202 lines
No EOL
6 KiB
Markdown
202 lines
No EOL
6 KiB
Markdown
Pour la sécurité en cas de besoins de restauration des données:
|
|
|
|
Nous avons des sauvegardes locales journalières des données et du système sur le volume `/mnt/backups/borgarchives` de 1 To avec avec [Borg App](https://github.com/YunoHost-Apps/borg_ynh), plus une sauvegarde journalière (aussi avec Borg App), chiffrée sur un serveur Yunohost auto-hébergé où est installé [Borg Server](https://github.com/YunoHost-Apps/borgserver_ynh) sur un disque dur de 2 To.
|
|
|
|
> ! Il est tout de même conseillé malgré toutes ces précautions aux utilisateurs qui ont des données sur Nextcloud (Cloud Linux07) de bien faire des sauvegardes de temps à autres. Nous ne pouvons pas garantir à 100% de ne jamais rien perdre, mais nous faisons tout notre possible pour éviter de risquer de perdre vos données.
|
|
|
|
|
|
Fichier de configuration des sauvegardes distantes vers BorgServer (machine auto-hébergé à l'adresse de l'association Linux07)
|
|
|
|
**/etc/yunohost/hooks.d/backup_method/05-borg_app (mise à jour 2024)**
|
|
|
|
```
|
|
#!/usr/bin/env bash
|
|
set -Eeuo pipefail
|
|
|
|
borg="/var/www/borg/venv/bin/borg"
|
|
app="borg"
|
|
|
|
BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
|
|
BORG_REPO="$(yunohost app setting "$app" repository)"
|
|
BORG_LOGGING_CONF="/var/www/borg/logging.conf"
|
|
|
|
if ssh-keygen -F "[domainborgserver.tld]:xxxx" >/dev/null ; then
|
|
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
|
|
else
|
|
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=no "
|
|
fi
|
|
|
|
do_need_mount() {
|
|
true
|
|
}
|
|
|
|
do_backup() {
|
|
export BORG_PASSPHRASE
|
|
export BORG_REPO
|
|
export BORG_RSH
|
|
export BORG_LOGGING_CONF
|
|
export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
|
|
work_dir="$1"
|
|
name="$2"
|
|
size="$3"
|
|
description="$4"
|
|
set +e
|
|
if ! "$borg" list > /dev/null 2>&1; then
|
|
"$borg" init -e repokey
|
|
# human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
|
|
# Speed in Kbps
|
|
# speed=1000
|
|
# evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
|
|
echo "Hello,
|
|
|
|
Your first backup on $BORG_REPO is starting.
|
|
|
|
This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
|
|
fi
|
|
set -e
|
|
|
|
# About the {now} placeholder:
|
|
# https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
|
|
# In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
|
|
"$borg" create --stats "::${name}-{now}" "$work_dir"
|
|
|
|
"$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
|
|
|
|
# We prune potential manual backup older than 1 year
|
|
"$borg" prune --list --keep-within 1y
|
|
}
|
|
|
|
do_mount() {
|
|
export BORG_PASSPHRASE
|
|
export BORG_REPO
|
|
export BORG_RSH
|
|
export BORG_LOGGING_CONF
|
|
work_dir="$1"
|
|
name="$2"
|
|
size="$3"
|
|
description="$4"
|
|
"$borg" mount "::$name" "$work_dir"
|
|
}
|
|
|
|
work_dir="$2"
|
|
name="$3"
|
|
|
|
size="$5"
|
|
description="$6"
|
|
|
|
case "$1" in
|
|
need_mount)
|
|
do_need_mount "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
backup)
|
|
do_backup "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
mount)
|
|
do_mount "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
*)
|
|
echo "hook called with unknown argument \`$1'" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
exit 0
|
|
```
|
|
|
|
Fichier de configuration des sauvegardes locales
|
|
|
|
**/etc/yunohost/hooks.d/backup_method/05-borg__2_app**
|
|
|
|
```
|
|
#!/usr/bin/env bash
|
|
set -Eeuo pipefail
|
|
|
|
borg="/var/www/borg__2/venv/bin/borg"
|
|
app="borg__2"
|
|
|
|
BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
|
|
BORG_REPO="$(yunohost app setting "$app" repository)"
|
|
BORG_LOGGING_CONF="/var/www/borg__2/logging.conf"
|
|
|
|
if ssh-keygen -F "" >/dev/null ; then
|
|
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
|
|
else
|
|
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=no "
|
|
fi
|
|
|
|
do_need_mount() {
|
|
true
|
|
}
|
|
|
|
do_backup() {
|
|
export BORG_PASSPHRASE
|
|
export BORG_REPO
|
|
export BORG_RSH
|
|
export BORG_LOGGING_CONF
|
|
export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
|
|
work_dir="$1"
|
|
name="$2"
|
|
size="$3"
|
|
description="$4"
|
|
set +e
|
|
if ! "$borg" list > /dev/null 2>&1; then
|
|
"$borg" init -e repokey
|
|
# human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
|
|
# Speed in Kbps
|
|
# speed=1000
|
|
# evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
|
|
echo "Hello,
|
|
|
|
Your first backup on $BORG_REPO is starting.
|
|
|
|
This is an automated message from your beloved YunoHost server." | /usr/bin/mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "[YNH] First backup is starting" "root"
|
|
fi
|
|
set -e
|
|
|
|
# About the {now} placeholder:
|
|
# https://borgbackup.readthedocs.io/en/stable/usage/create.html#description
|
|
# In the archive name, you may use the following placeholders: {now}, {utcnow}, {fqdn}, {hostname}, {user} and some others.
|
|
"$borg" create --stats "::${name}-{now}" "$work_dir"
|
|
|
|
"$borg" prune --glob-archives "${name}-*" --list --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12
|
|
|
|
# We prune potential manual backup older than 1 year
|
|
"$borg" prune --list --keep-within 1y
|
|
}
|
|
|
|
do_mount() {
|
|
export BORG_PASSPHRASE
|
|
export BORG_REPO
|
|
export BORG_RSH
|
|
export BORG_LOGGING_CONF
|
|
work_dir="$1"
|
|
name="$2"
|
|
size="$3"
|
|
description="$4"
|
|
"$borg" mount "::$name" "$work_dir"
|
|
}
|
|
|
|
work_dir="$2"
|
|
name="$3"
|
|
|
|
size="$5"
|
|
description="$6"
|
|
|
|
case "$1" in
|
|
need_mount)
|
|
do_need_mount "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
backup)
|
|
do_backup "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
mount)
|
|
do_mount "$work_dir" "$name" "$size" "$description"
|
|
;;
|
|
*)
|
|
echo "hook called with unknown argument \`$1'" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
exit 0
|
|
``` |