-#!/bin/sh -e
+#!/bin/sh
+set -eu
+cd $HOME
+LOG=.cache/backup/log
+PATH=$PATH:/sbin:/usr/sbin
+RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piware.de:backup/restic"
+
+fail() {
+ notify-send -i /usr/share/icons/Adwaita/48x48/status/network-error-symbolic.symbolic.png -u critical -t 180000 "${1:-BACKUP FAILED!}"
+ exit 1
+}
-# call rsnapshot daily/weekly/monthly regularly
-# this should be called from cron very often (several times a day) to not miss
-# a cycle when the machine is powered down for extended times.
-#
-# Author: Martin Pitt <martin@piware.de>
-# License: Public Domain
+# do backup every day
+if [ -e "$LOG" ] && [ $(( `date +%s` - `stat -c %Y $LOG` )) -lt 86300 ]; then
+ exit 0
+fi
-backupdir=`grep ^snapshot_root ~/.rsnapshotrc | awk '{print $2}'`
+# figure out $DISPLAY when running from cron
+export DISPLAY="${DISPLAY:-:0}"
-now=`date +%s`
+if ! ip route show default | grep -Eq 'dev (enp|wl)'; then
+ notify-send "Backup skipped, not on WLAN"
+ exit 0
+fi
-get_age() {
- if [ -e $backupdir/$1 ]; then
- age=$(($now - `stat -c %Y $backupdir/$1`))
- else
- unset age
+# figure out ssh agent when running from cron
+if [ -z "${SSH_AUTH_SOCK:-}" ]; then
+ ssh_socket=$(ls /run/user/`id -u`/keyring*/ssh 2>/dev/null)
+ if [ -S "$ssh_socket" ]; then
+ export SSH_AUTH_SOCK="$ssh_socket"
fi
-}
+fi
+
+notify-send "Backup started"
+mkdir -p $(dirname $LOG)
+
+$RESTIC backup --exclude-file=$HOME/.config/backup-ignore $HOME >> $LOG 2>&1 || fail
+# TODO: forget --prune policy: https://restic.readthedocs.io/en/stable/060_forget.html
+notify-send "Backup finished successfully"
+
+scp .config/backup-passphrase piware.de:.cache/
+ssh piware.de chmod u+w .cache/backup-passphrase
+trap "ssh piware.de shred -u .cache/backup-passphrase" EXIT INT QUIT PIPE
+
+ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic forget --prune --keep-within-hourly 24h --keep-within-daily 7d --keep-within-weekly 30d --keep-within-monthly 12m
+notify-send "Backup pruned successfully"
-# abort if last backup was less than a day ago
-get_age daily.0
-[ -n "$age" ] && [ $age -lt 86300 ] && exit 0
-
-print '------------1---------------'
-# monthly backup if last monthly is older than a month (if it doesn't exist,
-# check oldest weekly)
-get_age monthly.0
-[ -n "$age" ] || get_age weekly.3
-[ -n "$age" ] && [ $age -ge 2591900 ] && mode=monthly
-
-# weekly backup if last weekly is older than a week (if it doesn't exist,
-# check oldest daily)
-get_age weekly.0
-[ -n "$age" ] || get_age daily.6
-[ -n "$age" ] && [ $age -ge 604700 ] && mode=weekly
-
-# default to daily
-[ -n "$mode" ] || mode=daily
-
-# call rsnapshot
-echo mode: $mode
-#notify-send "$mode backup started" || :
-rsnapshot -c ~/.rsnapshotrc $mode
-#notify-send "$mode backup finished" || :
+ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic check || fail "BACKUP CHECK FAILED!"
+notify-send "Backup checked successfully"
projects / bin.git / blobdiff