chnage releases

This commit is contained in:
rodinux 2024-09-07 14:39:33 +02:00
parent d3e76bf4a5
commit 5e7fb2acc8
2 changed files with 73 additions and 85 deletions

View file

@ -3,7 +3,7 @@ Le système est déployé avec [Yunohost](https://yunohost.org).
Le service d'annuaire [LDAP](https://fr.wikipedia.org/wiki/LDAP_Data_Interchange_Format) pour le serveur Yunohost n'est pas compatibles avec toutes les applications hébergées. L'identification LDAP ne fonctionne que pour les mails (Roundcube), pour le Cloud Linux07 (Nextcloud), pour la Forge Linux07(Forgejo) et pour Mypads Linux07 (Etherpad_Mypads). Le service d'annuaire [LDAP](https://fr.wikipedia.org/wiki/LDAP_Data_Interchange_Format) pour le serveur Yunohost n'est pas compatibles avec toutes les applications hébergées. L'identification LDAP ne fonctionne que pour les mails (Roundcube), pour le Cloud Linux07 (Nextcloud), pour la Forge Linux07(Forgejo) et pour Mypads Linux07 (Etherpad_Mypads).
> ! Certains utilisateurs du Cloud Linux07 (Nextcloud) **ne sont pas connectés à l'annuaire LDAP**, ils ont un compte gratuit de 400 Mo et se sont inscrits par eux-même, leur compte à été validé ensuite. > ! Certains utilisateurs du Cloud Linux07 (Nextcloud) **ne sont pas connectés à l'annuaire LDAP**, ils ont un compte gratuit de 250 Mo et se sont inscrits par eux-même, leur compte à été validé ensuite.
Le serveur a été partitionner en LVM pour pouvoir alloué des volumes partitionnés à certains dossiers ou certaines applications, déplacés avec des `mount --bind`, sauf pour la partition `\var\mail` qui elle montée dans le fichier `/etc/fstab`. Le serveur a été partitionner en LVM pour pouvoir alloué des volumes partitionnés à certains dossiers ou certaines applications, déplacés avec des `mount --bind`, sauf pour la partition `\var\mail` qui elle montée dans le fichier `/etc/fstab`.

View file

@ -7,18 +7,20 @@ Nous avons des sauvegardes locales journalières des données et du système sur
Fichier de configuration des sauvegardes distantes vers BorgServer (machine auto-hébergé à l'adresse de l'association Linux07) Fichier de configuration des sauvegardes distantes vers BorgServer (machine auto-hébergé à l'adresse de l'association Linux07)
**/etc/yunohost/hooks.d/backup_method/05-borg_app** **/etc/yunohost/hooks.d/backup_method/05-borg_app (mise à jour 2024)**
``` ```
#!/bin/bash #!/usr/bin/env bash
set -Eeuo pipefail
set -eo pipefail borg="/var/www/borg/venv/bin/borg"
app="${0#"./05-"}" app="borg"
app="${app%"_app"}"
BORG_PASSPHRASE="$(yunohost app setting $app passphrase)" BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
repo="$(yunohost app setting $app repository)" #$4 BORG_REPO="$(yunohost app setting "$app" repository)"
if ssh-keygen -F "[domain.tld]:6060" >/dev/null ; then BORG_LOGGING_CONF="/var/www/borg/logging.conf"
if ssh-keygen -F "[domainborgserver.tld]:xxxx" >/dev/null ; then
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes " BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
else else
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=no " BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=no "
@ -28,60 +30,52 @@ do_need_mount() {
true true
} }
LOGFILE=/var/log/backup_borg.err
log_with_timestamp() {
sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
}
do_backup() { do_backup() {
export BORG_PASSPHRASE export BORG_PASSPHRASE
export BORG_REPO
export BORG_RSH export BORG_RSH
export BORG_LOGGING_CONF
export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
work_dir="$1" work_dir="$1"
name="$2" name="$2"
repo="$3" size="$3"
size="$4" description="$4"
description="$5"
current_date=$(date +"%Y-%m-%d_%H:%M")
pushd "$work_dir"
set +e set +e
if borg init -e repokey "$repo" ; then if ! "$borg" list > /dev/null 2>&1; then
#human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'` "$borg" init -e repokey
# Speed in Kbps # human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
#speed=1000 # Speed in Kbps
#evaluated_time=$(($size / ($speed * 1000 / 8) / 3600)) # speed=1000
echo "Hello, # evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
echo "Hello,
Your first backup on $repo is starting. Your first backup on $BORG_REPO is starting.
This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root" This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
fi fi
set -e set -e
borg create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp # About the {now} placeholder:
popd # https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
# In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
"$borg" create --stats "::${name}-{now}" "$work_dir"
# About thi _20 it's a crazy fix to avoid pruning wordpress__2 "$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
# if you prune wordpress
borg prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# Prune legacy archive name without error on wordpress/wordpress__2
borg prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# We prune potential manual backup older than 1 year # We prune potential manual backup older than 1 year
borg prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp "$borg" prune --list --keep-within 1y
} }
do_mount() { do_mount() {
export BORG_PASSPHRASE export BORG_PASSPHRASE
export BORG_REPO
export BORG_RSH export BORG_RSH
export BORG_LOGGING_CONF
work_dir="$1" work_dir="$1"
name="$2" name="$2"
repo="$3" size="$3"
size="$4" description="$4"
description="$5" "$borg" mount "::$name" "$work_dir"
borg mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
} }
work_dir="$2" work_dir="$2"
@ -92,13 +86,13 @@ description="$6"
case "$1" in case "$1" in
need_mount) need_mount)
do_need_mount "$work_dir" "$name" "$repo" "$size" "$description" do_need_mount "$work_dir" "$name" "$size" "$description"
;; ;;
backup) backup)
do_backup "$work_dir" "$name" "$repo" "$size" "$description" do_backup "$work_dir" "$name" "$size" "$description"
;; ;;
mount) mount)
do_mount do_mount "$work_dir" "$name" "$size" "$description"
;; ;;
*) *)
echo "hook called with unknown argument \`$1'" >&2 echo "hook called with unknown argument \`$1'" >&2
@ -114,14 +108,16 @@ Fichier de configuration des sauvegardes locales
**/etc/yunohost/hooks.d/backup_method/05-borg__2_app** **/etc/yunohost/hooks.d/backup_method/05-borg__2_app**
``` ```
#!/bin/bash #!/usr/bin/env bash
set -Eeuo pipefail
set -eo pipefail borg="/var/www/borg__2/venv/bin/borg"
app="${0#"./05-"}" app="borg__2"
app="${app%"_app"}"
BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
BORG_REPO="$(yunohost app setting "$app" repository)"
BORG_LOGGING_CONF="/var/www/borg__2/logging.conf"
BORG_PASSPHRASE="$(yunohost app setting $app passphrase)"
repo="$(yunohost app setting $app repository)" #$4
if ssh-keygen -F "" >/dev/null ; then if ssh-keygen -F "" >/dev/null ; then
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes " BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
else else
@ -132,60 +128,52 @@ do_need_mount() {
true true
} }
LOGFILE=/var/log/backup_borg.err
log_with_timestamp() {
sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
}
do_backup() { do_backup() {
export BORG_PASSPHRASE export BORG_PASSPHRASE
export BORG_REPO
export BORG_RSH export BORG_RSH
export BORG_LOGGING_CONF
export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
work_dir="$1" work_dir="$1"
name="$2" name="$2"
repo="$3" size="$3"
size="$4" description="$4"
description="$5"
current_date=$(date +"%Y-%m-%d_%H:%M")
pushd "$work_dir"
set +e set +e
if borg init -e repokey "$repo" ; then if ! "$borg" list > /dev/null 2>&1; then
#human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'` "$borg" init -e repokey
# Speed in Kbps # human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
#speed=1000 # Speed in Kbps
#evaluated_time=$(($size / ($speed * 1000 / 8) / 3600)) # speed=1000
echo "Hello, # evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
echo "Hello,
Your first backup on $repo is starting. Your first backup on $BORG_REPO is starting.
This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root" This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
fi fi
set -e set -e
borg create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp # About the {now} placeholder:
popd # https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
# In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
"$borg" create --stats "::${name}-{now}" "$work_dir"
# About thi _20 it's a crazy fix to avoid pruning wordpress__2 "$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
# if you prune wordpress
borg prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# Prune legacy archive name without error on wordpress/wordpress__2
borg prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# We prune potential manual backup older than 1 year # We prune potential manual backup older than 1 year
borg prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp "$borg" prune --list --keep-within 1y
} }
do_mount() { do_mount() {
export BORG_PASSPHRASE export BORG_PASSPHRASE
export BORG_REPO
export BORG_RSH export BORG_RSH
export BORG_LOGGING_CONF
work_dir="$1" work_dir="$1"
name="$2" name="$2"
repo="$3" size="$3"
size="$4" description="$4"
description="$5" "$borg" mount "::$name" "$work_dir"
borg mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
} }
work_dir="$2" work_dir="$2"
@ -196,13 +184,13 @@ description="$6"
case "$1" in case "$1" in
need_mount) need_mount)
do_need_mount "$work_dir" "$name" "$repo" "$size" "$description" do_need_mount "$work_dir" "$name" "$size" "$description"
;; ;;
backup) backup)
do_backup "$work_dir" "$name" "$repo" "$size" "$description" do_backup "$work_dir" "$name" "$size" "$description"
;; ;;
mount) mount)
do_mount do_mount "$work_dir" "$name" "$size" "$description"
;; ;;
*) *)
echo "hook called with unknown argument \`$1'" >&2 echo "hook called with unknown argument \`$1'" >&2