commit 5352f085a4cbf80cc16b62ce32534b35d14414db Author: Peter Ĺ urda Date: Wed Apr 6 11:51:24 2022 +0800 Initial commit diff --git a/ISRG_Root_X1.crt b/ISRG_Root_X1.crt new file mode 100644 index 0000000..b85c803 --- /dev/null +++ b/ISRG_Root_X1.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/SHA-2_Root_USERTrust_RSA_Certification_Authority.crt b/SHA-2_Root_USERTrust_RSA_Certification_Authority.crt new file mode 100644 index 0000000..e69de29 diff --git a/backupfs.sh b/backupfs.sh new file mode 100755 index 0000000..0438b4f --- /dev/null +++ b/backupfs.sh @@ -0,0 +1,203 @@ +#!/bin/bash + +# Load config + +if [ ! -f /etc/default/backupfs ]; then + echo "/etc/default/backupfs missing" + exit 1 +fi + +. /etc/default/backupfs + +declare -A dumptool +dumptool[ext2]=dump +dumptool[ext3]=dump +dumptool[ext4]=dump +dumptool[btrfs]=btrfs + +adjustpath () +{ + havesbin=1 + haveusrsbin=1 + for i in `echo $PATH|tr : " "`;do + [ "$i" == "/sbin" ] && havesbin=0 + [ "$i" == "/usr/sbin" ] && haveusrsbin=0 + done + [ $havesbin -eq 0 ] || export PATH="/sbin:$PATH" + [ $haveusrsbin -eq 0 ] || export PATH="/usr/sbin:$PATH" +} + +checkdeps () +{ + which curl > /dev/null + if [ $? -ne 0 ]; then + echo "curl missing, existing" + exit 1 + fi + which gpg > /dev/null + if [ $? -ne 0 ]; then + echo "gpg missing, existing" + exit 1 + fi + for fs in "${!dumptool[@]}"; do + if [ -n "`mount -t $fs`" ]; then + which ${dumptool[$fs]} > /dev/null + if [ $? -ne 0 ]; then + echo "You have a $fs filesystem but ${dumptool[$fs]} is missing" + exit 1 + fi + fi + done +} + +checkval () +{ + if [ -z "$url" ]; then + echo "No target url specified, exiting" + exit 1 + fi + if [ -z "$encryptto" ]; then + echo "No encrypt to specified, exiting" + exit 1 + fi + gpg --list-key "$encryptto" > /dev/null + if [ $? -ne 0 ]; then + gpg --recv-keys "$encryptto" + gpg --list-key "$encryptto" > /dev/null + if [ $? -ne 0 ]; then + echo "PGP key missing" + exit 1 + fi + fi +} + +lock () +{ + PID=`cat ~/.backuplock 2> /dev/null` + if [ -n "$PID" ]; then + if [ -d "/proc/$PID" ]; then + if [ "`readlink /proc/$PID/exe`" == "/bin/bash" ]; then + echo "Locked, exiting" + exit 1 + fi + fi + fi + echo -n $$ > ~/.backuplock +} + +fsdetect () +{ + local mountpoint=${1} + local device="`mount |grep " on $mountpoint "|cut -d\ -f1`" + fstype=`/sbin/blkid -o value -s TYPE ${device}` +} + +mptobname () +{ + # mountpoint + bname="`echo ${1}|tr / _`" +} + +mptofname () +{ + # mountpoint, level, extension + hn=`hostname` + fname="`echo ${hn}-${date}-${1}-${2}.${3}|tr / _`" +} + +checkbtrfs () +{ + true +} + +docurl () +{ + local source="${1}" + local destination="${2}" + curl --no-buffer --data-binary @"${source}" -XPUT $url/"${destination}" +} + +dumpbtrfs () +{ + mountpoint=${1} + checkbtrfs + mptobname ${mountpoint} ${level} + # TODO del if exists + btrfs subvolume snapshot -r ${mountpoint} /snapshot/current + btrfs subvolume snapshot -r /snapshot/current /snapshot/$bname-$level + btrfs subvolume delete /snapshot/current + + fname="${hostname}-${date}-${bname}-${level}.snap.gpg" + if [ $level -eq 0 ]; then + #btrfs send /snapshots/$bname-$level | xz -6e -T0|gpg --encrypt -r dev@mailchuck.com " | docurl "${fname}" + true + else + plevel=$(($level - 1)) + #btrfs send -p /snapshots/$bname-$plevel /snapshots/$bname-$level | xz -6e -T0|gpg --encrypt -r $encryptto | docurl "${fname}" + true + fi +} + +dumpextfs () +{ + mountpoint=${1} + mptobname ${mountpoint} ${level} + fname="${hostname}-${date}-${bname}-${level}.dump.gpg" + tmp_file="$(mktemp)" + echo "dumping $mountpoint into $fname (temp $tmp_file)" + dump -${level}uj -h 0 ${mountpoint} -f -|gpg --encrypt -r $encryptto > "${tmp_file}" + docurl "${tmp_file}" "${fname}" + rm -f "${tmp_file}" +} + +dodump () +{ + for fs in "${!dumptool[@]}"; do + for mpt in `mount -t $fs|cut -d\ -f3`; do + if [ -z "$mpt" ]; then + continue + fi + echo "Dumping $mpt as $fs" + if [ "$fs" == "btrfs" ]; then + dumpbtrfs $mpt $level + elif [ "$fs" == "ext2" -o "$fs" == "ext3" -o "$fs" == "ext4" ]; then + dumpextfs $mpt $level + fi + done + done +} + +adjustpath +checkdeps +checkval +umask 077 +renice 19 $$ &> /dev/null +ionice -c 3 -p $$ +lock + +#date=`date +%y-%m-%d` +hostname=`hostname|cut -d. -f1` +dom=`date +%d` +dow=`date +%w` +date=`date +%y%m%d` +level=$(($dow+1)) +if [ $dow -eq 0 ];then # sunday + if [ $dom -le 7 ];then # first sunday in month + level=0 + else + level=1 + fi +fi +if [ "$1" == "0" -o "$1" == "1" -o "$1" == "2" ] +then + level="$1" +fi + +dodump + +rm ~/.backuplock + +echo "All OK" +exit 0 + +# vim: tabstop=2