Difference between revisions of "User:JRWR/Backup"
From PCGamingWiki, the wiki about fixing PC games
Line 2: | Line 2: | ||
<pre> | <pre> | ||
ionice -c3 -p$$ | ionice -c3 -p$$ | ||
+ | |||
renice 19 $$ | renice 19 $$ | ||
+ | |||
cd /backup | cd /backup | ||
+ | |||
mysqldump --all-databases -u root --password='##PASSWORD##' > /backup/pcgamingwiki-main-database.sql | mysqldump --all-databases -u root --password='##PASSWORD##' > /backup/pcgamingwiki-main-database.sql | ||
+ | |||
apt-get clean | apt-get clean | ||
+ | |||
apt-get -y autoremove | apt-get -y autoremove | ||
+ | |||
apt-get clean | apt-get clean | ||
+ | |||
cd /backup | cd /backup | ||
+ | |||
NOW=$(date +"%F") | NOW=$(date +"%F") | ||
+ | |||
ARCHIVE="pcgwiki-backup-$NOW.7z" | ARCHIVE="pcgwiki-backup-$NOW.7z" | ||
+ | |||
ENCRYPT="pcgwiki-backup-$NOW.7z.aes256" | ENCRYPT="pcgwiki-backup-$NOW.7z.aes256" | ||
+ | |||
7za a $ARCHIVE -y /var/www /backup/pcgamingwiki-main-database.sql /home /etc/nginx /etc/cherokee | 7za a $ARCHIVE -y /var/www /backup/pcgamingwiki-main-database.sql /home /etc/nginx /etc/cherokee | ||
+ | |||
echo "1) openssl rsautl -in aes-key.ssl -out aes-key -decrypt -inkey /backup/private.pem" > backuptips.txt | echo "1) openssl rsautl -in aes-key.ssl -out aes-key -decrypt -inkey /backup/private.pem" > backuptips.txt | ||
+ | |||
echo "2) openssl enc -d -aes-256-cbc -salt -in sz-backup-2011-10-31.7z.aes256 -out sz-backup-2011-10-31.7z -pass file:/backup/temp/aes-key" >> backuptips.txt | echo "2) openssl enc -d -aes-256-cbc -salt -in sz-backup-2011-10-31.7z.aes256 -out sz-backup-2011-10-31.7z -pass file:/backup/temp/aes-key" >> backuptips.txt | ||
+ | |||
wget 'http://www.random.org/cgi-bin/randbyte?nbytes=500&format=f' -O aes-key | wget 'http://www.random.org/cgi-bin/randbyte?nbytes=500&format=f' -O aes-key | ||
+ | |||
openssl enc -aes-256-cbc -salt -in $ARCHIVE -out $ENCRYPT -pass file:/backup/aes-key | openssl enc -aes-256-cbc -salt -in $ARCHIVE -out $ENCRYPT -pass file:/backup/aes-key | ||
+ | |||
openssl rsautl -encrypt -inkey public.key -pubin -in aes-key -out aes-key.ssl | openssl rsautl -encrypt -inkey public.key -pubin -in aes-key -out aes-key.ssl | ||
+ | |||
par2 c -v $ENCRYPT $ENCRYPT | par2 c -v $ENCRYPT $ENCRYPT | ||
+ | |||
par2 c -v aes-key.ssl aes-key.ssl | par2 c -v aes-key.ssl aes-key.ssl | ||
+ | |||
shred -u $ARCHIVE | shred -u $ARCHIVE | ||
+ | |||
dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 | dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 | ||
+ | |||
dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 | dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 | ||
+ | |||
shred -u aes-key | shred -u aes-key | ||
+ | |||
echo "==================================" >> ./backuptips.txt | echo "==================================" >> ./backuptips.txt | ||
+ | |||
sha512sum /backup/* >> ./backuptips.txt | sha512sum /backup/* >> ./backuptips.txt | ||
+ | |||
zip $ARCHIVE.zip *.par2 aes-key.ssl ./$ENCRYPT ./backuptips.txt | zip $ARCHIVE.zip *.par2 aes-key.ssl ./$ENCRYPT ./backuptips.txt | ||
+ | |||
shred -u ./backuptips.txt | shred -u ./backuptips.txt | ||
+ | |||
shred -u *.par2 | shred -u *.par2 | ||
+ | |||
shred -u $ENCRYPT | shred -u $ENCRYPT | ||
+ | |||
shred -u *.ssl | shred -u *.ssl | ||
+ | |||
shred -u /backup/pcgamingwiki-main-database.sql | shred -u /backup/pcgamingwiki-main-database.sql | ||
+ | |||
cp -f $ARCHIVE.zip /backup/store/$ARCHIVE.zip | cp -f $ARCHIVE.zip /backup/store/$ARCHIVE.zip | ||
+ | |||
shred -u $ARCHIVE.zip | shred -u $ARCHIVE.zip | ||
+ | |||
chmod 555 /backup/store/$ARCHIVE.zip | chmod 555 /backup/store/$ARCHIVE.zip | ||
+ | |||
find /backup/store/*.zip -mtime +10 -exec chmod 777 {} \; | find /backup/store/*.zip -mtime +10 -exec chmod 777 {} \; | ||
+ | |||
find /backup/store/*.zip -mtime +10 -exec rm -vf {} \; | find /backup/store/*.zip -mtime +10 -exec rm -vf {} \; | ||
+ | |||
php /var/www/maintenance/dumpBackup.php --full --output=bzip2:/var/www/dumps/pcgwiki-full-xml-$NOW.bz2 | php /var/www/maintenance/dumpBackup.php --full --output=bzip2:/var/www/dumps/pcgwiki-full-xml-$NOW.bz2 | ||
+ | |||
find /var/www/dumps/*.bz2 -mtime +10 -exec chmod 777 {} \; | find /var/www/dumps/*.bz2 -mtime +10 -exec chmod 777 {} \; | ||
+ | |||
find /var/www/dumps/*.bz2 -mtime +10 -exec rm -vf {} \; | find /var/www/dumps/*.bz2 -mtime +10 -exec rm -vf {} \; | ||
+ | |||
</pre> | </pre> |
Revision as of 15:49, 26 March 2012
This is the current script that backups the site, I'm posting it here since I never found another script like it across the internet. Its very simple, uses a RSA 4096bit Key, keep the public key on the server, and keep the private key in a safe place :) in short, its a Encrypted Backup Script / System
ionice -c3 -p$$ renice 19 $$ cd /backup mysqldump --all-databases -u root --password='##PASSWORD##' > /backup/pcgamingwiki-main-database.sql apt-get clean apt-get -y autoremove apt-get clean cd /backup NOW=$(date +"%F") ARCHIVE="pcgwiki-backup-$NOW.7z" ENCRYPT="pcgwiki-backup-$NOW.7z.aes256" 7za a $ARCHIVE -y /var/www /backup/pcgamingwiki-main-database.sql /home /etc/nginx /etc/cherokee echo "1) openssl rsautl -in aes-key.ssl -out aes-key -decrypt -inkey /backup/private.pem" > backuptips.txt echo "2) openssl enc -d -aes-256-cbc -salt -in sz-backup-2011-10-31.7z.aes256 -out sz-backup-2011-10-31.7z -pass file:/backup/temp/aes-key" >> backuptips.txt wget 'http://www.random.org/cgi-bin/randbyte?nbytes=500&format=f' -O aes-key openssl enc -aes-256-cbc -salt -in $ARCHIVE -out $ENCRYPT -pass file:/backup/aes-key openssl rsautl -encrypt -inkey public.key -pubin -in aes-key -out aes-key.ssl par2 c -v $ENCRYPT $ENCRYPT par2 c -v aes-key.ssl aes-key.ssl shred -u $ARCHIVE dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 shred -u aes-key echo "==================================" >> ./backuptips.txt sha512sum /backup/* >> ./backuptips.txt zip $ARCHIVE.zip *.par2 aes-key.ssl ./$ENCRYPT ./backuptips.txt shred -u ./backuptips.txt shred -u *.par2 shred -u $ENCRYPT shred -u *.ssl shred -u /backup/pcgamingwiki-main-database.sql cp -f $ARCHIVE.zip /backup/store/$ARCHIVE.zip shred -u $ARCHIVE.zip chmod 555 /backup/store/$ARCHIVE.zip find /backup/store/*.zip -mtime +10 -exec chmod 777 {} \; find /backup/store/*.zip -mtime +10 -exec rm -vf {} \; php /var/www/maintenance/dumpBackup.php --full --output=bzip2:/var/www/dumps/pcgwiki-full-xml-$NOW.bz2 find /var/www/dumps/*.bz2 -mtime +10 -exec chmod 777 {} \; find /var/www/dumps/*.bz2 -mtime +10 -exec rm -vf {} \;