diff --git a/backup-container b/backup-container index ff040f5..1ad989c 100755 --- a/backup-container +++ b/backup-container @@ -4,12 +4,15 @@ require 'pathname' require 'fileutils' require 'open3' -LXC_PATH=Pathname.new("/data/containers") +LXC_PATH = Pathname.new("/data/containers") BACKUP_LOCATIONS = %w{home srv etc usr/local} -CONFIG_PATH="/etc/lxc/container.json" -DUPLICITY_PATH= Pathname.new("/data/duplicity/") -BACKUP_PATH="file:///mnt/backup/duplicity" -FULL_BACKUP_COUNT=1 +CONFIG_PATH = "/etc/lxc/container.json" +BACKUP_PATH = "/mnt/backup/attic" +ATTIC_PATH = Pathname.new("/data/attic") +PASSWORD_FILE = ATTIC_PATH.join("passwordfile").to_s +KEEP_DAILY = 7 +KEEP_WEEKLY = 4 +KEEP_MONTHLY = 0 def load_config return JSON.load(File.open(CONFIG_PATH)) @@ -64,7 +67,7 @@ class Container if backupname.nil? abort("backupname not set for backup-scripts for container '#{@name}'") end - backupname = DUPLICITY_PATH.join(backupname.gsub("/", "")) + backupname = ATTIC_PATH.join(backupname.gsub("/", "")) FileUtils.mkdir_p(backupname) puts "cd #{backupname}" Dir.chdir(backupname) do @@ -79,37 +82,22 @@ class Container end end -Dir.chdir(DUPLICITY_PATH) do - config = load_config - backup_paths = BACKUP_LOCATIONS.map do |location| - "/#{location}" - end - config["network"].each do |container, data| +config = load_config +backup_paths = BACKUP_LOCATIONS.map do |location| + "/#{location}" +end +config["network"].each do |container, data| next if data["lxc"] == false container = Container.new(container, data["backup-paths"], data["backup-scripts"]) - backup_paths += container.backup_paths - backup_paths += container.run_backup_scripts - end - gpg_args = ["--sign-key", "AF5834A6", "--encrypt-key", "AF5834A6", "--gpg-options", "--secret-keyring ./duplicity.sec --keyring ./duplicity.pub"] - args = ["--archive-dir", "cache", "--log-file", "/var/log/duplicity.log"] + gpg_args - backup_args = args + ["--verbosity", "notice", - "--full-if-older-than", "30D", - "--num-retries", "3", - "--asynchronous-upload", - "--volsize", "250", - "--include-globbing-filelist", "/dev/stdin", "--exclude", "**", - "/", BACKUP_PATH] - env = { "PASSPHRASE" => File.read("pgp-passphrase") } - sh("find", "cache", "-type", "f", "-name", "lockfile.lock", "-exec", "rm -f {} ;") - sh("duplicity", env, "cleanup", "--force", BACKUP_PATH, *args) - stdin, stdout, stderr = Open3.popen3(env, "duplicity", *backup_args) - backup_paths.each do |path| - stdin.puts(path) - puts(path) - end - stdin.close - puts stdout.read - puts stderr.read - sh("duplicity", env, "remove-older-than", "30D", "--force", BACKUP_PATH, *args) - sh("duplicity", env, "remove-all-inc-of-but-n-full", FULL_BACKUP_COUNT.to_s, "--force", BACKUP_PATH, *args) + backup_paths += container.backup_paths + backup_paths += container.run_backup_scripts end + +env = { "ATTIC_PASSPHRASE" => File.read(PASSWORD_FILE).chomp } +now = Time.now.strftime("%Y-%m-%d-%H:%M:%S") +paths = backup_paths.map {|path| path.to_s } +sh("attic", env, "create", "--stats", "#{BACKUP_PATH}::eve-#{now}", *paths) +sh("attic", env, "prune", "-v", BACKUP_PATH, + "--keep-daily", KEEP_DAILY.to_s, + "--keep-weekly", KEEP_WEEKLY.to_s, + "--keep-monthly", KEEP_MONTHLY.to_s)