X-Git-Url: https://piware.de/gitweb/?p=bin.git;a=blobdiff_plain;f=backup;h=f1bef09ac625c834ffd3e2ba3417fdbbd47fd000;hp=f1ecfd437098fbbda47165f0daf3c8e20f93fd13;hb=HEAD;hpb=bb7c28698e7d66ed14d3d3d5897df9cde5e2ff78 diff --git a/backup b/backup index f1ecfd4..f1bef09 100755 --- a/backup +++ b/backup @@ -1,40 +1,49 @@ -#!/usr/bin/python - -# call rsnapshot daily/weekly/monthly regularly -# this should be called from cron very often (several times a day) to not miss -# a cycle when the machine is powered down for extended times. -# -# Author: Martin Pitt -# License: Public Domain - -import os, time, os.path, pwd, subprocess - -user = pwd.getpwuid(os.getuid()).pw_name -rsnapshot_basedir = '/var/backups/' + user -rsnapshot_conffile = os.path.expanduser('~/.rsnapshotrc') -verbose = True - -def days_mod(path): - '''Return the number of days since the last modification of path.''' - - if os.path.exists(path): - return (time.time() - os.stat(path).st_mtime)/86400. - else: - return time.time()/86400. - -def rsnapshot(mode): - argv = ['rsnapshot'] - if verbose: - argv.append('-v') - argv += ['-c', rsnapshot_conffile, mode] - if verbose: - print argv - subprocess.call(argv) - -# daily -if days_mod(os.path.join(rsnapshot_basedir, 'daily.0')) >= 1: - rsnapshot('daily') -elif days_mod(os.path.join(rsnapshot_basedir, 'weekly.0')) >= 7: - rsnapshot('weekly') -elif days_mod(os.path.join(rsnapshot_basedir, 'monthly.0')) >= 30: - rsnapshot('monthly') +#!/bin/sh +set -eu +cd $HOME +LOG=.cache/backup/log +PATH=$PATH:/sbin:/usr/sbin +RESTIC="restic --password-file $HOME/.config/backup-passphrase --repo sftp:piware.de:backup/restic" + +fail() { + notify-send -i /usr/share/icons/Adwaita/48x48/status/network-error-symbolic.symbolic.png -u critical -t 180000 "${1:-BACKUP FAILED!}" + exit 1 +} + +# do backup every day +if [ -e "$LOG" ] && [ $(( `date +%s` - `stat -c %Y $LOG` )) -lt 86300 ]; then + exit 0 +fi + +# figure out $DISPLAY when running from cron +export DISPLAY="${DISPLAY:-:0}" + +if ! ip route show default | grep -Eq 'dev (enp|wl)'; then + notify-send "Backup skipped, not on WLAN" + exit 0 +fi + +# figure out ssh agent when running from cron +if [ -z "${SSH_AUTH_SOCK:-}" ]; then + ssh_socket=$(ls /run/user/`id -u`/keyring*/ssh 2>/dev/null) + if [ -S "$ssh_socket" ]; then + export SSH_AUTH_SOCK="$ssh_socket" + fi +fi + +notify-send "Backup started" +mkdir -p $(dirname $LOG) + +$RESTIC backup --exclude-file=$HOME/.config/backup-ignore $HOME >> $LOG 2>&1 || fail +# TODO: forget --prune policy: https://restic.readthedocs.io/en/stable/060_forget.html +notify-send "Backup finished successfully" + +scp .config/backup-passphrase piware.de:.cache/ +ssh piware.de chmod u+w .cache/backup-passphrase +trap "ssh piware.de shred -u .cache/backup-passphrase" EXIT INT QUIT PIPE + +ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic forget --prune --keep-within-hourly 24h --keep-within-daily 7d --keep-within-weekly 30d --keep-within-monthly 12m +notify-send "Backup pruned successfully" + +ssh piware.de restic --password-file .cache/backup-passphrase --repo backup/restic check || fail "BACKUP CHECK FAILED!" +notify-send "Backup checked successfully"