cjones/restic-automatic-backup-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename *.env files to *.env.sh

Browse Source 
Fixes #66
This commit is contained in:
Erik Westrup
2022-02-08 17:26:07 +01:00
parent 27d757fc29
commit ab928d0dfd
9 changed files with 25 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+1
View File
@@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
# systemctl enable restic-backup@<profile>.timer # systemctl enable restic-backup@<profile>.timer
``` ```
- **BREAKING CHANGE** moved script installation with makefile from `/usr/local/sbin` to `/bin` to have a simpler interface to work with `$PREFIX`. - **BREAKING CHANGE** moved script installation with makefile from `/usr/local/sbin` to `/bin` to have a simpler interface to work with `$PREFIX`.
- **BREAKING CHANGE** renamed `etc/restic/*.env` files to `etc/restic/*.env.sh` to clearly communicate that it's a shell script that will be executed (source), and also hint at code editors what file this is to set corect syntax highligting etc.
- Renamed top level make install targets. The old `$ make install` is now `$ make install-systemd` - Renamed top level make install targets. The old `$ make install` is now `$ make install-systemd`
### Fixed ### Fixed
README.md
+13 -13
View File
@@ -61,8 +61,8 @@ Depending on your system, the setup will look different. Choose one of
and `/usr/bin`). Have a look to the `Makefile` to know more. and `/usr/bin`). Have a look to the `Makefile` to know more.
1. Fill out configuration values (edit with sudo): 1. Fill out configuration values (edit with sudo):
* `/etc/restic/pw.txt` - Contains the password (single line) to be used by restic to encrypt the repository files. Should be different than your B2 password! * `/etc/restic/pw.txt` - Contains the password (single line) to be used by restic to encrypt the repository files. Should be different than your B2 password!
* `/etc/restic/_global.env` - Global environment variables. * `/etc/restic/_global.env.sh` - Global environment variables.
* `/etc/restic/default.env` - Profile specific environment variables (multiple profiles can be defined by copying to `/etc/restic/something.env`). * `/etc/restic/default.env.sh` - Profile specific environment variables (multiple profiles can be defined by copying to `/etc/restic/something.env.sh`).
* `/etc/restic/backup_exclude.txt` - List of file patterns to ignore. This will trim down your backup size and the speed of the backup a lot when done properly! * `/etc/restic/backup_exclude.txt` - List of file patterns to ignore. This will trim down your backup size and the speed of the backup a lot when done properly!
1. Initialize remote repo as described [below](#3-initialize-remote-repo) 1. Initialize remote repo as described [below](#3-initialize-remote-repo)
1. Configure [how often](https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events) back up should be made. 1. Configure [how often](https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events) back up should be made.
@@ -82,10 +82,10 @@ Depending on your system, the setup will look different. Choose one of
1. Verify the backup 1. Verify the backup
```console ```console
$ sudo -i $ sudo -i
$ source /etc/restic/default.env $ source /etc/restic/default.env.sh
$ restic snapshots $ restic snapshots
``` ```
1. (optional) Define multiple profiles: just make a copy of the `default.env` and use the defined profile name in place of `default` to run backups or enable timers. Notice that the value after `@` works as a parameter. 1. (optional) Define multiple profiles: just make a copy of the `default.env.sh` and use the defined profile name in place of `default` to run backups or enable timers. Notice that the value after `@` works as a parameter.
1. (optional) Enable the check job that verifies that the backups for the profile are all intact. 1. (optional) Enable the check job that verifies that the backups for the profile are all intact.
```console ```console
$ sudo systemctl enable --now restic-check@default.timer $ sudo systemctl enable --now restic-check@default.timer
@@ -130,10 +130,10 @@ For restic to be able to connect to your bucket, you want to in the B2 settings
> **Attention!** Going the manual way requires that most of the following commands are run as root. > **Attention!** Going the manual way requires that most of the following commands are run as root.
Put these files in `/etc/restic/`: Put these files in `/etc/restic/`:
* `_global.env`: Fill this file out with your global settings including B2 keyID & applicationKey. A global exclude list is set here (explained in section below). * `_global.env.sh`: Fill this file out with your global settings including B2 keyID & applicationKey. A global exclude list is set here (explained in section below).
* `default.env`: This is the default profile. Fill this out with bucket name, backup paths and retention policy. This file sources `_global.env` and is thus self-contained and can be sourced in the shell when you want to issue some manual restic commands. For example: * `default.env.sh`: This is the default profile. Fill this out with bucket name, backup paths and retention policy. This file sources `_global.env.sh` and is thus self-contained and can be sourced in the shell when you want to issue some manual restic commands. For example:
```console ```console
$ source /etc/restic/default.env $ source /etc/restic/default.env.sh
$ restic snapshots # You don't have to supply all parameters like --repo, as they are now in your environment! $ restic snapshots # You don't have to supply all parameters like --repo, as they are now in your environment!
```` ````
* `pw.txt`: This file should contain the restic password used to encrypt the repository. This is a new password what soon will be used when initializing the new repository. It should be unique to this restic backup repository and is needed for restoring from it. Don't re-use your B2 login password, this should be different. For example you can generate a 128 character password (must all be on one line) with: * `pw.txt`: This file should contain the restic password used to encrypt the repository. This is a new password what soon will be used when initializing the new repository. It should be unique to this restic backup repository and is needed for restoring from it. Don't re-use your B2 login password, this should be different. For example you can generate a 128 character password (must all be on one line) with:
@@ -145,16 +145,16 @@ Put these files in `/etc/restic/`:
Now we must initialize the repository on the remote end: Now we must initialize the repository on the remote end:
```console ```console
$ sudo -i $ sudo -i
$ source /etc/restic/default.env $ source /etc/restic/default.env.sh
$ restic init $ restic init
``` ```
#### 4. Script for doing the backup #### 4. Script for doing the backup
Put this file in `/bin`: Put this file in `/bin`:
* `restic_backup.sh`: A script that defines how to run the backup. The intention is that you should not need to edit this script yourself, but be able to control everything from the `*.env` profiles. * `restic_backup.sh`: A script that defines how to run the backup. The intention is that you should not need to edit this script yourself, but be able to control everything from the `*.env.sh` profiles.
Restic support exclude files. They list file pattern paths to exclude from you backups, files that just occupy storage space, backup-time, network and money. `restic_backup.sh` allows for a few different exclude files. Restic support exclude files. They list file pattern paths to exclude from you backups, files that just occupy storage space, backup-time, network and money. `restic_backup.sh` allows for a few different exclude files.
* `/etc/restic/backup_exclude.txt` - global exclude list. You can use only this one if your setup is easy. This is set in `_global.env`. If you need a different file for another profile, you can override the envvar `RESTIC_BACKUP_EXCLUDE_FILE` in this profile. * `/etc/restic/backup_exclude.txt` - global exclude list. You can use only this one if your setup is easy. This is set in `_global.env.sh`. If you need a different file for another profile, you can override the envvar `RESTIC_BACKUP_EXCLUDE_FILE` in this profile.
* `.backup_exclude.txt` per backup path. If you have e.g. an USB disk mounted at /mnt/media and this path is included in the `$RESTIC_BACKUP_PATHS`, you can place a file `/mnt/media/.backup_exclude.txt` and it will automatically picked up. The nice thing about this is that the backup paths are self-contained in terms of what they shoud exclude! * `.backup_exclude.txt` per backup path. If you have e.g. an USB disk mounted at /mnt/media and this path is included in the `$RESTIC_BACKUP_PATHS`, you can place a file `/mnt/media/.backup_exclude.txt` and it will automatically picked up. The nice thing about this is that the backup paths are self-contained in terms of what they shoud exclude!
#### 5. Make first backup #### 5. Make first backup
@@ -162,15 +162,15 @@ Now see if the backup itself works, by running as root
```console ```console
$ sudo -i $ sudo -i
$ source /etc/restic/default.env $ source /etc/restic/default.env.sh
$ /bin/restic_backup.sh $ /bin/restic_backup.sh
```` ````
#### 6. Verify the backup #### 6. Verify the backup
As the `default.env` is already sourced in your root shell, you can now just list the snapshos As the `default.env.sh` is already sourced in your root shell, you can now just list the snapshos
```console ```console
$ sudo -i $ sudo -i
$ source /etc/restic/default.env $ source /etc/restic/default.env.sh
$ restic snapshots $ restic snapshots
``` ```
bin/restic_backup.sh
+2 -2
View File
@@ -5,7 +5,7 @@
# - from restic service/timer: $PREFIX/etc/systemd/system/restic-backup.{service,timer} # - from restic service/timer: $PREFIX/etc/systemd/system/restic-backup.{service,timer}
# - from a cronjob: $PREFIX/etc/cron.d/restic # - from a cronjob: $PREFIX/etc/cron.d/restic
# - manually by a user. For it to work, the environment variables must be set in the shell where this script is executed # - manually by a user. For it to work, the environment variables must be set in the shell where this script is executed
# $ source $PREFIX/etc/default.env # $ source $PREFIX/etc/default.env.sh
# $ restic_backup.sh # $ restic_backup.sh
# Exit on error, unset var, pipe failure # Exit on error, unset var, pipe failure
@@ -28,7 +28,7 @@ assert_envvars() {
local varnames=("$@") local varnames=("$@")
for varname in "${varnames[@]}"; do for varname in "${varnames[@]}"; do
if [ -z ${!varname+x} ]; then if [ -z ${!varname+x} ]; then
printf "%s must be set for this script to work.\n\nDid you forget to source a /etc/restic/*.env profile in the current shell before executing this script?\n" "$varname" >&2 printf "%s must be set for this script to work.\n\nDid you forget to source a /etc/restic/*.env.sh profile in the current shell before executing this script?\n" "$varname" >&2
exit 1 exit 1
fi fi
done done
bin/restic_check.sh
+1 -1
View File
@@ -20,7 +20,7 @@ assert_envvars() {
local varnames=("$@") local varnames=("$@")
for varname in "${varnames[@]}"; do for varname in "${varnames[@]}"; do
if [ -z ${!varname+x} ]; then if [ -z ${!varname+x} ]; then
printf "%s must be set for this script to work.\n\nDid you forget to source a /etc/restic/*.env profile in the current shell before executing this script?\n" "$varname" >&2 printf "%s must be set for this script to work.\n\nDid you forget to source a /etc/restic/*.env.sh profile in the current shell before executing this script?\n" "$varname" >&2
exit 1 exit 1
fi fi
done done
bin/resticw
+1 -1
View File
@@ -131,7 +131,7 @@ ERR_NO_SUCH_PROFILE=2
ERR_PROFILE_NO_READ_PERM=3 ERR_PROFILE_NO_READ_PERM=3
# shellcheck disable=SC2154 # shellcheck disable=SC2154
profile_file="${ENV_DIR}/${__profile}.env" profile_file="${ENV_DIR}/${__profile}.env.sh"
[[ ! -f "$profile_file" ]] && echo "Invalid profile: No such environment file ${profile_file}" && exit "$ERR_NO_SUCH_PROFILE" [[ ! -f "$profile_file" ]] && echo "Invalid profile: No such environment file ${profile_file}" && exit "$ERR_NO_SUCH_PROFILE"
etc/restic/_global.env → etc/restic/_global.env.sh
+1 -1
View File
@@ -1,5 +1,5 @@
# Global envionment variables # Global envionment variables
# These variables are sourced FIRST, and any values inside of *.env files for # These variables are sourced FIRST, and any values inside of *.env.sh files for
# specific configurations will override if also defined there. # specific configurations will override if also defined there.
etc/restic/default.env → etc/restic/default.env.sh
+4 -4
View File
@@ -1,17 +1,17 @@
# This is the default profile. Fill it with your desired configuration. # This is the default profile. Fill it with your desired configuration.
# Additionally, you can create and use more profiles by copying this file. # Additionally, you can create and use more profiles by copying this file.
# This file (and other .env files) has two purposes: # This file (and other .env.sh files) has two purposes:
# - being sourced by systemd timers to setup the backup before running restic_backup.sh # - being sourced by systemd timers to setup the backup before running restic_backup.sh
# - being sourced in a user's shell to work directly with restic commands e.g. # - being sourced in a user's shell to work directly with restic commands e.g.
# $ source /etc/restic/default.env # $ source /etc/restic/default.env.sh
# $ restic snapshots # $ restic snapshots
# Thus you don't have to provide all the arguments like # Thus you don't have to provide all the arguments like
# $ restic --repo ... --password-file ... # $ restic --repo ... --password-file ...
source $INSTALL_PREFIX/etc/restic/_global.env source $INSTALL_PREFIX/etc/restic/_global.env.sh
# Below envvar will override those in _global.env # Below envvar will override those in _global.env.sh
export RESTIC_REPOSITORY="b2:<b2-repo-name>" # *EDIT* fill with your repo name export RESTIC_REPOSITORY="b2:<b2-repo-name>" # *EDIT* fill with your repo name
usr/lib/systemd/system/restic-backup@.service
+1 -1
View File
@@ -10,4 +10,4 @@ Nice=10
Environment="HOME=/root" Environment="HOME=/root"
# The random sleep (in seconds) is in the case of multiple backup profiles. Many restic instances started at the same time could case high load or network bandwith usage. # The random sleep (in seconds) is in the case of multiple backup profiles. Many restic instances started at the same time could case high load or network bandwith usage.
# `systemd-cat` allows showing the restic output to the systemd journal # `systemd-cat` allows showing the restic output to the systemd journal
ExecStart=bash -c 'ps cax | grep -q restic && sleep $(shuf -i 0-300 -n 1); source $INSTALL_PREFIX/etc/restic/%I.env && $INSTALL_PREFIX/bin/restic_backup.sh | systemd-cat' ExecStart=bash -c 'ps cax | grep -q restic && sleep $(shuf -i 0-300 -n 1); source $INSTALL_PREFIX/etc/restic/%I.env.sh && $INSTALL_PREFIX/bin/restic_backup.sh | systemd-cat'
usr/lib/systemd/system/restic-check@.service
+1 -1
View File
@@ -8,4 +8,4 @@ Requires=nm-unmetered-connection.service
Type=simple Type=simple
Nice=10 Nice=10
# `systemd-cat` allows showing the restic output to the systemd journal # `systemd-cat` allows showing the restic output to the systemd journal
ExecStart=bash -c 'source $INSTALL_PREFIX/etc/restic/%I.env && $INSTALL_PREFIX/bin/restic_check.sh | systemd-cat' ExecStart=bash -c 'source $INSTALL_PREFIX/etc/restic/%I.env.sh && $INSTALL_PREFIX/bin/restic_check.sh | systemd-cat'