src/scripts/backupbox.sh

#!/bin/bash

set -eu -o pipefail

if [[ $EUID -ne 0 ]]; then
    echo "This script should be run as root." >&2
    exit 1
fi

if [[ $# == 1 && "$1" == "--check" ]]; then
    echo "OK"
    exit 0
fi

if [ $# -lt 5 ]; then
    echo "Usage: backupbox.sh <s3 url> <access key id> <access key> <region> <password> [session token]"
    exit 1
fi

# env vars used by the awscli
s3_url="$1"
export AWS_ACCESS_KEY_ID="$2"
export AWS_SECRET_ACCESS_KEY="$3"
export AWS_DEFAULT_REGION="$4"
password="$5"

if [ $# -gt 5 ]; then
    export AWS_SESSION_TOKEN="$6"
fi

now=$(date "+%Y-%m-%dT%H:%M:%S")
BOX_DATA_DIR="${HOME}/data/box"
box_snapshot_dir="${HOME}/data/snapshots/box-${now}"

echo "Creating MySQL dump"
mysqldump -u root -ppassword --single-transaction --routines --triggers box > "${BOX_DATA_DIR}/box.mysqldump"

echo "Snapshoting backup as backup-${now}"
btrfs subvolume snapshot -r "${BOX_DATA_DIR}" "${box_snapshot_dir}"

for try in `seq 1 5`; do
    echo "Uploading backup to ${s3_url} (try ${try})"
    error_log=$(mktemp)

    # use aws instead of curl because curl will always read entire stream memory to set Content-Length
    # aws will do multipart upload
    if tar -czf - -C "${box_snapshot_dir}" . \
           | openssl aes-256-cbc -e -pass "pass:${password}" \
           | aws s3 cp - "${s3_url}" 2>"${error_log}"; then
        break
    fi
    cat "${error_log}" && rm "${error_log}"
done

echo "Deleting backup snapshot"
btrfs subvolume delete "${box_snapshot_dir}"

if [[ ${try} -eq 5 ]]; then
    echo "Backup failed"
    exit 1
else
    echo "Backup successful"
fi
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`#!/bin/bash`

			`set -eu -o pipefail`

			`if [[ $EUID -ne 0 ]]; then`
			`echo "This script should be run as root." >&2`
			`exit 1`
			`fi`

			`if [[ $# == 1 && "$1" == "--check" ]]; then`
			`echo "OK"`
			`exit 0`
			`fi`

Support s3 backup upload without session tokens 2016-06-13 19:10:08 +02:00			`if [ $# -lt 5 ]; then`
			`echo "Usage: backupbox.sh <s3 url> <access key id> <access key> <region> <password> [session token]"`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`exit 1`
			`fi`

use aws-cli to upload box backups 2016-04-10 18:00:30 -07:00			`# env vars used by the awscli`
			`s3_url="$1"`
			`export AWS_ACCESS_KEY_ID="$2"`
			`export AWS_SECRET_ACCESS_KEY="$3"`
Support s3 backup upload without session tokens 2016-06-13 19:10:08 +02:00			`export AWS_DEFAULT_REGION="$4"`
			`password="$5"`

			`if [ $# -gt 5 ]; then`
			`export AWS_SESSION_TOKEN="$6"`
			`fi`

app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`now=$(date "+%Y-%m-%dT%H:%M:%S")`
			`BOX_DATA_DIR="${HOME}/data/box"`
			`box_snapshot_dir="${HOME}/data/snapshots/box-${now}"`

			`echo "Creating MySQL dump"`
			`mysqldump -u root -ppassword --single-transaction --routines --triggers box > "${BOX_DATA_DIR}/box.mysqldump"`

			`echo "Snapshoting backup as backup-${now}"`
			`btrfs subvolume snapshot -r "${BOX_DATA_DIR}" "${box_snapshot_dir}"`

			for try in `seq 1 5`; do
use aws-cli to upload box backups 2016-04-10 18:00:30 -07:00			`echo "Uploading backup to ${s3_url} (try ${try})"`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`error_log=$(mktemp)`
Only federated tokens need session token 2015-08-25 12:13:11 -07:00
use aws-cli to upload box backups 2016-04-10 18:00:30 -07:00			`# use aws instead of curl because curl will always read entire stream memory to set Content-Length`
			`# aws will do multipart upload`
remove verbose from tar 2016-04-10 22:49:39 -07:00			`if tar -czf - -C "${box_snapshot_dir}" . \`
use aws-cli to upload box backups 2016-04-10 18:00:30 -07:00			`\| openssl aes-256-cbc -e -pass "pass:${password}" \`
			`\| aws s3 cp - "${s3_url}" 2>"${error_log}"; then`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`break`
			`fi`
			`cat "${error_log}" && rm "${error_log}"`
			`done`

			`echo "Deleting backup snapshot"`
			`btrfs subvolume delete "${box_snapshot_dir}"`

			`if [[ ${try} -eq 5 ]]; then`
			`echo "Backup failed"`
			`exit 1`
			`else`
			`echo "Backup successful"`
			`fi`