ppbackup

#!/bin/bash

# Load config file, verify we are configured
. ~/ppbackup.cfg 2>/dev/null
if [ "$BACKUP_NAME" = "" -o \
     "$BACKUP_REMOTE" = "" -o \
     "$BACKUP_GPG_RECIPIENT" = "" -o \
     "$BACKUP_FILES" = "" ]
then
    echo "Please configure ~/ppbackup.cfg and ~/.my.cnf"
    exit 1
fi

# Set time-related variables
WEEK=$(date +wk%U)
if [ "$ONLY_ONE_DAY" = "1" ]; then
    # If we're only doing one day, we'll call it day zero.
    DAY="day0"
else
    # Otherwise, we'll number the day by the current day of the week.
    DAY=$(date +day%u)
fi
TIME=$(date +%Hxx)

# Make room
cd ~
rm -rf backups.insecure/latest
# If backup should only keep one day (due to size), then obliterate all older
# backups first.
if [ "$ONLY_ONE_DAY" = "1" ]; then
    rm -rf backups/*
else
    find backups/$DAY -type f -mtime +2 |xargs rm -f
fi
# Enforce size limits, if we have any
backups_size() {
  # Magic: Returns size of ~/bin if backups/ does not exist.
  echo $(du -s -BM backups/ ~/bin 2>/dev/null |head -1 |cut -f1 -dM)
}
if [ "$BACKUP_LIMIT_MB" != "" ]; then
  if [ "$(backups_size)" -gt $BACKUP_LIMIT_MB ]; then
    # List backup files, sorted by age, oldest first
    find backups/ -printf '%T@ %p\n' |sort -n |while read TS FN; do
      if [ "$(backups_size)" -gt $BACKUP_LIMIT_MB ]; then
        rm -f "$FN"
      fi
    done
    rmdir backups/* 2>/dev/null
  fi
fi
# These must exist
mkdir -p backups/$DAY backups.insecure/latest

# Create initial backups, unencrypted
if [ "$BACKUP_MYSQL_DB" != "" ]; then
  mysqldump $BACKUP_MYSQL_DB 2>/dev/null \
    |nice bzip2 \
    > backups.insecure/latest/$BACKUP_NAME-mysql-$TIME.dump.bz2
fi

if [ "$BACKUP_PSQL_DB" != "" ]; then
  pg_dump $BACKUP_PSQL_DB 2>/dev/null \
    |nice bzip2 \
    > backups.insecure/latest/$BACKUP_NAME-psql-$TIME.dump.bz2
fi

crontab -l >bin/crontab
tar c $BACKUP_FILES 2>/dev/null \
  |nice bzip2 \
  >backups.insecure/latest/$BACKUP_NAME-files-$TIME.tar.bz2

if [ "$BACKUP_BINARIES" != "" ]; then
  tar c $BACKUP_BINARIES 2>/dev/null \
    |nice bzip2 \
    >backups.insecure/latest/$BACKUP_NAME-binaries-$TIME.tar.bz2
fi

# Create encrypted copies
for bkup in $BACKUP_NAME-mysql-$TIME.dump.bz2 \
            $BACKUP_NAME-psql-$TIME.dump.bz2 \
            $BACKUP_NAME-binaries-$TIME.tar.bz2 \
            $BACKUP_NAME-files-$TIME.tar.bz2; do
  [ -e backups.insecure/latest/$bkup ] && \
    nice gpg --batch -e -r $BACKUP_GPG_RECIPIENT \
      <backups.insecure/latest/$bkup \
      >backups/$DAY/$bkup.gpg
done

# Create weekly backups, unless we only want one day; skipping the binaries to
# save space
if [ "$ONLY_ONE_DAY" != 1 ]; then
    rm -rf backups/$WEEK
    mkdir -p backups/$WEEK
    ln backups/$DAY/*sql* backups/$DAY/*files* backups/$WEEK 2>/dev/null
fi

# Push copy of encrypted backups to remote server and notify admin
cd ~
RSYNC_OUTPUT=$(rsync -qar backups $BACKUP_REMOTE 2>&1)
RESULT=$?

if [ $RESULT -eq 0 ]; then
    SUBJECT="[ppbackup] Backup succeeded. Name \"$BACKUP_NAME\", destination \"$BACKUP_REMOTE\"."
    MSG="The backup named \"$BACKUP_NAME\" appears to have succeeded. Note that this only means that the encrypted backups were copied successfully to the remote server. No integrity check has been performed on the backups themselves. It is wise to check up on them every once in a while by recovering a backup, to verify that the procedure works and that the necessary decryption keys are available to the appropriate personnel."
else
    SUBJECT="[ppbackup] BACKUP FAILED! Name \"$BACKUP_NAME\", destination \"$BACKUP_REMOTE\"!"
    MSG="Backup has FAILED when sending backup named \"$BACKUP_NAME\" to destination \"$BACKUP_REMOTE\"! Please examine IMMEDIATELY!\n\nOutput from rsync: $RSYNC_OUTPUT"
fi

if [ "$BACKUP_ADMIN_EMAILS" != "" ]; then
    MSG="$MSG\n\nGPG recipient: $BACKUP_GPG_RECIPIENT"
    echo -e "$MSG" | mailx "$BACKUP_ADMIN_EMAILS" -s "$SUBJECT"
fi