Initial commit

.env.sample

+host="CHANGEME"
+user="CHANGEME"
+ftppass="CHANGEME"
+encpass='CHANGEME'
+
+bckplist="/root /etc /srv /var/www /usr /lib /opt /var/opt /var/lib/docker/volumes/ /home"
+remotedir="bckp_`hostname`"
+
+
+BK_FULL_FREQ="3W" # create a new full backup every...
+BK_FULL_LIFE="2M" # delete any backup older than this
+BK_KEEP_FULL="2"  # How many full+inc cycle to keep
+
+pre_actions(){
+    if [ ! -z "$(which mysql)" ]; then
+        mysqldump --events --single-transaction --flush-logs --all-databases \
+            | gzip > /root/db.sql.gz
+        exit_on_fail $? "Backup mysql databses"
+    fi
+    if [ ! -z "$(which gitlab-ctl)" ]; then
+        /usr/bin/gitlab-rake  gitlab:backup:create
+        backup_path=`grep "'backup_path'" /etc/gitlab/gitlab.rb  | sed 's/^.*= "\(.*\)"$/\1/'`
+        exit_on_fail $? "Backup gitlab"
+        if [ -d "$backup_path" ]; then
+            /bin/ls -dt $backup_path/* | tail -n +11 | xargs rm -rf
+        fi
+    fi
+}

Readme.md

+## Duplicity-backup
+
+Duplicity based backup for ftp servers
+
+
+## Install
+
+```sh
+git clone https://gitlab.tetras-libre.fr/nocloud/duplicity-ftp-backup
+cp .env.sample .env
+```
+
+Adapt `.env`
+
+Then add a cronjob like
+
+```
+0 1 * * 1,3,5,7 /root/duplicity-ftp-backup/backup.sh > /var/log/bckp.log 2>&1
+```

backup.sh

+#!/bin/bash
+
+DIR=$(realpath $(dirname $0))
+source $DIR/inc.sh
+
+exit_on_fail(){
+        [ $1 -ne 0 ] && leave $@
+        echo "Done"
+}
+
+retrie_on_fail(){
+        cat <<EOF | lftp $host
+user $user $ftppass
+
+rm -rf $remotedir
+mkdir $remotedir
+EOF
+backup "cleaned"
+leave $?
+}
+
+backup(){
+
+        retries=$1
+        shift
+        export PASSPHRASE="$encpass"
+        export FTP_PASSWORD="$ftppass"
+        #set -x
+
+        echo "Removing old backups"
+        /usr/bin/duplicity remove-older-than $BK_FULL_LIFE \
+                --force ftp://$user@$host/$remotedir/
+        /usr/bin/duplicity remove-all-inc-of-but-n-full $BK_KEEP_FULL \
+                --force ftp://$user@$host/$remotedir/
+        /usr/bin/duplicity remove-all-but-n-full $BK_KEEP_FULL \
+                --force ftp://$user@$host/$remotedir/
+
+        echo "Running pre_actions"
+        pre_actions
+        echo "Creating encrypted incremental backup: $bckplist "
+        /usr/bin/duplicity \
+                --full-if-older-than $BK_FULL_FREQ \
+                --include ${bckplist// / --include } \
+                --exclude '**' \
+                / ftp://$user@$host/$remotedir/
+        ret=$?
+        if [ -z "$retries" ]
+        then
+                retrie_on_fail $ret "Duplicity failed"
+        else
+                exit_on_fail $ret "Duplicity failed"
+        fi
+
+        echo "Backup completed"
+
+        echo "Cleaning"
+        /usr/bin/duplicity cleanup --force --extra-clean ftp://$user@$host/$remotedir/
+        echo "Removing backup cache"
+        rm -rf /root/.cache/duplicity/
+        echo "Backups state"
+        /usr/bin/duplicity collection-status ftp://$user@$host/$remotedir/
+        #set +x
+        unset PASSPHRASE
+        unset FTP_PASSWORD
+        echo "All Done"
+}
+backup
+leave $?

clear_backup.sh

+#!/bin/bash
+
+DIR=$(realpath $(dirname $0))
+source $DIR/inc.sh
+
+BK_FULL_FREQ="1M" # create a new full backup every...
+BK_FULL_LIFE="2M" # delete any backup older than this
+BK_KEEP_FULL="0"  # How many full+inc cycle to keep
+
+
+export PASSPHRASE="$encpass"
+export FTP_PASSWORD="$ftppass"
+#set -x
+
+echo "Removing old backups"
+/usr/bin/duplicity remove-older-than $BK_FULL_LIFE \
+        --force ftp://$user@$host/$remotedir/
+/usr/bin/duplicity remove-all-inc-of-but-n-full $BK_KEEP_FULL \
+        --force ftp://$user@$host/$remotedir/
+/usr/bin/duplicity remove-all-but-n-full $BK_KEEP_FULL \
+        --force ftp://$user@$host/$remotedir/
+
+/usr/bin/duplicity collection-status ftp://$user@$host/$remotedir/
+
+echo "Cleaning"
+/usr/bin/duplicity cleanup --force --extra-clean ftp://$user@$host/$remotedir/
+echo "Removing backup cache"
+rm -rf /root/.cache/duplicity/
+echo "Backups state"
+/usr/bin/duplicity collection-status ftp://$user@$host/$remotedir/
+#set +x
+unset PASSPHRASE
+unset FTP_PASSWORD
+echo "All Done"
+leave 0

inc.sh

+#!/bin/bash
+
+DIR=$(realpath $(dirname $0))
+source $DIR/.env
+
+# Exit the script and sendmail
+# $1 : exit code
+# $2 : message
+leave(){
+        subject="[ `hostname` ] Backup"
+        if [ $1 -eq 0 ]
+        then
+                subject="$subject successful"
+        else
+                subject="$subject failed"
+        fi
+cat << EOF | /usr/sbin/sendmail -t root
+Subject: $subject
+
+The backup on `hostname` ended with code $1.
+
+$2
+
+For more information see /var/log/bckp.log
+
+Best regards,
+
+EOF
+        exit $1
+}
+
+if [ `whoami` != "root" ]
+then
+        echo "this script must be run as root"
+        exit 1
+fi