YunoHost-Apps/borg_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/borg_ynh.git synced 2024-09-03 18:16:05 +02:00
Code Issues Activity Actions

Merge pull request #147 from YunoHost-Apps/manifestv2

Browse source 
Manifest v2
This commit is contained in:
Salamandar 2024-01-06 14:21:24 +01:00 committed by GitHub
commit 52a4a4faeb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 322 additions and 963 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

232
README.md
View file

@ -16,238 +16,16 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
Backup your server on a host server using Borg
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) implementation to backup a YunoHost server.
This is the Borg Backup App to be installed on a server to backup. It works together with a [Borg Server App](https://github.com/YunoHost-Apps/borgserver_ynh) installed on a host server.
**Shipped version:** 1.1.16~ynh30
## Disclaimers / important information
## :warning: NB. : This doc is partially obsolete and should be reworked! :warning:
## How to backup your server with this app?
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
* IDs of YunoHost apps you want to backup
* Regular time schedule for your backups, see below
* Install Borg Backup App (`borg`) on guest Server A
* Install Borg Server App (`borgserver`) on host Server B
* Save the passphrase in another place than your server. Without the passphrase, you won't be able to restore data.
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
Should Borg backup your YunoHost configuration? [yes | no] (default: yes):
Should Borg backup emails and user home directory? [yes | no] (default: yes):
Which apps should Borg backup ? (default: all):
With which regular time schedule should the backups be performed? (see systemd OnCalendar format) (default: Daily):
Do you want admin to receive mail notifications on backups ? [always | errors_only | never]: never
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
* Hourly : Hourly o Clock
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
### Overview
The idea here, if you need to restore a whole yunohost system is:
1. Install a new Debian VM
2. Install YunoHost in it the usual way
3. Go through YunoHost postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.
## Documentation and resources
* Official app website: <https://borgbackup.readthedocs.io>
* YunoHost documentation for this app: <https://yunohost.org/app_borg>
* YunoHost Store: <https://apps.yunohost.org/app/borg>
* Report a bug: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Developer info

232
README_fr.md
View file

@ -16,238 +16,16 @@ Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
## Vue densemble
Sauvegardez votre serveur sur un serveur distant avec Borg
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) implementation to backup a YunoHost server.
This is the Borg Backup App to be installed on a server to backup. It works together with a [Borg Server App](https://github.com/YunoHost-Apps/borgserver_ynh) installed on a host server.
**Version incluse :** 1.1.16~ynh30
## Avertissements / informations importantes
## :warning: NB. : This doc is partially obsolete and should be reworked! :warning:
## How to backup your server with this app?
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
* IDs of YunoHost apps you want to backup
* Regular time schedule for your backups, see below
* Install Borg Backup App (`borg`) on guest Server A
* Install Borg Server App (`borgserver`) on host Server B
* Save the passphrase in another place than your server. Without the passphrase, you won't be able to restore data.
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
Should Borg backup your YunoHost configuration? [yes | no] (default: yes):
Should Borg backup emails and user home directory? [yes | no] (default: yes):
Which apps should Borg backup ? (default: all):
With which regular time schedule should the backups be performed? (see systemd OnCalendar format) (default: Daily):
Do you want admin to receive mail notifications on backups ? [always | errors_only | never]: never
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
* Hourly : Hourly o Clock
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
### Overview
The idea here, if you need to restore a whole yunohost system is:
1. Install a new Debian VM
2. Install YunoHost in it the usual way
3. Go through YunoHost postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.
## Documentations et ressources
* Site officiel de lapp : <https://borgbackup.readthedocs.io>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_borg>
* YunoHost Store: <https://apps.yunohost.org/app/borg>
* Signaler un bug : <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Informations pour les développeurs

47
check_process
View file

@ -1,47 +0,0 @@
;; Test remote directory
; Manifest
repository="ssh://sam@domain.tld:22/~/backup"
passphrase="APassphrase"
conf=1
data=1
apps="all"
on_calendar="Daily"
mailalert="errors_only"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=0
setup_nourl=1
setup_private=0
setup_public=0
upgrade=1
upgrade=1 from_commit=d1cd666ee27f5cfb8e40c6f44a09370381b41b35
backup_restore=1
multi_instance=1
port_already_use=0
change_url=0
;; Test local directory
; Manifest
repository="/mnt/backup"
passphrase="APassphrase"
conf=1
data=1
apps="all"
on_calendar="Daily"
mailalert="errors_only"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=0
setup_nourl=1
setup_private=0
setup_public=0
upgrade=1
backup_restore=1
multi_instance=1
port_already_use=0
change_url=0
;;; Upgrade options
; commit=d1cd666ee27f5cfb8e40c6f44a09370381b41b35
name=Older ynh 11 version
manifest_arg=server=domain.tld:22&ssh_user=package_checker&passphrase=APassphrase&conf=1&data=1&apps=all&on_calendar=Daily&mailalert=never

65
doc/DISCLAIMER.md → doc/ADMIN.md
View file

@ -3,6 +3,7 @@
## How to backup your server with this app?
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
@ -15,9 +16,10 @@ You want to backup a critical "guest" Server A onto a remote "host" Server B, yo
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
```bash
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
@ -29,7 +31,9 @@ Do you want admin to receive mail notifications on backups ? [always | errors_on
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
@ -37,25 +41,32 @@ You can schedule regular backups at specific time. Only one regular time schedul
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
See here for more info : <https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer>
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
```text
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
```bash
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
```bash
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
@ -63,43 +74,51 @@ Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```bash
systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```bash
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
* the server to backup/restore will be called: `yuno`
* the remote server that receives and store the back will be called: `rem`
* `rem` is accessible at the domain `rem.tld`
* the remote user on `rem` which owns the Borg backups will be called `yurem`
* backup files will be stored in `rem` in the directory: `/home/yurem/backup`
### Overview
@ -125,6 +144,7 @@ If you don't want to restore the whole system, just some apps, you can skip some
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
@ -200,23 +220,28 @@ sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
`yunohost app setting borg apps -v "nextcloud,wordpress"`
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
`borg info /home/servera/backup`
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.

4
doc/DECSRIPTION.md → doc/DESCRIPTION.md
View file

@ -1 +1,3 @@
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) implementation to backup a YunoHost server. This is the Borg Backup App to be installed on a server to backup. It works together with a [Borg Server App](https://github.com/YunoHost-Apps/borgserver_ynh) installed on a host server.
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) implementation to backup a YunoHost server.
This is the Borg Backup App to be installed on a server to backup. It works together with a [Borg Server App](https://github.com/YunoHost-Apps/borgserver_ynh) installed on a host server.

12
doc/POST_INSTALL.md Normal file
View file

@ -0,0 +1,12 @@
You should check out the admin documentation of this app after installation for more info!
If you selected a remote borg server as backup target, you should now install the "Borg Server" app on __SERVER__ and with the following credentials:
User: __SSH_USER__
Public key: __PUBLIC_KEY__
Or if you want to use cli:
`yunohost app install https://github.com/YunoHost-Apps/borgserver_ynh -a "ssh_user=__SSH_USER__&public_key=__PUBLIC_KEY__"`
If you facing an issue or want to improve this app, please open a new issue in this project: <https://github.com/YunoHost-Apps/borg_ynh>

104
manifest.json
View file

@ -1,104 +0,0 @@
{
"name": "Borg Backup",
"id": "borg",
"packaging_format": 1,
"description": {
"en": "Backup your server on a host server using Borg",
"fr": "Sauvegardez votre serveur sur un serveur distant avec Borg"
},
"version": "1.1.16~ynh30",
"url": "https://borgbackup.readthedocs.io",
"upstream": {
"license": "BSD-3-Clause",
"website": "https://borgbackup.readthedocs.io"
},
"license": "BSD-3-Clause",
"maintainer": {
"name": "ljf",
"email": "ljf+borg_ynh@reflexlibre.net",
"url": "https://reflexlibre.net"
},
"requirements": {
"yunohost": ">= 11.0.9"
},
"multi_instance": true,
"services": [],
"arguments": {
"install" : [
{
"name": "repository",
"type": "string",
"ask": {
"en": "In which borg repository location do you want to backup your files ?",
"fr": "Dans quel repo borg souhaitez-vous sauvegarder vos fichiers ?"
},
"help":{
"en": "Specify a local repository like /mount/my_external_harddrive/backups or a remote repository using this format: ssh://USER@DOMAIN.TLD:PORT/~/backup . If you plan to use borgserver_ynh app : 'USER' is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than ~/backup."
},
"example": "ssh://john@serverb.tld:22/~/backup"
},
{
"name": "passphrase",
"type": "password",
"ask": {
"en": "Provide a strong passphrase to encrypt your backups. No blank space",
"fr": "Indiquez une phrase de passe forte pour chiffrer vos sauvegardes. Sans espaces"
},
"help":{
"en": "Keep it safe! ...if you want to be able to restore. Do not communicate it to host Server holder or anyone else.",
"fr": "Gardez-la précieusement! ...si vous voulez pouvoir restaurer. Ne donnez pas la clé au possesseur du Serveur distant, ni personne."
}
},
{
"name": "conf",
"type": "boolean",
"ask": {
"en": "Should Borg backup your YunoHost configuration?",
"fr": "Borg doit-il sauvegarder la configuration système YunoHost ?"
},
"default": true
},
{
"name": "data",
"type": "boolean",
"ask": {
"en": "Should Borg backup emails and user home directory?",
"fr": "Borg doit-il sauvegarder les mails et les répertoires des utilisateurs ?"
},
"default": true
},
{
"name": "apps",
"type": "string",
"ask": {
"en": "Which apps should Borg backup ?",
"fr": "Quelles applications doivent être sauvegardées par Borg ?"
},
"help":{
"en": "App list separated by comma. You can write 'all' to select all apps, even those installed after this borg app. You can also select all apps but some apps by writing 'exclude:' following by an app list separated by comma.",
"fr": "Liste d'applications séparées par des virgules. Vous pouvez écrire 'all' pour sélectionner toutes les apps, même celles installées après cette application borg. Vous pouvez aussi sélectionner toutes les apps sauf certaines en écrivant 'exclude:' suivi d'une liste d'applications séparées par des virgules."
},
"default": "all"
},
{
"name": "on_calendar",
"type": "string",
"ask": {
"en": "With which regular time schedule should the backups be performed? (see systemd OnCalendar format)",
"fr": "À quelle fréquence les sauvegardes doivent-elles être effectuées ? (voir le format OnCalendar de systemd)"
},
"example": "Monthly or Weekly or Daily or Hourly or 4:00 or 5,17:00 or Sat --1..7 18:00:00",
"default": "Daily"
},
{
"name": "mailalert",
"type": "string",
"ask": {
"en": "Do you want admin to receive mail notifications on backups ?",
"fr": "Souhaitez-vous recevoir des notifications par mail à chaque sauvegarde ?"
},
"choices": ["always", "errors_only", "never"]
}
]
}
}

97
manifest.toml Normal file
View file

@ -0,0 +1,97 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
packaging_format = 2
id = "borg"
name = "Borg Backup"
description.en = "Backup your server on a host server using Borg"
description.fr = "Sauvegardez votre serveur sur un serveur distant avec Borg"
version = "1.1.16~ynh30"
maintainers = ["ljf"]
[upstream]
license = "BSD-3-Clause"
website = "https://borgbackup.readthedocs.io"
cpe = "cpe:2.3:a:borg_project:borg"
fund = "https://www.borgbackup.org/support/fund.html"
[integration]
yunohost = ">= 11.0.9"
architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
multi_instance = true
ldap = "not_relevant"
sso = "not_relevant"
disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ...
ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
[install]
[install.repository]
ask.en = "In which borg repository location do you want to backup your files ?"
ask.fr = "Dans quel repo borg souhaitez-vous sauvegarder vos fichiers ?"
help.en = "Specify a local repository like /mount/my_external_harddrive/backups or a remote repository using this format: ssh://USER@DOMAIN.TLD:PORT/~/backup . If you plan to use borgserver_ynh app : 'USER' is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than ~/backup."
type = "string"
example = "ssh://john@serverb.tld:22/~/backup"
[install.passphrase]
ask.en = "Provide a strong passphrase to encrypt your backups. No blank space"
ask.fr = "Indiquez une phrase de passe forte pour chiffrer vos sauvegardes. Sans espaces"
help.en = "Keep it safe! ...if you want to be able to restore. Do not communicate it to host Server holder or anyone else."
help.fr = "Gardez-la précieusement! ...si vous voulez pouvoir restaurer. Ne donnez pas la clé au possesseur du Serveur distant, ni personne."
type = "password"
[install.conf]
ask.en = "Should Borg backup your YunoHost configuration?"
ask.fr = "Borg doit-il sauvegarder la configuration système YunoHost ?"
type = "boolean"
default = true
[install.data]
ask.en = "Should Borg backup emails and user home directory?"
ask.fr = "Borg doit-il sauvegarder les mails et les répertoires des utilisateurs ?"
type = "boolean"
default = true
[install.apps]
ask.en = "Which apps should Borg backup ?"
ask.fr = "Quelles applications doivent être sauvegardées par Borg ?"
help.en = "App list separated by comma. You can write 'all' to select all apps, even those installed after this borg app. You can also select all apps but some apps by writing 'exclude:' following by an app list separated by comma."
help.fr = "Liste d'applications séparées par des virgules. Vous pouvez écrire 'all' pour sélectionner toutes les apps, même celles installées après cette application borg. Vous pouvez aussi sélectionner toutes les apps sauf certaines en écrivant 'exclude:' suivi d'une liste d'applications séparées par des virgules."
type = "string"
default = "all"
[install.on_calendar]
ask.en = "With which regular time schedule should the backups be performed? (see systemd OnCalendar format)"
ask.fr = "À quelle fréquence les sauvegardes doivent-elles être effectuées ? (voir le format OnCalendar de systemd)"
type = "string"
example = "Monthly or Weekly or Daily or Hourly or 4:00 or 5,17:00 or Sat --1..7 18:00:00"
default = "Daily"
[install.mailalert]
ask.en = "Do you want admin to receive mail notifications on backups ?"
ask.fr = "Souhaitez-vous recevoir des notifications par mail à chaque sauvegarde ?"
type = "select"
choices = ["always", "errors_only", "never"]
default = "errors_only"
[resources]
[resources.system_user]
[resources.install_dir]
[resources.apt]
packages = [
"python3-pip",
"python3-dev",
"libacl1-dev",
"libssl-dev",
"liblz4-dev",
"python3-jinja2",
"python3-setuptools",
"python3-venv",
"virtualenv",
"libfuse-dev",
"pkg-config",
]

117
scripts/_common.sh
View file

@ -3,11 +3,12 @@
#=================================================
# COMMON VARIABLES
#=================================================
# App package root directory should be the parent folder
PKG_DIR=$(cd ../; pwd)
BORG_VERSION=1.1.16
pkg_dependencies="python3-pip python3-dev libacl1-dev libssl-dev liblz4-dev python3-jinja2 python3-setuptools python3-venv virtualenv libfuse-dev pkg-config"
#=================================================
# PERSONAL HELPERS
#=================================================
# Install borg with pip if borg is not here
install_borg_with_pip () {
@ -17,7 +18,7 @@ install_borg_with_pip () {
if [ ! -d /opt/borg-env ]; then
python3 -m venv /opt/borg-env
/opt/borg-env/bin/python /opt/borg-env/bin/pip install pip -U
/opt/borg-env/bin/python /opt/borg-env/bin/pip install setuptools -U
/opt/borg-env/bin/python /opt/borg-env/bin/pip install setuptools -U
/opt/borg-env/bin/python /opt/borg-env/bin/pip install wheel
ynh_print_info --message="Installing/compiling borg, this may take some time..."
/opt/borg-env/bin/python /opt/borg-env/bin/pip install borgbackup[fuse]==$BORG_VERSION
@ -29,98 +30,24 @@ install_borg_with_pip () {
chmod a+x /usr/local/bin/borg
}
#=================================================
# COMMON HELPERS
#=================================================
ynh_export () {
local ynh_arg=""
for var in $@;
do
ynh_arg=$(echo $var | awk '{print toupper($0)}')
if [ "$var" == "path_url" ]; then
ynh_arg="PATH"
_gen_and_save_public_key() {
public_key=""
if [[ -n "$server" ]]; then
private_key="/root/.ssh/id_${app}_ed25519"
if [ ! -f "$private_key" ]; then
ssh-keygen -q -t ed25519 -N "" -f "$private_key"
fi
ynh_arg="YNH_APP_ARG_$ynh_arg"
export $var="${!ynh_arg}"
done
}
# Save listed var in YunoHost app settings
# usage: ynh_save_args VARNAME1 [VARNAME2 [...]]
ynh_save_args () {
for var in $@;
do
local setting_var="$var"
if [ "$var" == "path_url" ]; then
setting_var="path"
fi
ynh_app_setting_set $app $setting_var "${!var}"
done
public_key=$(cat "$private_key.pub")
fi
ynh_app_setting_set --app="$app" --key=public_key --value="$public_key"
}
# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: -m --app_message= - The message to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
local mail_bin=/usr/bin/bsd-mailx
else
local mail_bin=/usr/bin/mail.mailutils
fi
# Send the email to the recipients
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

20
scripts/backup
View file

@ -8,30 +8,18 @@
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
ynh_backup --src_path="/usr/local/bin/backup-with-$app"
ynh_backup --src_path="/etc/sudoers.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path="/etc/systemd/system/$app.timer"
ynh_backup --src_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_backup --src_path="/usr/local/bin/backup-with-$app"
ynh_backup --src_path="/etc/sudoers.d/$app"
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519" --not_mandatory
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519.pub" --not_mandatory

115
scripts/install
View file

@ -9,72 +9,58 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
export app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
ynh_export repository passphrase on_calendar conf data apps mailalert
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
server=""
if [[ $repository == *"@"* ]]; then
server=$(echo "$repository" | cut -d"@" -f2 | cut -d"/" -f1)
if [[ $server == *":"* ]]; then
server="[$(echo "$server" | cut -d":" -f1)]:$(echo "$server" | cut -d":" -f2)"
ssh_regex='^ssh://([^@]*)@([^:/]*)(:[0-9]+)?/(.*)$'
if [[ "$repository" =~ $ssh_regex ]]; then
ssh_user="${BASH_REMATCH[1]}"
server="${BASH_REMATCH[2]}"
port="${BASH_REMATCH[3]}"
if [[ -n "$port" ]]; then
server="[$server]$port"
fi
ssh_user=$(echo "$repository" | cut -d"@" -f1 | cut -d"/" -f2)
else
ssh_user=""
server=""
fi
ynh_app_setting_set --app=$app --key=ssh_user --value="$ssh_user"
ynh_app_setting_set --app=$app --key=server --value="$server"
state="repository uncreated"
ynh_app_setting_set --app=$app --key=state --value="$state"
last_run="-"
ynh_save_args repository server passphrase on_calendar conf data apps mailalert state last_run
ynh_app_setting_set --app=$app --key=last_run --value="$last_run"
#=================================================
# INSTALL DEPENDENCIES
# INSTALL BORG
#=================================================
ynh_script_progression --message="Installing dependencies..."
ynh_script_progression --message="Installing Borg..."
ynh_install_app_dependencies $pkg_dependencies
install_borg_with_pip
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
_gen_and_save_public_key
# Create a system user
ynh_system_user_create --username=$app
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# SPECIFIC SETUP
#=================================================
# ACTIVATE BACKUP METHODS
# SETUP THE BACKUP METHOD
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# SETUP THE BACKUP METHOD
#=================================================
ynh_add_config --template="backup_method" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_add_config --template="backup-with-borg" --destination="/usr/local/bin/backup-with-$app"
chmod u+x "/usr/local/bin/backup-with-$app"
chown $app:$app "/usr/local/bin/backup-with-$app"
@ -82,65 +68,22 @@ chown $app:$app "/usr/local/bin/backup-with-$app"
ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
if [ ! -z "$server" ]; then
#=================================================
# GENERATE SSH KEY
#=================================================
private_key="/root/.ssh/id_${app}_ed25519"
test -f $private_key || ssh-keygen -q -t ed25519 -N "" -f $private_key
#=================================================
# Display key
#=================================================
echo "You should now install the \"Borg Server\" app on $server and with the following credentials:
User: ${ssh_user}
Public key: $(cat ${private_key}.pub)"
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="You should now install the \"Borg Server\" app on $server and with the following credentials:
User: ${ssh_user}
Public key: $(cat ${private_key}.pub)
Or if you want to use cli:
yunohost app install https://github.com/YunoHost-Apps/borgserver_ynh -a \"ssh_user=${ssh_user}&public_key=$(cat ${private_key}.pub)\"
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/borg_ynh"
ynh_send_readme_to_admin "$message"
fi
#=================================================
# SETUP SYSTEMD
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
#=================================================
# CONFIGURE SYSTEMD TIMER
#=================================================
# Configure the systemd timer
ynh_add_config --template="systemd.timer" --destination="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

26
scripts/remove
View file

@ -9,42 +9,32 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..."
yunohost service remove $app
if ynh_exec_warn_less yunohost service status $app >/dev/null; then
ynh_script_progression --message="Removing $app service integration..."
yunohost service remove $app
fi
#=================================================
# REMOVE DEPENDENCIES
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Removing dependencies..."
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
ynh_remove_app_dependencies
#=================================================
# REMOVE FILES
#=================================================
systemctl stop $app.timer
systemctl disable $app.timer --quiet
ynh_remove_systemd_config
ynh_secure_remove "/etc/systemd/system/$app.timer"
ynh_secure_remove "/usr/local/bin/backup-with-$app"
ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
# Remove borg if we are removing the last borg app on the system
if [ "$(yunohost app list | grep "id: borg" | wc -l)" == "1" ] ; then
if [ "$(yunohost app list | grep "id: borg" | wc -l)" == "1" ] ; then
ynh_script_progression --message="Removing borg..." --weight=1
ynh_secure_remove "/opt/borg-env"
ynh_secure_remove "/usr/local/bin/borg"
fi

65
scripts/restore
View file

@ -10,70 +10,51 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
# INSTALL BORG
#=================================================
ynh_script_progression --message="Reinstalling Borg..."
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
ynh_install_app_dependencies $pkg_dependencies
install_borg_with_pip
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
_gen_and_save_public_key
# Create a system user
ynh_system_user_create --username=$app
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# ACTIVATE BACKUP METHODS
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# RESTORE FILES
#=================================================
ynh_restore
ynh_restore_file --origin_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_restore_file --origin_path="/usr/local/bin/backup-with-$app"
chmod u+x "/usr/local/bin/backup-with-$app"
chown $app:$app "/usr/local/bin/backup-with-$app"
ynh_restore_file --origin_path="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
ynh_restore_file --origin_path="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

111
scripts/upgrade
View file

@ -9,52 +9,30 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
export app=$YNH_APP_INSTANCE_NAME
export repository="$(ynh_app_setting_get $app repository)"
export server="$(ynh_app_setting_get $app server)"
export ssh_user="$(ynh_app_setting_get $app ssh_user)"
export passphrase="$(ynh_app_setting_get $app passphrase)"
export on_calendar="$(ynh_app_setting_get $app on_calendar)"
export conf="$(ynh_app_setting_get $app conf)"
export data="$(ynh_app_setting_get $app data)"
export apps="$(ynh_app_setting_get $app apps)"
export mailalert="$(ynh_app_setting_get $app mailalert)"
if [[ $mailalert != "always" && $mailalert != "errors_only" && $mailalert != "never" ]]; then
ynh_app_setting_set --app=$app --key="mailalert" --value="errors_only"
export mailalert="errors_only"
fi
ynh_app_setting_set --app=$app --key="state" --value="not run since last update"
ynh_app_setting_set --app=$app --key="last_run" --value="-"
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# CHECK IF AN UPGRADE IS NEEDED
# STANDARD UPGRADE STEPS
#=================================================
ynh_check_app_version_changed
# STOP SYSTEMD SERVICE
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=$app.timer --action="stop"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
if [[ "${mailalert:-}" != "always" && "${mailalert:-}" != "errors_only" && "${mailalert:-}" != "never" ]]; then
ynh_app_setting_set --app=$app --key="mailalert" --value="errors_only"
export mailalert="errors_only"
fi
ynh_app_setting_set --app=$app --key="state" --value="not run since last update"
ynh_app_setting_set --app=$app --key="last_run" --value="-"
if [ -z "$repository" ]; then
repository="ssh://$ssh_user@$server/~/backup"
@ -82,34 +60,27 @@ if [ ! -f "/opt/borg-env/$(ynh_get_debian_release)" ] ; then
fi
#=================================================
# UPGRADE DEPENDENCIES
# UPGRADE BORG
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app
#=================================================
# SPECIFIC UPGRADE
#=================================================
# Upgrade borgbackup
#=================================================
ynh_script_progression --message="Upgrading borgbackup..." --weight=1
ynh_script_progression --message="Upgrading Borg..." --weight=1
install_borg_with_pip
_gen_and_save_public_key
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# SETUP THE BACKUP METHOD
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
ynh_add_config --template="backup_method" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
@ -121,40 +92,20 @@ ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
#=================================================
# SETUP SYSTEMD
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
#=================================================
# CONFIGURE SYSTEMD TIMER
#=================================================
ynh_add_config --template="systemd.timer" --destination="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# GENERIC FINALIZATION
#=================================================
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

38
tests.toml Normal file
View file

@ -0,0 +1,38 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
test_format = 1.0
[default]
args.repository = "ssh://sam@domain.tld:22/~/backup"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "errors_only"
# -------------------------------
# Commits to test upgrade from
# -------------------------------
[default.test_upgrade_from.d1cd666ee27f5cfb8e40c6f44a09370381b41b35]
name = "Older ynh 11 version"
args.server = "domain.tld:22"
args.ssh_user = "package_checker"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "never"
[local_directory]
args.repository = "/mnt/backup"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "errors_only"