Created
February 2, 2020 16:13
-
-
Save erincerys/e0fac4982c024cfd0e7e7752181c31f8 to your computer and use it in GitHub Desktop.
Backup given sources via restic to AWS S3 at regularity using AWS SNS to notify of result
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Requires: | |
| # - restic (system package) | |
| # - AWS account with SNS topic configured, S3 bucket created, and API keys created | |
| # - awscli (pip) with API keys configured (aws configure) | |
| # - cron implementation (system package) | |
| ResticBinaryPath=`which restic` | |
| AwsCliBinaryPath=`which aws` | |
| ScriptWorkingPath='' | |
| UploadLimit=0 #KiB/s | |
| RepositoryPasswordFile="${ScriptWorkingPath}/s3-encryption-pass" | |
| AwsSnsRegion='' | |
| AwsS3Region='' | |
| RepositoryEngine='s3' | |
| RepositoryPath="s3.${AwsS3Region}.amazonaws.com/bucket/repo" | |
| SnsTopic="arn:aws:sns:${AwsSnsRegion}:id:topic_name" | |
| export AWS_CONFIG_FILE=/path/to/.aws/config | |
| export AWS_SHARED_CREDENTIAL_FILE=/path/to/.aws/credentials | |
| export AWS_PROFILE= | |
| export AWS_DEFAULT_REGION=$AwsS3Region | |
| # Path exclusions from objects within SourcePaths | |
| ExcludedPaths=( \ | |
| '/path/within/sources/to/exclude' | |
| ) | |
| # Do not leave trailing slash on the end of directory sources | |
| SourcePaths=() | |
| # Path to a text file containing further source paths to include | |
| SourceFileList="${ScriptWorkingPath}/s3-files.list" | |
| [ ! -d "${ScriptWorkingPath}/logs" ] && ( mkdir "${ScriptWorkingPath}/logs" ) | |
| LogFile="${ScriptWorkingPath}/logs/s3-`date '+%Y%m%d'`.log" | |
| function SnsPublication () { | |
| local ErrorCode=$1 | |
| if [ $ErrorCode -gt 0 ] ; then | |
| local ScriptResultCode='Failure' | |
| local ScriptPostMessage="Something went wrong executing the restic backup job. See $LogFile for summary details." | |
| else | |
| local ScriptResultCode='Success' | |
| local ScriptPostMessage="Successfully executed restic backup job. See $LogFile for summary details." | |
| fi | |
| # Publish to SNS topic to notify admin | |
| $AwsCliBinaryPath sns publish \ | |
| --region $AwsSnsRegion \ | |
| --topic-arn $SnsTopic \ | |
| --subject "Workstation restic backup job notification ($ScriptResultCode)" \ | |
| --message "$ScriptPostMessage" \ | |
| 2>&1 >> $LogFile | |
| } | |
| # Assemble the one-liner | |
| CommandPrefix="$ResticBinaryPath -r ${RepositoryEngine}:${RepositoryPath} backup -v -v --limit-upload $UploadLimit --password-file $RepositoryPasswordFile" | |
| for e in "${ExcludedPaths[@]}" ; do | |
| CommandExclusions="${CommandExclusions} --exclude $e" | |
| done | |
| for i in "${SourcePaths[@]}" ; do | |
| CommandSources="${CommandSources} $i" | |
| done | |
| Command="$CommandPrefix $CommandExclusions $CommandSources --files-from $SourceFileList" | |
| # Execute backup job | |
| $Command 2>&1 >> $LogFile | |
| ReturnCode=$? | |
| # Generate email with outcome of job | |
| if [ $ReturnCode -ne 0 ] ; then | |
| SnsPublication 1 | |
| else | |
| SnsPublication 0 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment