themightychris/README.md

## README.md

      
    Raw
  

              README.md
            
          
Provision B2 bucket: https://secure.backblaze.com/b2_buckets.htm


Provision B2 app key: https://secure.backblaze.com/app_keys.htm


Create /etc/restic.env:
#!/bin/bash

RESTIC_REPOSITORY="b2:restic-MYCLUSTER"
RESTIC_PASSWORD=""

B2_ACCOUNT_ID="" # keyID
B2_ACCOUNT_KEY="" # applicationKey


Save a copy in bitwarden


Secure configuration:
sudo chmod 660 /etc/restic.env


Initialize repo:
set -a; source /etc/restic.env; set +a
restic init


Create /etc/cron.daily/emergence-restic-backup and enable execution:
sudo chmod +x /etc/cron.daily/emergence-restic-backup


Verify that daily cron script is set up correctly:
run-parts --test /etc/cron.daily


## emergence-restic-backup
#!/bin/bash

set -a
HOME=/root
source /etc/restic.env
set +a

# snapshot host config to _
>&2 echo -e "\n==> snapshot host"

/bin/restic backup /emergence \
  --host=_ \
  --exclude='/emergence/services/**' \
  --exclude='/emergence/sites/**'

# snapshot each site to its own host
for site_path in /emergence/sites/*; do
  site_name=$(basename ${site_path})

  >&2 echo -e "\n==> snapshot site: ${site_name} @ ${site_path}"

  /bin/restic backup "${site_path}/" \
    --host="${site_name}" \
    --exclude='*.log' \
    --exclude='/emergence/sites/*/logs/**' \
    --exclude='/emergence/sites/**/media/*x*/**'
done

# setup mysql
mysql_args="-u root -p$(/bin/jq -r .services.plugins.sql.managerPassword /emergence/config.json) -S /emergence/services/run/mysqld/mysqld.sock"

mysql_query() {
  >&2 echo -e "\n==> mysql_query: ${1}"

  /usr/bin/mysql $mysql_args -srNe "${1}"
}

mysql_dump() {
  >&2 echo -e "\n==> mysql_dump: ${1} ${2}"

  /usr/bin/mysqldump ${mysql_args} \
    --force \
    --single-transaction \
    --quick \
    --compact \
    --extended-insert \
    --order-by-primary \
    --ignore-table="${1}.sessions" \
    "${1}" "${2}"
}

# dump each database+table
databases=$(mysql_query 'SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ("information_schema", "mysql", "performance_schema")')

for db_name in $databases; do

  if [ -d "/emergence/sites/${db_name}" ]; then
    cd "/emergence/sites/${db_name}"
  else
    cd "/tmp"
  fi

  mysql_dump "${db_name}" "${table_name}" \
    | /bin/restic backup \
        --host="${db_name}" \
        --stdin \
        --stdin-filename="database.sql"

# restic de-dupe not as effective
#    | /bin/gzip --rsyncable \
done

# thin out snapshots
>&2 echo -e "\n==> restic forget"
/bin/restic forget \
  --keep-last=1 \
  --keep-within=3d \
  --keep-daily=10 \
  --keep-weekly=10 \
  --keep-monthly=1200
	#!/bin/bash

	set -a
	HOME=/root
	source /etc/restic.env
	set +a

	# snapshot host config to _
	>&2 echo -e "\n==> snapshot host"

	/bin/restic backup /emergence \
	--host=_ \
	--exclude='/emergence/services/**' \
	--exclude='/emergence/sites/**'

	# snapshot each site to its own host
	for site_path in /emergence/sites/*; do
	site_name=$(basename ${site_path})

	>&2 echo -e "\n==> snapshot site: ${site_name} @ ${site_path}"

	/bin/restic backup "${site_path}/" \
	--host="${site_name}" \
	--exclude='*.log' \
	--exclude='/emergence/sites//logs/*' \
	--exclude='/emergence/sites/*/media/x/*'
	done

	# setup mysql
	mysql_args="-u root -p$(/bin/jq -r .services.plugins.sql.managerPassword /emergence/config.json) -S /emergence/services/run/mysqld/mysqld.sock"

	mysql_query() {
	>&2 echo -e "\n==> mysql_query: ${1}"

	/usr/bin/mysql $mysql_args -srNe "${1}"
	}

	mysql_dump() {
	>&2 echo -e "\n==> mysql_dump: ${1} ${2}"

	/usr/bin/mysqldump ${mysql_args} \
	--force \
	--single-transaction \
	--quick \
	--compact \
	--extended-insert \
	--order-by-primary \
	--ignore-table="${1}.sessions" \
	"${1}" "${2}"
	}

	# dump each database+table
	databases=$(mysql_query 'SELECT schema_name FROM information_schema.schemata WHERE schema_name NOT IN ("information_schema", "mysql", "performance_schema")')

	for db_name in $databases; do

	if [ -d "/emergence/sites/${db_name}" ]; then
	cd "/emergence/sites/${db_name}"
	else
	cd "/tmp"
	fi

	mysql_dump "${db_name}" "${table_name}" \
	\| /bin/restic backup \
	--host="${db_name}" \
	--stdin \
	--stdin-filename="database.sql"

	# restic de-dupe not as effective
	# \| /bin/gzip --rsyncable \
	done

	# thin out snapshots
	>&2 echo -e "\n==> restic forget"
	/bin/restic forget \
	--keep-last=1 \
	--keep-within=3d \
	--keep-daily=10 \
	--keep-weekly=10 \
	--keep-monthly=1200