pratik/wordpress_borg_backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Pratik
2020-01-13 15:44:02 +05:30
parent 47192d84bd
commit 714ca3bbc3
2 changed files with 45 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
README.md
View File

@@ -3,13 +3,14 @@
Bash script that simplifies Borg backup for Wordpress websites. Bash script that simplifies Borg backup for Wordpress websites.
## Purpose ## Purpose
Make backup easy for a server running multiple Wordpress websites.
_borg_ is an amazing backup solution, but if you have multiple websites running on the same server - you wpuld need to create a script each for those websites for automating _borg_ backup. You would also need to spend sometime manually initializing a new repo for each of those websites, generate a passphrase, copy the passphrase immediately, _export_ the passphrase in a new script. Make backup easy for a server running multiple Wordpress websites.
This script is designed specifically to ease those issues. You provide where your Wordpress is installed and where you want the backup to be stored and a unique name for the website - the script takes care of the rest. It'll create a strong enough passphrase, initialize the repo, then perform the actual backup. _borg_ is an amazing backup solution, but if you have multiple websites running on the same server - you would need to create a script for each of those websites, for automating _borg_ backup. You would also need to spend sometime manually initializing a new repo for each of those websites, generate a passphrase for each, copy the passphrases immediately, `export` the passphrases in a new script.
On subsequent executions, it'll read the passphrase file and perform an incremental backup.**** This script eases those issues. Provide where your Wordpress is installed and where you want the backup to be stored and a unique name for the website - this script takes care of the rest. It'll create a strong enough passphrase, initialize the repo, then perform the actual backup.
On subsequent executions, it'll read the passphrase file and perform an incremental backup.
## Status ## Status
@@ -19,8 +20,9 @@ NEEDS FURTHER TESTING.
## Usage ## Usage
### Prerequisites ### Prerequisites
- Any Linux distribution that support "_apt_"
- A user having _sudo_ access to the server - Any Linux distribution that support `apt`
- A user having `sudo` access to the server
### Examples ### Examples
@@ -35,7 +37,7 @@ $ wget -q https://raw.githubusercontent.com/pratiktri/wordpress_borg_backup
### Available Options ### Available Options
Run the script with below option (--help or -h) to see all available options:- Run the script with below option (`--help` or `-h`) to see all available options:-
```console ```console
$ sudo ./wp_borg_backup.sh --help $ sudo ./wp_borg_backup.sh --help
@@ -46,7 +48,7 @@ Usage:
-wp_src, --wp-source-dir Directory where your WordPress website is stored -wp_src, --wp-source-dir Directory where your WordPress website is stored
--backup-dir Directory where backup files will be stored --backup-dir Directory where backup files will be stored
-quota, --storage-quota [Optional] Unlimited by default -quota, --storage-quota [Optional] Unlimited by default
When supplied backups would never exceed this capacity. When supplied backups would never exceed this capacity.
Older backups will automatically be deleted to make room for new ones. Older backups will automatically be deleted to make room for new ones.
-passdir, --passphrase-dir [Optional] /home/[user]/.config/borg by default -passdir, --passphrase-dir [Optional] /home/[user]/.config/borg by default
Backups keys are stored (in plain-text) at this location. Backups keys are stored (in plain-text) at this location.
@@ -61,33 +63,39 @@ Usage:
### What does the script do? ### What does the script do?
- Install _borgbackup_ if not installed - Install _**borgbackup**_ if not installed
- Install _wp-cli_ if not installed - Install _**wp-cli**_ if not installed
- Backup the Wordpress database using _wp-cli_ - Backup the Wordpress database using _**wp-cli**_
- Initialize _borg_ repository if --backup-dir is empty - Initialize _**borg**_ repository if **--backup-dir** is empty
- Generates a passphrase - Generates a passphrase
- Saves the passphrase to /home/[user]/.config/borg directory - Saves the passphrase to **/home/[user]/.config/borg** directory
- Secures the passphrase file by "chmod 400" - Secures the passphrase file by making it readable only to the root user (`chmod 400`)
- Performs the backup - Performs the backup
## FAQ ## FAQ
Q - Is the passphrase saved on the server in plain-text
Ans - Yes. Q - Is the passphrase saved on the server in plain-text?
Ans - Yes.
However, it does restrict access to the file only to _root_ user. If someone has access to your server and can access a file restricted to _root_ - then they would just go to the website folder itself to do any damage. You should sync your backup regularly to other locations for more protection. However, it does restrict access to the file only to _root_ user. If someone has access to your server and can access a file restricted to _root_ - then they would just go to the website folder itself to do any damage. You should sync your backup regularly to other locations for more protection.
If you do not like that, edit the script to add the following line to top of the file. If you do not like that, edit the script to add the following line to top of the file.
``` ```
export BORG_PASSPHRASE=[your-passphrase] export BORG_PASSPHRASE=[your-passphrase]
``` ```
Q - Does this auto schedule backup
Ans - No
You would need to do that manually.
### Roadmap ### Roadmap
- [ ] Pretty print console output - [ ] Pretty print console output
- [ ] Test on - [ ] Test on
- [ ] Ubuntu 18.08 - [ ] Ubuntu 18.08
- [ ] Ubuntu 18.04 - [ ] Ubuntu 18.04
- [ ] Ubuntu 16.04 - [ ] Ubuntu 16.04
@@ -109,4 +117,3 @@ distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
**

22
wp_borg_backup.sh
View File

@@ -33,7 +33,6 @@
# Health check # Health check
# Best Practice # Best Practice
# Enable Bash Strict mode
# Pretty print STDOUT # Pretty print STDOUT
# TODO - Check on other OSes # TODO - Check on other OSes
@@ -41,6 +40,16 @@
# Debian 8, 9 # Debian 8, 9
# Tested on Debian 10 # Tested on Debian 10
#### Bash Strict mode
# Catch the error in case mysqldump fails (but gzip succeeds) in `mysqldump |gzip`
set -o pipefail
# Exit on error. Append "|| true" if you expect an error.
set -o errexit
# Do not allow use of undefined vars. Use ${VAR:-} to use an undefined VAR
set -o nounset
# Exit on error inside any functions or subshells.
set -o errtrace
# No root - no good # No root - no good
[[ "$(id --user)" != "0" ]] && { [[ "$(id --user)" != "0" ]] && {
echo -e "ERROR: You must be root to run this script.\nUse sudo and execute the script again." echo -e "ERROR: You must be root to run this script.\nUse sudo and execute the script again."
@@ -162,7 +171,7 @@ main() {
esac esac
done done
# Check if mandatory items were provided or not # Check if mandatory items were provided
if [[ -z "${project_name}" ]]; then if [[ -z "${project_name}" ]]; then
echo "ERROR: Script requires a project name (--project-name | -pname) parameter" 2>STDERR echo "ERROR: Script requires a project name (--project-name | -pname) parameter" 2>STDERR
usage usage
@@ -181,7 +190,7 @@ main() {
exit 8 exit 8
fi fi
# if blank - do something # if blank - do nothing
if [[ -n "${storage_quota}" ]]; then if [[ -n "${storage_quota}" ]]; then
storage_quota="--storage-quota=${storage_quota}" storage_quota="--storage-quota=${storage_quota}"
fi fi
@@ -226,7 +235,7 @@ main() {
fi fi
fi fi
#If borg is currently running AND it is backing up the same website - quit # If borg is currently running AND is backing up the same website -> quit
if (pidof -x borg > /dev/null) && $(pgrep --list-full --count "${wp_src_dir}") -gt 0 ; then if (pidof -x borg > /dev/null) && $(pgrep --list-full --count "${wp_src_dir}") -gt 0 ; then
echo "${wp_src_dir} is being backed up from another process" 2>STDERR | tee -a "${LOGFILE}" echo "${wp_src_dir} is being backed up from another process" 2>STDERR | tee -a "${LOGFILE}"
echo "This process will now exit" 2>STDERR | tee -a "${LOGFILE}" echo "This process will now exit" 2>STDERR | tee -a "${LOGFILE}"
@@ -241,7 +250,7 @@ main() {
echo "Successfully Installed wp-cli" | tee -a "${LOGFILE}" echo "Successfully Installed wp-cli" | tee -a "${LOGFILE}"
else else
wp_cli_installed="$?" wp_cli_installed="$?"
echo "ERROR: Could not install wp-cli. Program will continue to backup the site data..." 2>STDERR | tee -a "${LOGFILE}" echo "ERROR: Could not install wp-cli. Script will continue to backup the site data..." 2>STDERR | tee -a "${LOGFILE}"
fi fi
fi fi
@@ -260,6 +269,7 @@ main() {
readonly directory_owner=$(stat --format='%U' "${wp_src_dir}") readonly directory_owner=$(stat --format='%U' "${wp_src_dir}")
sudo -u "${directory_owner}" wp db --quiet export "/tmp/${TS}_database.sql" --add-drop-table --path="${wp_src_dir}" sudo -u "${directory_owner}" wp db --quiet export "/tmp/${TS}_database.sql" --add-drop-table --path="${wp_src_dir}"
# Extra mv step required as the owner of the wordpress directory (sudo -u) may not have access to backup directory
if mv "/tmp/${TS}"_database.sql "${bkp_DB_dir}/${TS}_database.sql" >> "${LOGFILE}" 2>&1; then if mv "/tmp/${TS}"_database.sql "${bkp_DB_dir}/${TS}_database.sql" >> "${LOGFILE}" 2>&1; then
echo "DB backed up successfully" | tee -a "${LOGFILE}" echo "DB backed up successfully" | tee -a "${LOGFILE}"
else else
@@ -334,7 +344,7 @@ main() {
export BORG_PASSPHRASE="${borg_passphrase}" export BORG_PASSPHRASE="${borg_passphrase}"
# Do the actual backup # Do the actual backup
# We run it on a lower priority so it does not disturb others # We run it on a lower IO priority so it does not disturb other processes
if ionice -c 2 -n 7 borg create \ if ionice -c 2 -n 7 borg create \
--verbose \ --verbose \
--filter AMEsd \ --filter AMEsd \