]> piware.de Git - bin.git/blobdiff - backup
projects / bin.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
build-cockpit-toolbox: tasks container moved to ghcr.io
[bin.git] / backup
diff --git a/backup b/backup
index f1ecfd437098fbbda47165f0daf3c8e20f93fd13..f1bef09ac625c834ffd3e2ba3417fdbbd47fd000 100755 (executable)
--- a/backup
+++ b/backup
@@ -1,40 +1,49 @@
-#!/usr/bin/python
-
-# call rsnapshot daily/weekly/monthly regularly
-# this should be called from cron very often (several times a day) to not miss
-# a cycle when the machine is powered down for extended times.
-#
-# Author: Martin Pitt <martin@piware.de>
-# License: Public Domain
-
-import os, time, os.path, pwd, subprocess
-
-user = pwd.getpwuid(os.getuid()).pw_name
-rsnapshot_basedir = '/var/backups/' + user
-rsnapshot_conffile = os.path.expanduser('~/.rsnapshotrc')
-verbose = True
-
-def days_mod(path):
-    '''Return the number of days since the last modification of path.'''
-
-    if os.path.exists(path):
-        return (time.time() - os.stat(path).st_mtime)/86400.
-    else:
-        return time.time()/86400.
-
-def rsnapshot(mode):
-    argv = ['rsnapshot']
-    if verbose:
-        argv.append('-v')
-    argv += ['-c', rsnapshot_conffile, mode]
-    if verbose:
-        print argv
-    subprocess.call(argv)
-
-# daily
-if days_mod(os.path.join(rsnapshot_basedir, 'daily.0')) >= 1:
-    rsnapshot('daily')
-elif days_mod(os.path.join(rsnapshot_basedir, 'weekly.0')) >= 7:
-    rsnapshot('weekly')
-elif days_mod(os.path.join(rsnapshot_basedir, 'monthly.0')) >= 30:
-    rsnapshot('monthly')
+#!/bin/sh
+set -eu
+cd $HOME
+LOG=.cache/backup/log
+PATH=$PATH:/sbin:/usr/sbin
+RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piware.de:backup/restic"
+
+fail() {
+    notify-send -i /usr/share/icons/Adwaita/48x48/status/network-error-symbolic.symbolic.png -u critical -t 180000 "${1:-BACKUP FAILED!}"
+    exit 1
+}
+
+# do backup every day
+if [ -e "$LOG" ] && [ $(( `date +%s` - `stat -c %Y $LOG` )) -lt 86300 ]; then
+    exit 0
+fi
+
+# figure out $DISPLAY when running from cron
+export DISPLAY="${DISPLAY:-:0}"
+
+if ! ip route show default | grep -Eq 'dev (enp|wl)'; then
+    notify-send "Backup skipped, not on WLAN"
+    exit 0
+fi
+
+# figure out ssh agent when running from cron
+if [ -z "${SSH_AUTH_SOCK:-}" ]; then
+    ssh_socket=$(ls /run/user/`id -u`/keyring*/ssh 2>/dev/null)
+    if [ -S "$ssh_socket" ]; then
+        export SSH_AUTH_SOCK="$ssh_socket"
+    fi
+fi
+
+notify-send "Backup started"
+mkdir -p $(dirname $LOG)
+
+$RESTIC backup --exclude-file=$HOME/.config/backup-ignore $HOME >> $LOG 2>&1 || fail
+# TODO: forget --prune policy: https://restic.readthedocs.io/en/stable/060_forget.html
+notify-send "Backup finished successfully"
+
+scp .config/backup-passphrase piware.de:.cache/
+ssh piware.de chmod u+w .cache/backup-passphrase
+trap "ssh piware.de shred -u .cache/backup-passphrase" EXIT INT QUIT PIPE
+
+ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic forget --prune --keep-within-hourly 24h --keep-within-daily 7d --keep-within-weekly 30d --keep-within-monthly 12m
+notify-send "Backup pruned successfully"
+
+ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic check || fail "BACKUP CHECK FAILED!"
+notify-send "Backup checked successfully"
Martin Pitt's ~/bin scripts