# BackupD A simple backup script. ## Installation Prerequisites: - **OS MUST be Debian 12** - CLI Tools: - `rclone` - `openssl` - `tar` - `zstd` - `sha256sum` - If you need to run the script as scheduled tasks, you need to use `cron` or `systemd-timer`. Clone the repository: ```bash git clone https://devops.lty.name/luo/backupd.git /opt/backupd ``` ## Configuration > > **Note** > > You have to complete ALL FOLLOWING STEPS to make the script work properly. > **Permissions** Don't forget to change the ownership and permissions of the files: ```bash chown -R root:root /opt/backupd cd /opt/backupd for file in *.example; do mv "$file" "${file%.example}" done chmod 600 rclone.conf passwd ``` **Rclone** Run the following command to initialize Rclone: ```bash export RCLONE_CONFIG=/opt/backupd/rclone.conf rclone config ``` See `rclone.conf.example` for an example configuration. Ensure `dest` section exist in `rclone.conf`. Otherwise, the script will **fail and work unexpectedly**. **Includes and Excludes** You also need to configure the `includes` and `excludes` files. - `includes`: Files and directories to be backed up. - `excludes`: Files and directories to be excluded from the backup. See `includes.example` and `excludes.example` for example configurations. **Encryption** You **MUST** set the encryption password in the `passwd` file. ```bash AES_PASSWD="your_password" ITER_COUNT=100000 ``` See `passwd.example` for an example configuration. If you did not set the password, the script will encrypt your backup with your hostname, which **IS NOT SECURE**. **Scheduled Tasks** If you wish to run the script as scheduled tasks, copy the fillowing files to `/etc/systemd/system/`: - `backupd.service` - `backupd.timer` ```bash cp /opt/backupd/backupd.service /etc/systemd/system/ cp /opt/backupd/backupd.timer /etc/systemd/system/ ``` Then, enable and start the timer: ```bash systemctl enable backupd.service systemctl start backupd.service systemctl enable --now backupd.timer ``` ## Restore the Backup First, ensure the required environment variables are set: ```bash export RCLONE_CONFIG=/opt/backupd/rclone.conf ITER_COUNT=100000 AES_PASSWD= ``` Then, view the list of backups: ``` rclone tree dest: ``` Fetch the backup you want to restore: ```bash server= rclone copy -P dest:server-$server/ ./restore-$server cd ./restore-$server ``` Check the integrity of the backup: ```bash for file in *.enc; do rclone lsjson -M "dest:server-$server/$file" > "$file.metadata" output=$(echo "$file" | cut -d"_" -f3-4 | cut -d"." -f1 | tr ':" ' '-').tar.zst openssl enc -d -aes-256-cbc -pbkdf2 -iter $ITER_COUNT -k "$AES_PASSWD" -in "$file" -out "$output" enc_hash=$(cat "$file.metadata" | jq -r '.[].Metadata."sha256-enc"') zst_hash=$(cat "$file.metadata" | jq -r '.[].Metadata."sha256-zst"') echo "$enc_hash $file" | sha256sum -c echo "$zst_hash $output" | sha256sum -c done ``` Decompress the backup: ```bash for file in *.tar.zst; do out=$server-${file%.tar.zst} mkdir -p "$out" && tar -xvf "$file" -C "./$server-${file%.tar.zst}" done ``` ## Contributing Notice If you wish to contribute to this project, please make sure you use `shellcheck` to lint the script. ```bash shellcheck -x backupd ``` ## License This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.