Minor updates to backup/restoration reliability

This commit is contained in:
Derek Smith 2022-10-08 19:30:34 -04:00
parent 472ac25617
commit 897e75b016
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
3 changed files with 34 additions and 24 deletions

View File

@ -27,10 +27,10 @@ fi
DOMAIN_NAME= DOMAIN_NAME=
RESTORE_ARCHIVE= RESTORE_ARCHIVE=
VPS_HOSTING_TARGET=lxd VPS_HOSTING_TARGET=lxd
RUN_CERT_RENEWAL=true RUN_CERT_RENEWAL=false
RESTORE_WWW=false RESTORE_WWW=false
BACKUP_CERTS=false BACKUP_CERTS=true
BACKUP_APPS=false BACKUP_APPS=true
BACKUP_BTCPAY=false BACKUP_BTCPAY=false
RESTORE_BTCPAY=false RESTORE_BTCPAY=false
MIGRATE_WWW=false MIGRATE_WWW=false

View File

@ -21,8 +21,11 @@ fi
ssh "$PRIMARY_WWW_FQDN" sudo rm -rf "$REMOTE_SOURCE_BACKUP_PATH" ssh "$PRIMARY_WWW_FQDN" sudo rm -rf "$REMOTE_SOURCE_BACKUP_PATH"
# scp our local backup directory to the remote machine # scp our local backup directory to the remote machine
ssh "$PRIMARY_WWW_FQDN" "sudo mkdir -p $REMOTE_BACKUP_PATH && sudo chown ubuntu:ubuntu $REMOTE_BACKUP_PATH" ssh "$PRIMARY_WWW_FQDN" sudo mkdir -p "$REMOTE_BACKUP_PATH"
ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_BACKUP_PATH"
scp -r "$LOCAL_BACKUP_PATH" "$PRIMARY_WWW_FQDN:$REMOTE_BACKUP_PATH" scp -r "$LOCAL_BACKUP_PATH" "$PRIMARY_WWW_FQDN:$REMOTE_BACKUP_PATH"
# now we run duplicity to restore the archive. # now we run duplicity to restore the archive.
ssh "$PRIMARY_WWW_FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/$BACKUP_TIMESTAMP" "$REMOTE_HOME/" ssh "$PRIMARY_WWW_FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/$BACKUP_TIMESTAMP" "$REMOTE_SOURCE_BACKUP_PATH/"

View File

@ -39,7 +39,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
if [ "$RESTORE_WWW" = true ]; then if [ "$RESTORE_WWW" = true ]; then
./restore_path.sh ./restore_path.sh
ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
elif [ "$BACKUP_APPS" = true ]; then elif [ "$BACKUP_APPS" = true ]; then
# if we're not restoring, then we may or may not back up. # if we're not restoring, then we may or may not back up.
./backup_path.sh ./backup_path.sh
@ -64,26 +64,33 @@ if [ "$RUN_CERT_RENEWAL" = true ]; then
./generate_certs.sh ./generate_certs.sh
fi fi
if [ "$BACKUP_CERTS" = true ]; then # Back each domain's certificates under /home/ubuntu/letsencrypt/domain
# Back each domain's certificates under /home/ubuntu/letsencrypt/domain for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do export DOMAIN_NAME="$DOMAIN_NAME"
export DOMAIN_NAME="$DOMAIN_NAME" export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
# source the site path so we know what features it has. # source the site path so we know what features it has.
source ../../reset_env.sh source ../../reset_env.sh
source "$SITE_PATH/site_definition" source "$SITE_PATH/site_definition"
source ../../domain_env.sh source ../../domain_env.sh
# these variable are used by both backup/restore scripts. # these variable are used by both backup/restore scripts.
export APP="letsencrypt" export APP="letsencrypt"
export REMOTE_BACKUP_PATH="$REMOTE_HOME/backups/www/$APP/$DOCKER_STACK_SUFFIX" export REMOTE_BACKUP_PATH="$REMOTE_HOME/backups/www/$APP/$DOCKER_STACK_SUFFIX"
export REMOTE_SOURCE_BACKUP_PATH="$REMOTE_HOME/$APP/$DOMAIN_NAME" export REMOTE_SOURCE_BACKUP_PATH="$REMOTE_HOME/$APP/$DOMAIN_NAME"
# ensure our local backup path exists so we can pull down the duplicity archive to the management machine. # ensure our local backup path exists so we can pull down the duplicity archive to the management machine.
export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP/$BACKUP_TIMESTAMP" export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP/$BACKUP_TIMESTAMP"
mkdir -p "$LOCAL_BACKUP_PATH" mkdir -p "$LOCAL_BACKUP_PATH"
if [ "$RESTORE_WWW" = true ]; then
sleep 5
echo "STARTING restore_path.sh for letsencrypt."
./restore_path.sh
ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
elif [ "$BACKUP_APPS" = true ]; then
# if we're not restoring, then we may or may not back up.
./backup_path.sh ./backup_path.sh
done
fi fi
done