script will work on both servers ?

Hey xyzulu. Question. If let`s say i have 2 servers, and i have backup role only on master server ( control server ) and on the other server in the cluster i dont have backup role but i want to create a backup for both servers, your script will work on both servers ?

Sorry, it's not for that. See: https://community.enhance.com/d/2548-backup-your-control-panel-server-to-a-remote-location-for-easy-disaster-recovery