src/scripts/backupapp.sh

#!/bin/bash

set -eu -o pipefail

if [[ $EUID -ne 0 ]]; then
    echo "This script should be run as root." >&2
    exit 1
fi

if [[ $# == 1 && "$1" == "--check" ]]; then
    echo "OK"
    exit 0
fi

if [ $# -lt 8 ]; then
    echo "Usage: backupapp.sh <appid> <s3 config url> <s3 data url> <access key id> <access key> <session token> <region> <password>"
    exit 1
fi

readonly DATA_DIR="${HOME}/data"

# env vars used by the awscli
readonly app_id="$1"
readonly s3_config_url="$2"
readonly s3_data_url="$3"
export AWS_ACCESS_KEY_ID="$4"
export AWS_SECRET_ACCESS_KEY="$5"
export AWS_SESSION_TOKEN="$6"
export AWS_DEFAULT_REGION="$7"
readonly password="$8"

readonly now=$(date "+%Y-%m-%dT%H:%M:%S")
readonly app_data_dir="${DATA_DIR}/${app_id}"
readonly app_data_snapshot="${DATA_DIR}/snapshots/${app_id}-${now}"

btrfs subvolume snapshot -r "${app_data_dir}" "${app_data_snapshot}"

# Upload config.json first because uploading tarball might take a lot of time, leading to token expiry
for try in `seq 1 5`; do
    echo "Uploading config.json to ${s3_config_url} (try ${try})"
    error_log=$(mktemp)

    # use aws instead of curl because curl will always read entire stream memory to set Content-Length
    # aws will do multipart upload
    if cat "${app_data_snapshot}/config.json" \
           |  aws s3 cp - "${s3_config_url}" 2>"${error_log}"; then
        break
    fi
    cat "${error_log}" && rm "${error_log}"
done

if [[ ${try} -eq 5 ]]; then
    echo "Backup failed uploading config.json"
    btrfs subvolume delete "${app_data_snapshot}"
    exit 1
fi

for try in `seq 1 5`; do
    echo "Uploading backup to ${s3_data_url} (try ${try})"
    error_log=$(mktemp)

    if tar -cvzf - -C "${app_data_snapshot}" . \
           | openssl aes-256-cbc -e -pass "pass:${password}" \
           |  aws s3 cp - "${s3_data_url}" 2>"${error_log}"; then
        break
    fi
    cat "${error_log}" && rm "${error_log}"
done

btrfs subvolume delete "${app_data_snapshot}"

if [[ ${try} -eq 5 ]]; then
    echo "Backup failed uploading backup tarball"
    exit 1
else
    echo "Backup successful"
fi
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`#!/bin/bash`

			`set -eu -o pipefail`

			`if [[ $EUID -ne 0 ]]; then`
			`echo "This script should be run as root." >&2`
			`exit 1`
			`fi`

			`if [[ $# == 1 && "$1" == "--check" ]]; then`
			`echo "OK"`
			`exit 0`
			`fi`

pass appid to backup script 2016-04-10 21:41:53 -07:00			`if [ $# -lt 8 ]; then`
			`echo "Usage: backupapp.sh <appid> <s3 config url> <s3 data url> <access key id> <access key> <session token> <region> <password>"`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`exit 1`
			`fi`

			`readonly DATA_DIR="${HOME}/data"`

backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`# env vars used by the awscli`
pass appid to backup script 2016-04-10 21:41:53 -07:00			`readonly app_id="$1"`
			`readonly s3_config_url="$2"`
			`readonly s3_data_url="$3"`
			`export AWS_ACCESS_KEY_ID="$4"`
			`export AWS_SECRET_ACCESS_KEY="$5"`
			`export AWS_SESSION_TOKEN="$6"`
			`export AWS_DEFAULT_REGION="$7"`
			`readonly password="$8"`
backup apps use aws-cli 2016-04-10 18:23:29 -07:00
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`readonly now=$(date "+%Y-%m-%dT%H:%M:%S")`
			`readonly app_data_dir="${DATA_DIR}/${app_id}"`
			`readonly app_data_snapshot="${DATA_DIR}/snapshots/${app_id}-${now}"`

			`btrfs subvolume snapshot -r "${app_data_dir}" "${app_data_snapshot}"`

add comment 2016-04-02 18:04:58 -07:00			`# Upload config.json first because uploading tarball might take a lot of time, leading to token expiry`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			for try in `seq 1 5`; do
backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`echo "Uploading config.json to ${s3_config_url} (try ${try})"`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`error_log=$(mktemp)`
Support session tokens in backupapp.sh 2015-08-25 12:27:38 -07:00
backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`# use aws instead of curl because curl will always read entire stream memory to set Content-Length`
			`# aws will do multipart upload`
backup config.json first because tarball takes lot of time and leads to token expiration 2016-04-02 18:01:49 -07:00			`if cat "${app_data_snapshot}/config.json" \`
backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`\| aws s3 cp - "${s3_config_url}" 2>"${error_log}"; then`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`break`
			`fi`
			`cat "${error_log}" && rm "${error_log}"`
			`done`

Add backup config url to backupapp.sh 2016-01-29 11:44:14 +01:00			`if [[ ${try} -eq 5 ]]; then`
backup config.json first because tarball takes lot of time and leads to token expiration 2016-04-02 18:01:49 -07:00			`echo "Backup failed uploading config.json"`
delete snapshot on failure path 2016-04-02 17:57:15 -07:00			`btrfs subvolume delete "${app_data_snapshot}"`
Add backup config url to backupapp.sh 2016-01-29 11:44:14 +01:00			`exit 1`
Add missing fi in shell script 2016-01-29 12:31:59 +01:00			`fi`
Add backup config url to backupapp.sh 2016-01-29 11:44:14 +01:00
			for try in `seq 1 5`; do
backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`echo "Uploading backup to ${s3_data_url} (try ${try})"`
Add backup config url to backupapp.sh 2016-01-29 11:44:14 +01:00			`error_log=$(mktemp)`

backup config.json first because tarball takes lot of time and leads to token expiration 2016-04-02 18:01:49 -07:00			`if tar -cvzf - -C "${app_data_snapshot}" . \`
typo 2016-04-10 21:46:01 -07:00			`\| openssl aes-256-cbc -e -pass "pass:${password}" \`
backup apps use aws-cli 2016-04-10 18:23:29 -07:00			`\| aws s3 cp - "${s3_data_url}" 2>"${error_log}"; then`
Add backup config url to backupapp.sh 2016-01-29 11:44:14 +01:00			`break`
			`fi`
			`cat "${error_log}" && rm "${error_log}"`
			`done`

app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`btrfs subvolume delete "${app_data_snapshot}"`

			`if [[ ${try} -eq 5 ]]; then`
backup config.json first because tarball takes lot of time and leads to token expiration 2016-04-02 18:01:49 -07:00			`echo "Backup failed uploading backup tarball"`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`exit 1`
			`else`
			`echo "Backup successful"`
			`fi`