Vai al contenuto

Backup Hosting

BACKUP HOSTING

Con il seguente script รจ possibile eseguire backup crittografati di tutti i virtualhost presenti nella macchina:

Bash
#!/bin/bash

# ===== GENERARE LE CHIAVI =====
# openssl req -x509 -nodes -newkey rsa:2048 -keyout domains-key.priv.pem -out domains-key.pub.pem

# ===== VARIABILI =====
DATE=`date +%Y-%m-%d-%H-%M-%S`
TARGET_FOLDER=/var/www_backups
PUBLIC_KEY=/root/domains-key.pub.pem
FILE_DB_PASSWORD=/root/.secrets/db_psswd.txt

DB_USER=root
DB_PASSWORD=$(cat ${FILE_DB_PASSWORD})

# ===== VERIFICO L'ESISTENZA DELLA CARTELLA DI BACKUP =====
if [ ! -d "/var/www_backups" ]; then
    mkdir /var/www_backups
fi

# ===== VERIFICO L'ESISTENZA DELLA CHIAVE PUBBLICA =====
if [ ! -f "$PUBLIC_KEY" ]; then
    echo "La chiave pubblica non esiste: $PUBLIC_KEY"
    exit 1
fi

# ===== VERIFICO L'ESISTENZA DELLA PASSWORD DI ROOT =====
if [ ! -f "$FILE_DB_PASSWORD" ]; then
    echo "Il file con la password di root non esiste: $FILE_DB_PASSWORD"
    exit 1
fi

# ===== SCRIPT BACKUP DB =====
for dbname in $(mysql -u ${DB_USER} -p${DB_PASSWORD} -e 'show databases' -s --skip-column-names); do
  if [ "$dbname" != "information_schema" ] && [ "$dbname" != "performance_schema" ] && [ "$dbname" != "mysql" ] && [ "$dbname" != "sys" ]; then
    ARCHIVE_DB="${dbname}-dump-${DATE}.backup.sql.gz.enc"
    mysqldump -u ${DB_USER} -p${DB_PASSWORD} --single-transaction --routines --events --triggers --complete-insert "$dbname" \
    | gzip -9 -c \
    | openssl smime -encrypt -binary -text -aes256 -out ${TARGET_FOLDER}/${ARCHIVE_DB} -outform DER ${PUBLIC_KEY}  
  fi
done

# =====SCRIPT BACKUP FILES =====
for virtual_host in /etc/apache2/sites-available/*.conf; do
    virtual_host=$(basename $virtual_host .conf)
    if [ ! -d "/var/www/$virtual_host" ]; then
        echo "La cartella /var/www/$virtual_host non esiste, passo al successivo"
        continue
    fi
    ARCHIVE_FILES="${virtual_host}-files-${DATE}.backup.tar.gz.enc"
    tar -cvpzf /root/${virtual_host}.${DATE}.tar.gz -C /var/www/ $virtual_host
    openssl smime -encrypt -binary -text -aes256 -in /root/${virtual_host}.${DATE}.tar.gz -out ${TARGET_FOLDER}/${ARCHIVE_FILES} -outform DER ${PUBLIC_KEY}
    rm /root/${virtual_host}.${DATE}.tar.gz
done

# ===== DECRIPTAZIONE ED ESTRAZIONE =====
# FILENAME=indicare_il_nome_del_file ,ad esempio domain.local-files-2023-03-06-16-03-45.backup.tar
# openssl smime -decrypt -in ${FILENAME}.gz.enc -binary -inform DEM -inkey mysqldump-secure.priv.pem -out ${FILENAME}.gz
# gzip -d ${FILENAME}.gz
# tar -xvf ${FILENAME}