Generates, encrypts, transfers and rotates Gitlab backups to/on Amazon S3.

gitlab_backup

#! /bin/bash

# Generates, encrypts, transfers and rotates Gitlab backups to/on Amazon S3.


# Requirements:
#
#   1. Gitlab
#
#     $ apt-get update
#     $ apt-get install -y curl openssh-server ca-certificates
#     $ curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | bash
#     $ apt-get install gitlab-ce
#     $ gitlab-ctl reconfigure
#
#   2. s3cmd
#
#     $ apt-get install -y python-pip
#     $ pip install s3cmd
#     $ s3cmd --configure
#
#   3. gpg public key


# Installation:
#
#   1. Place this script in
#
#     /usr/local/bin/backup
#
#   2. Make this script executable
#
#     $ chmod a+x /usr/local/bin/backup
#
#   3. Optional: Add to crontab (`0 0 * * * /usr/local/bin/backup`)
#
#     $ crontab -e


# Usage:
#
#   $ /usr/local/bin/backup (or just `backup` if in $PATH)



### BEGIN CONFIGURATION



bucket=my-s3-bucket

bucket_path=s3-bucket-path

gpg_public_key=me@example.com

keep=7



### END CONFIGURATION



export PATH=/usr/local/bin:$PATH

backup_path="/var/opt/gitlab/backups"

echo "Generating GitLab backup"
gitlab-rake gitlab:backup:create

echo "Searching generated backup"
backup_file=`ls -la $backup_path \
  | grep -e tar$ \
  | tail -n 1 \
  | awk '{print $9}'`

echo "Compressing, encrypting and transfering backup to S3"
cat $backup_path/$backup_file \
  | gzip \
  | gpg -e -r $gpg_public_key \
  | s3cmd put - s3://$bucket/$bucket_path/$backup_file.gz.gpg

echo "Rotating backups on S3 (keep $keep latest backups)"
s3cmd ls s3://$bucket/$bucket_path/ \
  | grep -e gpg$ \
  | awk '{print $4}' \
  | head -n -$keep \
  | xargs s3cmd del

echo "Removing local backup: $backup_path/$backup_file"
rm $backup_path/$backup_file