chnage releases

Déploiement_du_serveur.md

@@ -3,7 +3,7 @@ Le système est déployé avec [Yunohost](https://yunohost.org).
 Le service d'annuaire [LDAP](https://fr.wikipedia.org/wiki/LDAP_Data_Interchange_Format) pour le serveur Yunohost n'est pas compatibles avec toutes les applications hébergées. L'identification LDAP ne fonctionne que pour les mails (Roundcube), pour le Cloud Linux07 (Nextcloud), pour la Forge Linux07(Forgejo) et pour Mypads Linux07 (Etherpad_Mypads).
 
 
-> ! Certains utilisateurs du Cloud Linux07 (Nextcloud)  **ne sont pas connectés à l'annuaire LDAP**, ils ont un compte gratuit de 400 Mo et se sont inscrits par eux-même, leur compte à  été validé ensuite.
+> ! Certains utilisateurs du Cloud Linux07 (Nextcloud)  **ne sont pas connectés à l'annuaire LDAP**, ils ont un compte gratuit de 250 Mo et se sont inscrits par eux-même, leur compte à  été validé ensuite.
 
 Le serveur a été partitionner en LVM pour pouvoir alloué des volumes partitionnés à certains dossiers ou certaines applications, déplacés avec des `mount --bind`, sauf pour la partition `\var\mail` qui elle montée dans le fichier `/etc/fstab`.
 

Sauvegardes.md

@@ -7,18 +7,20 @@ Nous avons des sauvegardes locales journalières des données et du système sur
 
 Fichier de configuration des sauvegardes distantes vers BorgServer (machine auto-hébergé à l'adresse de l'association Linux07)
 
-**/etc/yunohost/hooks.d/backup_method/05-borg_app**
+**/etc/yunohost/hooks.d/backup_method/05-borg_app (mise à jour 2024)**
 
 ```
-#!/bin/bash
+#!/usr/bin/env bash
+set -Eeuo pipefail
 
-set -eo pipefail
-app="${0#"./05-"}"
-app="${app%"_app"}"
+borg="/var/www/borg/venv/bin/borg"
+app="borg"
 
-BORG_PASSPHRASE="$(yunohost app setting $app passphrase)"
-repo="$(yunohost app setting $app repository)"   #$4
-if ssh-keygen -F "[domain.tld]:6060" >/dev/null ; then
+BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
+BORG_REPO="$(yunohost app setting "$app" repository)"
+BORG_LOGGING_CONF="/var/www/borg/logging.conf"
+
+if ssh-keygen -F "[domainborgserver.tld]:xxxx" >/dev/null ; then
     BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
 else
     BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=no "
@@ -28,60 +30,52 @@ do_need_mount() {
     true
 }
 
-LOGFILE=/var/log/backup_borg.err
-log_with_timestamp() {
-  sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
-}
-
 do_backup() {
-    
     export BORG_PASSPHRASE
+    export BORG_REPO
     export BORG_RSH
+    export BORG_LOGGING_CONF
     export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
     work_dir="$1"
     name="$2"
-    repo="$3"
-    size="$4"
-    description="$5"
-    current_date=$(date +"%Y-%m-%d_%H:%M")
-    pushd "$work_dir"
+    size="$3"
+    description="$4"
     set +e
-    if borg init -e repokey "$repo" ; then
+    if ! "$borg" list > /dev/null 2>&1; then
+        "$borg" init -e repokey
         # human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
         # Speed in Kbps
         # speed=1000
         # evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
         echo "Hello,
 
-Your first backup on $repo is starting.
+Your first backup on $BORG_REPO is starting.
 
 This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
     fi
     set -e
 
-    borg create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp
-    popd
+    # About the {now} placeholder:
+    # https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
+    # In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
+    "$borg" create --stats "::${name}-{now}" "$work_dir"
 
-    # About thi _20 it's a crazy fix to avoid pruning wordpress__2 
-    # if you prune wordpress
-    borg prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
-    
-    # Prune legacy archive name without error on wordpress/wordpress__2
-    borg prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
+    "$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
 
     # We prune potential manual backup older than 1 year
-    borg prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp
+    "$borg" prune --list --keep-within 1y
 }
 
 do_mount() {
     export BORG_PASSPHRASE
+    export BORG_REPO
     export BORG_RSH
+    export BORG_LOGGING_CONF
     work_dir="$1"
     name="$2"
-    repo="$3"
-    size="$4"
-    description="$5"
-    borg mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
+    size="$3"
+    description="$4"
+    "$borg" mount "::$name" "$work_dir"
 }
 
 work_dir="$2"
@@ -92,13 +86,13 @@ description="$6"
 
 case "$1" in
   need_mount)
-    do_need_mount "$work_dir" "$name" "$repo" "$size" "$description"
+    do_need_mount "$work_dir" "$name" "$size" "$description"
     ;;
   backup)
-    do_backup "$work_dir" "$name" "$repo" "$size" "$description"
+    do_backup "$work_dir" "$name" "$size" "$description"
     ;;
   mount)
-    do_mount
+    do_mount "$work_dir" "$name" "$size" "$description"
     ;;
   *)
     echo "hook called with unknown argument \`$1'" >&2
@@ -114,14 +108,16 @@ Fichier de configuration des sauvegardes locales
 **/etc/yunohost/hooks.d/backup_method/05-borg__2_app**
 
 ```
-#!/bin/bash
+#!/usr/bin/env bash
+set -Eeuo pipefail
 
-set -eo pipefail
-app="${0#"./05-"}"
-app="${app%"_app"}"
+borg="/var/www/borg__2/venv/bin/borg"
+app="borg__2"
+
+BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
+BORG_REPO="$(yunohost app setting "$app" repository)"
+BORG_LOGGING_CONF="/var/www/borg__2/logging.conf"
 
-BORG_PASSPHRASE="$(yunohost app setting $app passphrase)"
-repo="$(yunohost app setting $app repository)"   #$4
 if ssh-keygen -F "" >/dev/null ; then
     BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
 else
@@ -132,60 +128,52 @@ do_need_mount() {
     true
 }
 
-LOGFILE=/var/log/backup_borg.err
-log_with_timestamp() {
-  sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
-}
-
 do_backup() {
-    
     export BORG_PASSPHRASE
+    export BORG_REPO
     export BORG_RSH
+    export BORG_LOGGING_CONF
     export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
     work_dir="$1"
     name="$2"
-    repo="$3"
-    size="$4"
-    description="$5"
-    current_date=$(date +"%Y-%m-%d_%H:%M")
-    pushd "$work_dir"
+    size="$3"
+    description="$4"
     set +e
-    if borg init -e repokey "$repo" ; then
+    if ! "$borg" list > /dev/null 2>&1; then
+        "$borg" init -e repokey
         # human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
         # Speed in Kbps
         # speed=1000
         # evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
         echo "Hello,
 
-Your first backup on $repo is starting.
+Your first backup on $BORG_REPO is starting.
 
 This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
     fi
     set -e
 
-    borg create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp
-    popd
+    # About the {now} placeholder:
+    # https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
+    # In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
+    "$borg" create --stats "::${name}-{now}" "$work_dir"
 
-    # About thi _20 it's a crazy fix to avoid pruning wordpress__2 
-    # if you prune wordpress
-    borg prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
-    
-    # Prune legacy archive name without error on wordpress/wordpress__2
-    borg prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
+    "$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
 
     # We prune potential manual backup older than 1 year
-    borg prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp
+    "$borg" prune --list --keep-within 1y
 }
 
 do_mount() {
     export BORG_PASSPHRASE
+    export BORG_REPO
     export BORG_RSH
+    export BORG_LOGGING_CONF
     work_dir="$1"
     name="$2"
-    repo="$3"
-    size="$4"
-    description="$5"
-    borg mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
+    size="$3"
+    description="$4"
+    "$borg" mount "::$name" "$work_dir"
 }
 
 work_dir="$2"
@@ -196,13 +184,13 @@ description="$6"
 
 case "$1" in
   need_mount)
-    do_need_mount "$work_dir" "$name" "$repo" "$size" "$description"
+    do_need_mount "$work_dir" "$name" "$size" "$description"
     ;;
   backup)
-    do_backup "$work_dir" "$name" "$repo" "$size" "$description"
+    do_backup "$work_dir" "$name" "$size" "$description"
     ;;
   mount)
-    do_mount
+    do_mount "$work_dir" "$name" "$size" "$description"
     ;;
   *)
     echo "hook called with unknown argument \`$1'" >&2