From 795bd9edbc28fac6c279485648da0b67789925a2 Mon Sep 17 00:00:00 2001
From: Rabjerg <Rabjerg@users.noreply.github.com>
Date: Tue, 16 Mar 2021 23:51:55 +0100
Subject: [PATCH] initial commit.

---
 .gitignore        |   3 ++
 backup.env.sample |  37 ++++++++++++++++
 init_backup.sh    | 107 ++++++++++++++++++++++++++++++++++++++++++++++
 make_backup.sh    |  43 +++++++++++++++++++
 4 files changed, 190 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 backup.env.sample
 create mode 100755 init_backup.sh
 create mode 100755 make_backup.sh

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..2ee3c7d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+id_ed25519_*
+*.borgkey
+*.env
diff --git a/backup.env.sample b/backup.env.sample
new file mode 100644
index 0000000..3aeda23
--- /dev/null
+++ b/backup.env.sample
@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+## Setup Path and file for logging
+LOGPATH="/var/log/borg"
+
+mkdir -p $LOGPATH
+
+export LOGFILE="$LOGPATH/backup_docker.log"
+
+## Path to private-key
+PRIVATE_KEY_FILE="./id_ed25519"
+
+## URL of storage server
+## samle url scheme used by Hetzner storage services
+## REPOSITORY_URL="u000000.your-backup.de"
+## REPOSITORY_URL="u000000.your-storagebox.de"
+REPOSITORY_URL="disaster-recovery.example.com"
+
+## Port to be used on repository server
+REPOSITORY_PORT="23"
+
+## Directory of backup on server
+REPOSITORY_DIR="test"
+
+## Username on repository server
+REPOSITORY_USER="u000000"
+
+## Setup BORG environment
+export BORG_RSH="ssh -i $PRIVATE_KEY_FILE"
+export REPOSITORY="ssh://{$REPOSITORY_USER}@{$REPOSITORY_URL}:{$REPOSITORY_PORT}/./{$REPOSITORY_DIR}/"
+export BACKUP_NAME="$(date +%Y-%m-%d_%H%M)"
+
+## Secret
+## This is your passphrase used to encrypt the backup.
+## If you lose this, you lose EVERYTHING!
+## Keep it safe and secure.
+export BORG_PASSPHRASE="soe4eiCae9ohSij7Aiceesh2ZiphiHoh"
diff --git a/init_backup.sh b/init_backup.sh
new file mode 100755
index 0000000..0e668fd
--- /dev/null
+++ b/init_backup.sh
@@ -0,0 +1,107 @@
+#!/usr/bin/env bash
+
+## This is an interactive prompt to guide the user the setting up the correct .env file.
+
+echo -e "Enter name used for this backup, this should be uniq. \nIt will be used to name the configuration files and other files."
+read -p "Backup name: " -r
+
+NAME=$REPLY
+
+echo -e "Do you want to generate a new keypair? (Y) or use excisting private key. (N)"
+read -p "[Y]/[N] " -n 1
+echo ""
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    ssh-keygen -t ed25519 -f "id_ed25519_$NAME"
+    PRIVATE_KEY_FILE="id_ed25519_$NAME"
+else
+    read -p "Input full path and name of private key: "
+    PRIVATE_KEY_FILE=$REPLY
+fi
+
+echo -e "Enter url of repository server, eg. \"disaster-recovery.example.com\""
+read -p "URL: " -r
+REPOSITORY_URL=$REPLY
+
+
+echo -e "Enter path of TARGET path on the SERVER eg. \"/backup/server_01\""
+read -p "Path: " -r
+REPOSITORY_DIR=$REPLY
+
+
+echo -e "Enter username for the SERVER user."
+read -p "USER: " -r
+REPOSITORY_USER=$REPLY
+
+unset REPLY
+read -p "Specify SSH port to be used (Default: 22, Hetzner use 23 for Borg!): " -r
+echo ""
+if [[ -z $REPLY ]]; then
+    REPOSITORY_PORT=22
+else 
+    REPOSITORY_PORT=$REPLY
+fi
+
+echo -e "Do you want to upload the new public_key to the server via SCP?"
+read -p "[Y]/[N] " -n 1
+echo ""
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    echo ""
+    unset REPLY
+    read -p "Specify port to upload with (Default 22): " -r
+    echo ""
+    if [[ -z $REPLY ]]; then
+        REPLY=22
+    fi
+    TEMPDIR=$(mktemp -d)
+    scp -P "$REPLY" "$REPOSITORY_USER@$REPOSITORY_URL:.ssh/authorized_keys" \
+    "$TEMPDIR/authorized_keys"
+    cat "$PRIVATE_KEY_FILE.pub" >> "$TEMPDIR/authorized_keys"
+    scp -P "$REPLY $TEMPDIR/authorized_keys" \
+    "$REPOSITORY_USER@$REPOSITORY_URL:.ssh/authorized_keys"
+    rm -rf "$TEMPDIR"
+fi
+
+echo -e "Do you want to initialize the repository now?"
+read -p "[Y]/[N] " -n 1
+echo ""
+unset REPLY
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    INIT=1
+    echo -e "\nYour borg repository will be initialized with the following settings:"
+fi
+
+# Final output
+echo -e "\n##############################"
+echo -e "Please verify before using the following in your .env file:"
+echo -e "# REPOSITORY_URL=\"$REPOSITORY_URL\""
+echo -e "# REPOSITORY_DIR=\"$REPOSITORY_DIR\""
+echo -e "# REPOSITORY_USER=\"$REPOSITORY_USER\""
+echo -e "# REPOSITORY_PORT=\"$REPOSITORY_PORT\""
+echo -e "# PRIVATE_KEY_FILE=\"$PRIVATE_KEY_FILE\""
+echo -e "##############################\n"
+
+if [[ -n $INIT ]]; then
+    echo -e "Remember to save your password and add it to your .env file."
+    echo -e "Please wait while repository is initialized, this can take a while."
+    ## Initialize the repository
+    borg init --encryption=repokey \
+    --rsh="ssh -i $PRIVATE_KEY_FILE" \
+    ssh://$REPOSITORY_USER@$REPOSITORY_URL:$REPOSITORY_PORT/./$REPOSITORY_DIR/
+    
+    ## Make a backup of the borg key. (Keep this SAFE!)
+    echo -e "Your borg key will now be exported to ./backup_key_$NAME.borgkey"
+    borg key export \
+    ssh://$REPOSITORY_USER@$REPOSITORY_URL:$REPOSITORY_PORT/./$REPOSITORY_DIR/ \
+    "./backup_key_$NAME.borgkey"
+    
+    echo -e "Your repository should have been initialized and key exported."
+    echo -e "Keep the following SAFE AND A COPY SOMEWHERE ELSE!"
+    echo -e "#######################################################"
+    echo -e "Your private key for the ssh access: $PRIVATE_KEY_FILE"
+    echo -e "Your public key for the ssh access: $PRIVATE_KEY_FILE.pub"
+    echo -e "Your borg keyfile: backup_key_$NAME.borgkey"
+    echo -e "Your borg passphrase!"
+    echo -e "#######################################################\n"
+    echo -e "If everything went well, you are ready to customize your .env file with the above information. \nAnd can then make your initial backup."
+fi 
+
diff --git a/make_backup.sh b/make_backup.sh
new file mode 100755
index 0000000..d58d2f4
--- /dev/null
+++ b/make_backup.sh
@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+
+## Source backup.env file for settings and secrets.
+## it is possible to pass a filename as .env file.
+## Passing a file makes it possible to have several .env files for different backups and one "work script".
+
+if [[ -z "$1" ]]; then
+    source backup.env
+else
+    source $1
+fi
+
+## Setup that everything is written to log
+
+exec > >(tee -i ${LOGFILE})
+exec 2>&1
+
+## Checks that a few important thins is set.
+## In case a invalid path/file is passed.
+
+if [[ -z $REPOSITORY ]]; then 
+    echo "No \$REPOSITORY set, cannot make backup. \nDid you pass a valid .env file?"
+    exit 4
+fi
+
+if [[ -z $BACKUP_NAME ]]; then 
+    echo "No \$BACKUP_NAME set, cannot make backup. \nDid you pass valid .env file?"
+    exit 5
+fi
+
+
+
+echo "######## Backup started at $(date) ########"
+
+borg create -v --stats                     \
+    --exclude-from backup_exclude.txt      \
+    $REPOSITORY::$BACKUP_NAME              \
+    /home/adam/docker
+
+echo "######### Backup Finished $(date) #########"
+
+
+