1
1
sovereign-stack/deployment/btcpayserver/scripts/backup.sh
2022-07-27 12:38:33 -04:00

124 lines
3.6 KiB
Bash

#!/bin/bash
# This script might look like a good idea. Please be aware of these important issues:
#
# - The backup file is not encrypted and it contains your lightning private keys.
# Consider encrypting before uploading or using another backup tool like duplicity.
# - Old channel state is toxic and you can loose all your funds, if you or someone
# else closes a channel based on the backup with old state - and the state changes
# often! If you publish an old state (say from yesterday's backup) on chain, you
# WILL LOSE ALL YOUR FUNDS IN A CHANNEL, because the counterparty will publish a
# revocation key!
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root."
echo "Use the command 'sudo su -' (include the trailing hypen) and try again"
exit 1
fi
case "$BACKUP_PROVIDER" in
"Dropbox")
if [ -z "$DROPBOX_TOKEN" ]; then
echo -e "\033[0;31mSet DROPBOX_TOKEN environment variable and try again.\033[0m"
exit 1
fi
;;
"S3")
echo -e "\033[1;33mUsing S3 backup provider. Make sure you have ran 'aws configure' on your root user and configured an AMI with access to your bucket.\033[0m"
if [ -z "$S3_BUCKET" ]; then
echo -e "\033[0;31mSet S3_BUCKET environment variable and try again.\033[0m"
exit 1
fi
if [ -z "$S3_PATH" ]; then
echo -e "\033[1;33mUsing bucket root for backup, set S3_PATH if you want to backup into a specific folder (Make sure it ends with a trailing slash).\033[0m"
fi
;;
"SCP")
if [ -z "$SCP_TARGET" ]; then
echo -e "\033[0;31mSet SCP_TARGET environment variable and try again.\033[0m"
exit 1
fi
;;
*)
echo "No BACKUP_PROVIDER set. Backing up to local directory."
;;
esac
# preparation
volumes_dir=/var/lib/docker/volumes
backup_dir="$volumes_dir/backup_datadir"
filename="backup.tar.gz"
dumpname="postgres.sql.gz"
if [ "$BACKUP_TIMESTAMP" == true ]; then
timestamp=$(date "+%Y%m%d-%H%M%S")
filename="$timestamp-$filename"
dumpname="$timestamp-$dumpname"
fi
backup_path="$backup_dir/_data/${filename}"
dbdump_path="$backup_dir/_data/${dumpname}"
cd "$BTCPAY_BASE_DIRECTORY/btcpayserver-docker"
. helpers.sh
# ensure backup dir exists
if [ ! -d "$backup_dir" ]; then
docker volume create backup_datadir
fi
# dump database
echo "Dumping database …"
btcpay_dump_db $dbdump_path
if [[ "$1" == "--only-db" ]]; then
tar -cvzf $backup_path $dbdump_path
else
# stop docker containers, save files and restart
echo "Stopping BTCPay Server …"
btcpay_down
echo "Backing up files …"
tar --exclude="$backup_path" --exclude="$volumes_dir/generated_bitcoin_datadir/*" --exclude="$volumes_dir/generated_litecoin_datadir/*" --exclude="$volumes_dir/generated_postgres_datadir/*" --exclude="$volumes_dir/**/logs/*" -cvzf $backup_path $dbdump_path $volumes_dir
echo "Restarting BTCPay Server …"
btcpay_up
fi
# post processing
case $BACKUP_PROVIDER in
"Dropbox")
echo "Uploading to Dropbox …"
docker run --name backup --env DROPBOX_TOKEN=$DROPBOX_TOKEN -v backup_datadir:/data jvandrew/btcpay-dropbox:1.0.5 $filename
echo "Deleting local backup …"
rm $backup_path
;;
"S3")
echo "Uploading to S3 …"
docker run --rm -v ~/.aws:/root/.aws -v $backup_path:/aws/$filename amazon/aws-cli s3 cp $filename s3://$S3_BUCKET/$S3_PATH
echo "Deleting local backup …"
rm $backup_path
;;
"SCP")
echo "Uploading via SCP …"
scp $backup_path $SCP_TARGET
echo "Deleting local backup …"
rm $backup_path
;;
*)
echo "Backed up to $backup_path"
;;
esac
# cleanup
rm $dbdump_path
echo "Backup done."