|
|
Line 1: |
Line 1: |
| This is the current script that backups the site, I'm posting it here since I never found another script like it across the internet. Its very simple, uses a RSA 4096bit Key, keep the public key on the server, and keep the private key in a safe place :) in short, its a Encrypted Backup Script / System | | This is the current script that backups the site, I'm posting it here since I never found another script like it across the internet. Its very simple, uses a RSA 4096bit Key, keep the public key on the server, and keep the private key in a safe place :) in short, its a Encrypted Backup Script / System |
| <pre> | | <pre> |
− | #!/bin/bash
| + | |
− | ionice -c3 -p$$
| |
− | renice 19 $$
| |
− | cd /backup
| |
− | mysqldump --all-databases -u root --password='##PASSWORD##' > /backup/pcgamingwiki-main-database.sql
| |
− | apt-get clean
| |
− | apt-get -y autoremove
| |
− | apt-get clean
| |
− | cd /backup
| |
− | NOW=$(date +"%F")
| |
− | ARCHIVE="pcgwiki-backup-$NOW.7z"
| |
− | ENCRYPT="pcgwiki-backup-$NOW.7z.aes256"
| |
− | 7za a $ARCHIVE -y /var/www /backup/pcgamingwiki-main-database.sql /home /etc/nginx /etc/cherokee
| |
− | echo "1) openssl rsautl -in aes-key.ssl -out aes-key -decrypt -inkey /backup/private.pem" > backuptips.txt
| |
− | echo "2) openssl enc -d -aes-256-cbc -salt -in sz-backup-2011-10-31.7z.aes256 -out sz-backup-2011-10-31.7z -pass file:/backup/temp/aes-key" >> backuptips.txt
| |
− | wget 'http://www.random.org/cgi-bin/randbyte?nbytes=500&format=f' -O aes-key
| |
− | openssl enc -aes-256-cbc -salt -in $ARCHIVE -out $ENCRYPT -pass file:/backup/aes-key
| |
− | openssl rsautl -encrypt -inkey public.key -pubin -in aes-key -out aes-key.ssl
| |
− | par2 c -v $ENCRYPT $ENCRYPT
| |
− | par2 c -v aes-key.ssl aes-key.ssl
| |
− | shred -u $ARCHIVE
| |
− | dd if=/dev/urandom of=/backup/aes-key bs=10 count=500
| |
− | dd if=/dev/urandom of=/backup/aes-key bs=10 count=500
| |
− | shred -u aes-key
| |
− | echo "==================================" >> ./backuptips.txt
| |
− | sha512sum /backup/* >> ./backuptips.txt
| |
− | zip $ARCHIVE.zip *.par2 aes-key.ssl ./$ENCRYPT ./backuptips.txt
| |
− | shred -u ./backuptips.txt
| |
− | shred -u *.par2
| |
− | shred -u $ENCRYPT
| |
− | shred -u *.ssl
| |
− | shred -u /backup/pcgamingwiki-main-database.sql
| |
− | cp -f $ARCHIVE.zip /backup/store/$ARCHIVE.zip
| |
− | shred -u $ARCHIVE.zip
| |
− | chmod 555 /backup/store/$ARCHIVE.zip
| |
− | find /backup/store/*.zip -mtime +10 -exec chmod 777 {} \;
| |
− | find /backup/store/*.zip -mtime +10 -exec rm -vf {} \;
| |
− | php /var/www/maintenance/dumpBackup.php --full --output=bzip2:/var/www/dumps/pcgwiki-full-xml-$NOW.bz2
| |
− | find /var/www/dumps/*.bz2 -mtime +10 -exec chmod 777 {} \;
| |
− | find /var/www/dumps/*.bz2 -mtime +10 -exec rm -vf {} \;
| |
| | | |
| </pre> | | </pre> |
This is the current script that backups the site, I'm posting it here since I never found another script like it across the internet. Its very simple, uses a RSA 4096bit Key, keep the public key on the server, and keep the private key in a safe place :) in short, its a Encrypted Backup Script / System