From fa10527f999f45c463099c3abd7f0284b4740567 Mon Sep 17 00:00:00 2001 From: Vincent Vanwaelscappel Date: Tue, 25 Jul 2023 15:00:16 +0200 Subject: [PATCH 1/1] wip #6174 @1.5 --- .gitattributes | 6 + .idea/.gitignore | 8 + .idea/deployment.xml | 420 ++++++++++++++++++++++++++++++++++++++++ .idea/misc.xml | 9 + .idea/modules.xml | 8 + .idea/office-backup.iml | 9 + .idea/vcs.xml | 6 + Dockerfile | 8 + README.md | 9 + backup | 16 ++ docker-compose.yml | 21 ++ docker-entrypoint.sh | 82 ++++++++ exclude | 0 ssh/id_rsa | 38 ++++ ssh/id_rsa.pub | 1 + update | 16 ++ updateall.bat | 2 + 17 files changed, 659 insertions(+) create mode 100644 .gitattributes create mode 100644 .idea/.gitignore create mode 100644 .idea/deployment.xml create mode 100644 .idea/misc.xml create mode 100644 .idea/modules.xml create mode 100644 .idea/office-backup.iml create mode 100644 .idea/vcs.xml create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 backup create mode 100644 docker-compose.yml create mode 100644 docker-entrypoint.sh create mode 100644 exclude create mode 100644 ssh/id_rsa create mode 100644 ssh/id_rsa.pub create mode 100644 update create mode 100644 updateall.bat diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fc87a42 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,6 @@ +* text=auto +*.sh text eol=lf +update text eol=lf +backup text eol=lf +*_key text eol=lf +*.bat text eol=crlf diff --git a/.idea/.gitignore b/.idea/.gitignore new file mode 100644 index 0000000..13566b8 --- /dev/null +++ b/.idea/.gitignore @@ -0,0 +1,8 @@ +# Default ignored files +/shelf/ +/workspace.xml +# Editor-based HTTP Client requests +/httpRequests/ +# Datasource local storage ignored files +/dataSources/ +/dataSources.local.xml diff --git a/.idea/deployment.xml b/.idea/deployment.xml new file mode 100644 index 0000000..9bc0f3d --- /dev/null +++ b/.idea/deployment.xml @@ -0,0 +1,420 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml new file mode 100644 index 0000000..b658e95 --- /dev/null +++ b/.idea/misc.xml @@ -0,0 +1,9 @@ + + + + + + + + \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml new file mode 100644 index 0000000..f3da30a --- /dev/null +++ b/.idea/modules.xml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/.idea/office-backup.iml b/.idea/office-backup.iml new file mode 100644 index 0000000..d6ebd48 --- /dev/null +++ b/.idea/office-backup.iml @@ -0,0 +1,9 @@ + + + + + + + + + \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml new file mode 100644 index 0000000..35eb1dd --- /dev/null +++ b/.idea/vcs.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fa99a76 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,8 @@ +FROM alpine +MAINTAINER "EEA: IDM2 A-Team" + +RUN apk add --no-cache --virtual .run-deps rsync openssh tzdata curl ca-certificates bash && rm -rf /var/cache/apk/* +COPY --chmod=755 docker-entrypoint.sh / + +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["sh"] \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..6172b8e --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# Installation + +On the server to backup : + +Fill correctly `/etc/officename`, the name will be used as the destination folder + +If docker is not installed : `wget https://get.docker.com -O get-docker.sh && sh get-docker.sh` + +`apt install -y git;mkdir -p /docker/office-backup;cd /docker/office-backup;git clone git://git.cubedesigners.com/office-backup.git .;chmod 755 update;./update` \ No newline at end of file diff --git a/backup b/backup new file mode 100644 index 0000000..d0b52c9 --- /dev/null +++ b/backup @@ -0,0 +1,16 @@ +#!/bin/sh +if pgrep -x "/usr/bin/rsync" >/dev/null +then + echo "backup is already running" + exit 0 +fi +gzip /var/log/*.log +name=`cat /etc/backup-officename` +d=$(date +%Y%m%d%H%i) + +servers=("a" "b" "c" "d" "e" "f" "g" "h") + +for server in "${servers[@]}" +do + /usr/bin/rsync -av --links --no-whole-file --exclude-from='/etc/backup.exclude' -e 'ssh -oStrictHostKeyChecking=no' "/data/mnt/$server/" "root@her.cubedesigners.com:/data/backup/$name/$server/" >> "/var/log/backup.$server.$d.log" 2>&1 +done \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..4af6c65 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,21 @@ +version: '3.3' +services: + backup: + network_mode: bridge + container_name: office-backup + volumes: + - '/:/data/' + - '/etc/officename:/etc/backup-officename' + - './exclude:/etc/backup.exclude' + - './backup:/usr/local/bin/backup' + - './log/:/var/log/' + - './ssh/id_rsa:/home/user/.ssh/id_rsa:ro' + - './ssh/id_rsa.pub:/home/user/.ssh/id_rsa.pub:ro' + - './ssh/id_rsa:/root/.ssh/id_rsa:ro' + - './ssh/id_rsa.pub:/root/.ssh/id_rsa.pub:ro' + restart: unless-stopped + build: . + env_file: env + environment: + - TZ=Europe/Paris + command: client diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100644 index 0000000..467d0bb --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,82 @@ +#!/bin/sh + +################################################################################ +# INIT +################################################################################ + +mkdir -p /root/.ssh +> /root/.ssh/authorized_keys +chmod go-rwx /root/.ssh/authorized_keys +sed -i "s/.*PasswordAuthentication .*/PasswordAuthentication no/g" /etc/ssh/sshd_config +sed -i 's/root:!/root:*/' /etc/shadow + +# Provide SSH_AUTH_KEY_* via environment variable +for item in `env`; do + case "$item" in + SSH_AUTH_KEY*) + ENVVAR=`echo $item | cut -d \= -f 1` + printenv $ENVVAR >> /root/.ssh/authorized_keys + ;; + esac +done + +# Provide CRON_TASK_* via environment variable +> /etc/crontabs/root +for item in `env`; do + case "$item" in + CRON_TASK*) + ENVVAR=`echo $item | cut -d \= -f 1` + printenv $ENVVAR >> /etc/crontabs/root + echo "root" > /etc/crontabs/cron.update + ;; + esac +done + +# Generate host SSH keys +if [ ! -e /etc/ssh/ssh_host_rsa_key.pub ]; then + ssh-keygen -A +fi + +# Generate root SSH key +if [ ! -e /root/.ssh/id_rsa.pub ]; then + ssh-keygen -q -N "" -f /root/.ssh/id_rsa +fi + +################################################################################ +# START as SERVER +################################################################################ + +if [ "$1" == "server" ]; then + AUTH=`cat /root/.ssh/authorized_keys` + if [ -z "$AUTH" ]; then + echo "==================================================================================" + echo "ERROR: No SSH_AUTH_KEY provided, you'll not be able to connect to this container. " + echo "==================================================================================" + exit 1 + fi + + SSH_PARAMS="-D -e -p ${SSH_PORT:-22} $SSH_PARAMS" + echo "================================================================================" + echo "Running: /usr/sbin/sshd $SSH_PARAMS " + echo "================================================================================" + + exec /usr/sbin/sshd -D $SSH_PARAMS +fi + +echo "Please add this ssh key to your server /home/user/.ssh/authorized_keys " +echo "================================================================================" +echo "`cat /root/.ssh/id_rsa.pub`" +echo "================================================================================" + +################################################################################ +# START as CLIENT via crontab +################################################################################ + +if [ "$1" == "client" ]; then + exec /usr/sbin/crond -f +fi + +################################################################################ +# Anything else +################################################################################ +exec "$@" diff --git a/exclude b/exclude new file mode 100644 index 0000000..e69de29 diff --git a/ssh/id_rsa b/ssh/id_rsa new file mode 100644 index 0000000..107cea8 --- /dev/null +++ b/ssh/id_rsa @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEA6i25yb89/BPyRq8nlsYYfhm5Cq8SBumM3iPKaT3g3V6EImVLxi8t +HeQJ3WZtqBi7NPUDPFvEEeLLu2iWBWuQbFUuwrA0RYDgjYQCSkSwqa3jxX+/HHUt9RsfrH +OoxGZUj8ZYPpRkCiiKNYcJuRm/aWRAQe/OjeggiFFRZtEu4Y+9JqNlxHMYasNVyo52cVUF +v61zgyC6+RRbSYkToO3CR6YERRquYGTp5cW9OF0/f8Tewo0x2XMJ+6yTk6ZtBCnuASfrm/ +CrdV5hJxPedxoLF3DKvnJhmNeHLlCfMCZXynWudzF+NcokdzPIIQQCpLerFqcHvtKlHI7+ +l5RYIKktLiWlFEsi9VPjoJw+L46hsloEaBr0SAtmao+YN2t2TyThIN3XQr/nPexBPpCP6s +kvZyeWY5ZOLP0zrOKHnvHDm9LGrMSbM3MrqL3R3y+RPLKHvkZe4vW/2EcyQeivySjqHPV2 +Hp0snXmp6ymtMI2cOXibwlxxy8wwPxw3f1c1cZTNAAAFgImkqDGJpKgxAAAAB3NzaC1yc2 +EAAAGBAOotucm/PfwT8kavJ5bGGH4ZuQqvEgbpjN4jymk94N1ehCJlS8YvLR3kCd1mbagY +uzT1AzxbxBHiy7tolgVrkGxVLsKwNEWA4I2EAkpEsKmt48V/vxx1LfUbH6xzqMRmVI/GWD +6UZAooijWHCbkZv2lkQEHvzo3oIIhRUWbRLuGPvSajZcRzGGrDVcqOdnFVBb+tc4MguvkU +W0mJE6DtwkemBEUarmBk6eXFvThdP3/E3sKNMdlzCfusk5OmbQQp7gEn65vwq3VeYScT3n +caCxdwyr5yYZjXhy5QnzAmV8p1rncxfjXKJHczyCEEAqS3qxanB77SpRyO/peUWCCpLS4l +pRRLIvVT46CcPi+OobJaBGga9EgLZmqPmDdrdk8k4SDd10K/5z3sQT6Qj+rJL2cnlmOWTi +z9M6zih57xw5vSxqzEmzNzK6i90d8vkTyyh75GXuL1v9hHMkHor8ko6hz1dh6dLJ15qesp +rTCNnDl4m8JcccvMMD8cN39XNXGUzQAAAAMBAAEAAAGAAzFXLYjRaLhzOI186wtLh6zbM6 +v9w1kCEfwaOcJ0PyHyNV8BBU8e5f7Q/c70T1QK3LhUH9YPjQX5HCUIqnSjpxXx1wmdlJHI +Dn2d+C67oXxXmjqIxhTHKxQpwJz2TD8yE+KT6b6CLwv7ScOabfpu0wmzexfRvi5kfsS2mp +ic/8H0e255QvNXaWW9OA15HrOKJiuavfykismHdPYjo17bgtFWd/PjE2JWH/iXU42gnq5E +fKZ9xizmBbg74bEKs0OKzJSCXSdLeEEdDIIxWkHtJimoiquFC0fFiwvHD5f+EwiiZY0ESR +DuRpQN9FkTyvuM04T2Oh+TKqc2Stos+6IleseR+lLnoUhy9hl9m+DNYvye35XxYU1XS4IN +XDb8rhcvYSBkcFhbuQUk0qOJAO71+zpYsOA/Z83gvwcQV0m0NxBWa677khacGWm9ON/Oe5 +Ieo/eP79UQRh/k/Cdc/FuH0b+RWE951WjbjXiSnTuGwKvL9q6NZOd4fUMN+Po1FDltAAAA +wQCusRT/AHNUG/+OiPbvMPpG424s6znNbKQ2sWdbEFHn3nH7os+uhqdlN01Cngi19Ip7v7 +0tGr73KgdeUPceh1lIFElvpIf0fN1X3PzVKCeKa+GZrROw5hKAKw/5jGIqIORbJ6ocF3DP +w3HeTkPwRn5n1/h0YbZFlcDefHRX5C1adDamJxK3MCtsS4SuoRMBfC37g355l4bJ8qc885 +4oaUNUepDZD5phSiPnDD2oaZ6pItOEjsdilE2Mv1sjH6S0EJIAAADBAOv3qJQpZ65SXOrb +s4qzp3nwxCdcO5qsc7rfDbshh/nyp1YOKGyce9WRlQD1b9JvqyTsFqTs2GoG7mk4fLR4bx +ZmGrvLbpxJACQ4uv6tqFaCeZhwFMtlggwPu6nzI09i8WyKW7L5FNX61On+yGana2LoH8h6 +jxUOpGS3SOsvSBOo8GVZJWgKQTy9UnQqwsncpmE3V6ifHnTQK3WJxoiMdNXYwS+mY+edMT +FsO9aUyEPLERIn5NPdGaM05yILVjDKswAAAMEA/g8w1jCmlfX4XZkFBYFL/o1h2vixNckF +PhIE8WwRhORwBY0+BzJD2zg5RrCDHGg8ZWk4i/m+kL6Px3OJY1O4PGXUweJqT2O1z5GJ/T +xU1XoDnylaa9oFzfQXpQ7trqPuTX963qcAABbvpCmXuqJXCwVcv0WzC5YVW6aF2YBSQg0A +TBnVg6g1RJyZ/UAC7btu64sRWJHOO7it94Pp+Fikv8KMzTwrlFOWNzj6PPnSNjdKaQWWcx +jvalt8bBHACeJ/AAAACHJvb3RAaGVyAQI= +-----END OPENSSH PRIVATE KEY----- diff --git a/ssh/id_rsa.pub b/ssh/id_rsa.pub new file mode 100644 index 0000000..b6265dd --- /dev/null +++ b/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDqLbnJvz38E/JGryeWxhh+GbkKrxIG6YzeI8ppPeDdXoQiZUvGLy0d5AndZm2oGLs09QM8W8QR4su7aJYFa5BsVS7CsDRFgOCNhAJKRLCprePFf78cdS31Gx+sc6jEZlSPxlg+lGQKKIo1hwm5Gb9pZEBB786N6CCIUVFm0S7hj70mo2XEcxhqw1XKjnZxVQW/rXODILr5FFtJiROg7cJHpgRFGq5gZOnlxb04XT9/xN7CjTHZcwn7rJOTpm0EKe4BJ+ub8Kt1XmEnE953GgsXcMq+cmGY14cuUJ8wJlfKda53MX41yiR3M8ghBAKkt6sWpwe+0qUcjv6XlFggqS0uJaUUSyL1U+OgnD4vjqGyWgRoGvRIC2Zqj5g3a3ZPJOEg3ddCv+c97EE+kI/qyS9nJ5Zjlk4s/TOs4oee8cOb0sasxJszcyuovdHfL5E8soe+Rl7i9b/YRzJB6K/JKOoc9XYenSydeanrKa0wjZw5eJvCXHHLzDA/HDd/VzVxlM0= officebackup@cubedesigners \ No newline at end of file diff --git a/update b/update new file mode 100644 index 0000000..865e86a --- /dev/null +++ b/update @@ -0,0 +1,16 @@ +#!/bin/bash +cd /docker/office-backup +if [ ! -f ./env ] +then + echo 'CRON_TASK_1="0 22 * * * /usr/local/bin/backup"' > ./env +fi +git config --global --add safe.directory /docker/office-backup +git fetch --all +git reset --hard origin/master +git stash +git pull origin master +chmod 755 ./ssh +chmod 600 ./ssh/id_rsa +DOCKER_BUILDKIT=1 docker compose build +docker compose down +docker compose up -d diff --git a/updateall.bat b/updateall.bat new file mode 100644 index 0000000..4bce7e0 --- /dev/null +++ b/updateall.bat @@ -0,0 +1,2 @@ +ssh root@192.168.10.5 -p 22822 "/docker/office-backup/update" +ssh root@fastandfurious.cubedesigners.com -p 22822 "/docker/office-backup/update" \ No newline at end of file -- 2.39.5