YunoHost-Apps/borg_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/borg_ynh.git synced 2024-09-03 18:16:05 +02:00
Code Issues Activity Actions

Merge pull request #148 from YunoHost-Apps/testing

Browse source 
Manifest v2
This commit is contained in:
Alexandre Aubin 2024-05-21 22:32:52 +02:00 committed by GitHub
commit c4921d62ff
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
30 changed files with 802 additions and 1285 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
ALL_README.md Normal file
View file

@ -0,0 +1,8 @@
# All available README files by language
- [Read the README in English](README.md)
- [Lee el README en español](README_es.md)
- [Irakurri README euskaraz](README_eu.md)
- [Lire le README en français](README_fr.md)
- [Le o README en galego](README_gl.md)
- [阅读中文(简体)的 README](README_zh_Hans.md)

253
README.md
View file

@ -1,5 +1,5 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
N.B.: This README was automatically generated by <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
It shall NOT be edited by hand.
-->
@ -9,254 +9,45 @@ It shall NOT be edited by hand.
[![Install Borg Backup with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[Lire ce readme en français.](./README_fr.md)*
*[Read this README in other languages.](./ALL_README.md)*
> *This package allows you to install Borg Backup quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
> *This package allows you to install Borg Backup quickly and simply on a YunoHost server.*
> *If you don't have YunoHost, please consult [the guide](https://yunohost.org/install) to learn how to install it.*
## Overview
Backup your server on a host server using Borg
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
**Shipped version:** 1.1.16~ynh30
## Disclaimers / important information
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
## :warning: NB. : This doc is partially obsolete and should be reworked! :warning:
### Features
## How to backup your server with this app?
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
* IDs of YunoHost apps you want to backup
* Regular time schedule for your backups, see below
* Install Borg Backup App (`borg`) on guest Server A
* Install Borg Server App (`borgserver`) on host Server B
* Save the passphrase in another place than your server. Without the passphrase, you won't be able to restore data.
### Install procedure
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
Should Borg backup your YunoHost configuration? [yes | no] (default: yes):
Should Borg backup emails and user home directory? [yes | no] (default: yes):
Which apps should Borg backup ? (default: all):
With which regular time schedule should the backups be performed? (see systemd OnCalendar format) (default: Daily):
Do you want admin to receive mail notifications on backups ? [always | errors_only | never]: never
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
* Hourly : Hourly o Clock
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
### Overview
The idea here, if you need to restore a whole yunohost system is:
1. Install a new Debian VM
2. Install YunoHost in it the usual way
3. Go through YunoHost postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.
**Shipped version:** 1.2.8~ynh1
## Documentation and resources
* Official app website: <https://borgbackup.readthedocs.io>
* YunoHost Store: <https://apps.yunohost.org/app/borg>
* Report a bug: <https://github.com/YunoHost-Apps/borg_ynh/issues>
- Official app website: <https://borgbackup.readthedocs.io>
- YunoHost Store: <https://apps.yunohost.org/app/borg>
- Report a bug: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
Please send your pull request to the [`testing` branch](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
To try the testing branch, please proceed like that.
To try the `testing` branch, please proceed like that:
``` bash
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
or
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug

56
README_es.md Normal file
View file

@ -0,0 +1,56 @@
<!--
Este archivo README esta generado automaticamente<https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
No se debe editar a mano.
-->
# Borg Backup para Yunohost
[![Nivel de integración](https://dash.yunohost.org/integration/borg.svg)](https://dash.yunohost.org/appci/app/borg) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/borg.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/borg.maintain.svg)
[![Instalar Borg Backup con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[Leer este README en otros idiomas.](./ALL_README.md)*
> *Este paquete le permite instalarBorg Backup rapidamente y simplement en un servidor YunoHost.*
> *Si no tiene YunoHost, visita [the guide](https://yunohost.org/install) para aprender como instalarla.*
## Descripción general
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
### Features
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
### Install procedure
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
**Versión actual:** 1.2.8~ynh1
## Documentaciones y recursos
- Sitio web oficial: <https://borgbackup.readthedocs.io>
- Catálogo YunoHost: <https://apps.yunohost.org/app/borg>
- Reportar un error: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Información para desarrolladores
Por favor enviar sus correcciones a la [`branch testing`](https://github.com/YunoHost-Apps/borg_ynh/tree/testing
Para probar la rama `testing`, sigue asÍ:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
o
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
```
**Mas informaciones sobre el empaquetado de aplicaciones:** <https://yunohost.org/packaging_apps>

56
README_eu.md Normal file
View file

@ -0,0 +1,56 @@
<!--
Ohart ongi: README hau automatikoki sortu da <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>ri esker
EZ editatu eskuz.
-->
# Borg Backup YunoHost-erako
[![Integrazio maila](https://dash.yunohost.org/integration/borg.svg)](https://dash.yunohost.org/appci/app/borg) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/borg.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/borg.maintain.svg)
[![Instalatu Borg Backup YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[Irakurri README hau beste hizkuntzatan.](./ALL_README.md)*
> *Pakete honek Borg Backup YunoHost zerbitzari batean azkar eta zailtasunik gabe instalatzea ahalbidetzen dizu.*
> *YunoHost ez baduzu, kontsultatu [gida](https://yunohost.org/install) nola instalatu ikasteko.*
## Aurreikuspena
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
### Features
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
### Install procedure
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
**Paketatutako bertsioa:** 1.2.8~ynh1
## Dokumentazioa eta baliabideak
- Aplikazioaren webgune ofiziala: <https://borgbackup.readthedocs.io>
- YunoHost Denda: <https://apps.yunohost.org/app/borg>
- Eman errore baten berri: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Garatzaileentzako informazioa
Bidali `pull request`a [`testing` abarrera](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
`testing` abarra probatzeko, ondorengoa egin:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
edo
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
```
**Informazio gehiago aplikazioaren paketatzeari buruz:** <https://yunohost.org/packaging_apps>

257
README_fr.md
View file

@ -1,6 +1,6 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
Nota bene: ce README est automatiquement généré par <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
Il NE doit PAS être modifié à la main.
-->
# Borg Backup pour YunoHost
@ -9,257 +9,48 @@ It shall NOT be edited by hand.
[![Installer Borg Backup avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[Read this readme in english.](./README.md)*
*[Lire le README dans d'autres langues.](./ALL_README.md)*
> *Ce package vous permet dinstaller Borg Backup rapidement et simplement sur un serveur YunoHost.
Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment linstaller et en profiter.*
> *Ce package vous permet dinstaller Borg Backup rapidement et simplement sur un serveur YunoHost.*
> *Si vous navez pas YunoHost, consultez [ce guide](https://yunohost.org/install) pour savoir comment linstaller et en profiter.*
## Vue densemble
Sauvegardez votre serveur sur un serveur distant avec Borg
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
**Version incluse :** 1.1.16~ynh30
## Avertissements / informations importantes
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
## :warning: NB. : This doc is partially obsolete and should be reworked! :warning:
### Features
## How to backup your server with this app?
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
* IDs of YunoHost apps you want to backup
* Regular time schedule for your backups, see below
* Install Borg Backup App (`borg`) on guest Server A
* Install Borg Server App (`borgserver`) on host Server B
* Save the passphrase in another place than your server. Without the passphrase, you won't be able to restore data.
### Install procedure
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
Should Borg backup your YunoHost configuration? [yes | no] (default: yes):
Should Borg backup emails and user home directory? [yes | no] (default: yes):
Which apps should Borg backup ? (default: all):
With which regular time schedule should the backups be performed? (see systemd OnCalendar format) (default: Daily):
Do you want admin to receive mail notifications on backups ? [always | errors_only | never]: never
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
* Hourly : Hourly o Clock
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
### Overview
The idea here, if you need to restore a whole yunohost system is:
1. Install a new Debian VM
2. Install YunoHost in it the usual way
3. Go through YunoHost postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.
**Version incluse:** 1.2.8~ynh1
## Documentations et ressources
* Site officiel de lapp : <https://borgbackup.readthedocs.io>
* YunoHost Store: <https://apps.yunohost.org/app/borg>
* Signaler un bug : <https://github.com/YunoHost-Apps/borg_ynh/issues>
- Site officiel de lapp: <https://borgbackup.readthedocs.io>
- YunoHost Store: <https://apps.yunohost.org/app/borg>
- Signaler un bug: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
Merci de faire vos pull request sur la [branche `testing`](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
Pour essayer la branche `testing`, procédez comme suit:
``` bash
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
ou
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
```
**Plus dinfos sur le packaging dapplications :** <https://yunohost.org/packaging_apps>
**Plus dinfos sur le packaging dapplications:** <https://yunohost.org/packaging_apps>

56
README_gl.md Normal file
View file

@ -0,0 +1,56 @@
<!--
NOTA: Este README foi creado automáticamente por <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
NON debe editarse manualmente.
-->
# Borg Backup para YunoHost
[![Nivel de integración](https://dash.yunohost.org/integration/borg.svg)](https://dash.yunohost.org/appci/app/borg) ![Estado de funcionamento](https://ci-apps.yunohost.org/ci/badges/borg.status.svg) ![Estado de mantemento](https://ci-apps.yunohost.org/ci/badges/borg.maintain.svg)
[![Instalar Borg Backup con YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[Le este README en outros idiomas.](./ALL_README.md)*
> *Este paquete permíteche instalar Borg Backup de xeito rápido e doado nun servidor YunoHost.*
> *Se non usas YunoHost, le a [documentación](https://yunohost.org/install) para saber como instalalo.*
## Vista xeral
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
### Features
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
### Install procedure
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
**Versión proporcionada:** 1.2.8~ynh1
## Documentación e recursos
- Web oficial da app: <https://borgbackup.readthedocs.io>
- Tenda YunoHost: <https://apps.yunohost.org/app/borg>
- Informar dun problema: <https://github.com/YunoHost-Apps/borg_ynh/issues>
## Info de desenvolvemento
Envía a túa colaboración á [rama `testing`](https://github.com/YunoHost-Apps/borg_ynh/tree/testing).
Para probar a rama `testing`, procede deste xeito:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
ou
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
```
**Máis info sobre o empaquetado da app:** <https://yunohost.org/packaging_apps>

56
README_zh_Hans.md Normal file
View file

@ -0,0 +1,56 @@
<!--
注意:此 README 由 <https://github.com/YunoHost/apps/tree/master/tools/readme_generator> 自动生成
请勿手动编辑。
-->
# YunoHost 上的 Borg Backup
[![集成程度](https://dash.yunohost.org/integration/borg.svg)](https://dash.yunohost.org/appci/app/borg) ![工作状态](https://ci-apps.yunohost.org/ci/badges/borg.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/borg.maintain.svg)
[![使用 YunoHost 安装 Borg Backup](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=borg)
*[阅读此 README 的其它语言版本。](./ALL_README.md)*
> *通过此软件包,您可以在 YunoHost 服务器上快速、简单地安装 Borg Backup。*
> *如果您还没有 YunoHost请参阅[指南](https://yunohost.org/install)了解如何安装它。*
## 概况
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
### Features
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
### Install procedure
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.
**分发版本:** 1.2.8~ynh1
## 文档与资源
- 官方应用网站: <https://borgbackup.readthedocs.io>
- YunoHost 商店: <https://apps.yunohost.org/app/borg>
- 报告 bug <https://github.com/YunoHost-Apps/borg_ynh/issues>
## 开发者信息
请向 [`testing` 分支](https://github.com/YunoHost-Apps/borg_ynh/tree/testing) 发送拉取请求。
如要尝试 `testing` 分支,请这样操作:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
sudo yunohost app upgrade borg -u https://github.com/YunoHost-Apps/borg_ynh/tree/testing --debug
```
**有关应用打包的更多信息:** <https://yunohost.org/packaging_apps>

50
check_process
View file

@ -1,50 +0,0 @@
;; Test remote directory
; Manifest
repository="ssh://sam@domain.tld:22/~/backup"
passphrase="APassphrase"
conf=1
data=1
apps="all"
on_calendar="Daily"
mailalert="errors_only"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=0
setup_nourl=1
setup_private=0
setup_public=0
upgrade=1
upgrade=1 from_commit=d1cd666ee27f5cfb8e40c6f44a09370381b41b35
backup_restore=1
multi_instance=1
port_already_use=0
change_url=0
;; Test local directory
; Manifest
repository="/mnt/backup"
passphrase="APassphrase"
conf=1
data=1
apps="all"
on_calendar="Daily"
mailalert="errors_only"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=0
setup_nourl=1
setup_private=0
setup_public=0
upgrade=1
backup_restore=1
multi_instance=1
port_already_use=0
change_url=0
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=d1cd666ee27f5cfb8e40c6f44a09370381b41b35
name=Older ynh 11 version
manifest_arg=server=domain.tld:22&ssh_user=package_checker&passphrase=APassphrase&conf=1&data=1&apps=all&on_calendar=Daily&mailalert=never

60
conf/backup-with-borg
View file

@ -1,6 +1,5 @@
#!/bin/bash
# We don't stop the script on errors cause we want to backup all data we could backuped
#!/usr/bin/env bash
# We don't stop the script on errors cause we want to backup all data we could backed up
#set -eu
borg_id=$1
@ -9,56 +8,53 @@ current_date=$(date +"%y%m%d_%H%M")
log_file="/var/log/${borg_id}/${current_date}.log"
err_file="/var/log/${borg_id}/${current_date}.err"
mkdir -p "/var/log/${borg_id}"
if [ -z "$borg_id" ]
then
if [ -z "$borg_id" ]; then
echo "This script expects a borg app id as first argument" >&2
exit 1
fi
filter_hooks() {
sudo ls /usr/share/yunohost/hooks/backup/ /etc/yunohost/hooks.d/backup/ | grep "\-$1_" | cut -d"-" -f2 | uniq 2>> $err_file
sudo ls /usr/share/yunohost/hooks/backup/ /etc/yunohost/hooks.d/backup/ | grep "\-$1_" | cut -d"-" -f2 | uniq 2>> "$err_file"
}
fail_if_partially_failed() {
grep Skipped|Error
}
sudo yunohost app setting ${borg_id} last_run -v "${current_date}"
sudo yunohost app setting ${borg_id} state -v "ongoing"
sudo yunohost app setting "${borg_id}" last_run -v "${current_date}"
sudo yunohost app setting "${borg_id}" state -v "ongoing"
# Backup system part conf
conf=$(sudo yunohost app setting ${borg_id} conf)
if [[ "$conf" = "1" ]]
then
if ! sudo yunohost backup create -n auto_conf --method ${borg_id}_app --system $(filter_hooks conf) 2>> $err_file >> $log_file ; then
conf=$(sudo yunohost app setting "${borg_id}" conf)
if [[ "$conf" = "1" ]]; then
if ! sudo yunohost backup create -n auto_conf --method "${borg_id}_app" --system $(filter_hooks conf) 2>> "$err_file" >> "$log_file" ; then
errors+="\nThe backup miserably failed to backup system configurations."
fi
fi
# Backup system data
data=$(sudo yunohost app setting ${borg_id} data)
if [[ "$data" = "1" ]]
then
if ! sudo yunohost backup create -n auto_data --method ${borg_id}_app --system $(filter_hooks data) 2>> $err_file >> $log_file ; then
data=$(sudo yunohost app setting "${borg_id}" data)
if [[ "$data" = "1" ]]; then
if ! sudo yunohost backup create -n auto_data --method "${borg_id}_app" --system $(filter_hooks data) 2>> "$err_file" >> "$log_file" ; then
errors+="\nThe backup miserably failed to backup system data."
fi
fi
# Backup all apps independently
apps=$(sudo yunohost app setting ${borg_id} apps | tr -d ' ')
apps=$(sudo yunohost app setting "${borg_id}" apps | tr -d ' ')
for application in $(sudo ls /etc/yunohost/apps/); do
if ( [[ "$apps" =~ ^exclude: ]] && grep -wq "$application" <<< "$apps" ) ||
( [[ "$apps" != "all" ]] && [[ ! "$apps" =~ ^exclude: ]] && ! grep -wq "$application" <<< "$apps" );
( [[ "$apps" != "all" ]] && [[ ! "$apps" =~ ^exclude: ]] && ! grep -wq "$application" <<< "$apps" );
then
continue
fi
if sudo test ! -f /etc/yunohost/apps/$application/scripts/backup ; then
if sudo test ! -f "/etc/yunohost/apps/$application/scripts/backup" ; then
errors+="\nWarning: The application $application has no backup script. This app won't be backuped."
continue
fi
if ! sudo yunohost backup create -n auto_$application --method ${borg_id}_app --apps $application 2>> $err_file >> $log_file ; then
if ! sudo yunohost backup create -n "auto_$application" --method "${borg_id}_app" --apps "$application" 2>> "$err_file" >> "$log_file" ; then
errors+="\nThe backup miserably failed to backup $application application."
fi
done
@ -67,25 +63,25 @@ done
# SEND MAIL TO NOTIFY SUCCED OR FAILED OPERATIONS
#=========================================================
partial_errors="$(cat $log_file | grep -E "Error|Skipped")"
if [ ! -z "$partial_errors" ]; then
partial_errors="$(cat "$log_file" | grep -E "Error|Skipped")"
if [ -n "$partial_errors" ]; then
errors+="\nSome backup partially failed:\n$partial_errors"
fi
# Send mail on backup (partially) failed
domain=$(hostname)
repository="$(sudo yunohost app setting ${borg_id} repository)"
mailalert="$(sudo yunohost app setting ${borg_id} mailalert)"
if [[ ! -z "$errors" ]]; then
sudo yunohost app setting ${borg_id} state -v "failed"
repository="$(sudo yunohost app setting "${borg_id}" repository)"
mailalert="$(sudo yunohost app setting "${borg_id}" mailalert)"
if [[ -n "$errors" ]]; then
sudo yunohost app setting "${borg_id}" state -v "failed"
else
sudo yunohost app setting ${borg_id} state -v "successful"
sudo yunohost app setting "${borg_id}" state -v "successful"
fi
if [[ ! -z "$errors" && $mailalert != "never" ]]; then
if [[ -n "$errors" && $mailalert != "never" ]]; then
cat <(echo -e "$errors\n\n\n") "$log_file" "$err_file" | mail -s "[borg] Backup failed from $domain onto $repository" root
exit 1
elif [ $mailalert == "always" ]; then
cat $log_file | mail -s "[borg] Backup succeed from $domain onto $repository" root
elif [ "$mailalert" == "always" ]; then
cat "$log_file" | mail -s "[borg] Backup succeed from $domain onto $repository" root
exit 0
fi

46
conf/backup_method
View file

@ -1,11 +1,12 @@
#!/bin/bash
#!/usr/bin/env bash
set -Eeuo pipefail
set -eo pipefail
app="${0#"./05-"}"
app="${app%"_app"}"
borg="__INSTALL_DIR__/venv/bin/borg"
app="__APP__"
BORG_PASSPHRASE="$(yunohost app setting "$app" passphrase)"
repo="$(yunohost app setting "$app" repository)" #$4
BORG_PASSPHRASE="$(yunohost app setting $app passphrase)"
repo="$(yunohost app setting $app repository)" #$4
if ssh-keygen -F "__SERVER__" >/dev/null ; then
BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes "
else
@ -18,11 +19,10 @@ do_need_mount() {
LOGFILE=/var/log/backup_borg.err
log_with_timestamp() {
sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
sed -e "s/^/[$(date +"%Y-%m-%d_%H:%M:%S")] /" | tee -a $LOGFILE
}
do_backup() {
export BORG_PASSPHRASE
export BORG_RSH
export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
@ -34,12 +34,12 @@ do_backup() {
current_date=$(date +"%Y-%m-%d_%H:%M")
pushd "$work_dir"
set +e
if borg init -e repokey "$repo" ; then
#human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
# Speed in Kbps
#speed=1000
#evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
echo "Hello,
if "$borg" init -e repokey "$repo" ; then
# human_size=`echo $size | awk '{ suffix=" KMGT"; for(i=1; $1>1024 && i < length(suffix); i++) $1/=1024; print int($1) substr(suffix, i, 1), $3; }'`
# Speed in Kbps
# speed=1000
# evaluated_time=$(($size / ($speed * 1000 / 8) / 3600))
echo "Hello,
Your first backup on $repo is starting.
@ -47,18 +47,18 @@ This is an automated message from your beloved YunoHost server." | /usr/bin/mail
fi
set -e
borg create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp
"$borg" create "$repo::_${name}-${current_date}" ./ 2>&1 >/dev/null | log_with_timestamp
popd
# About thi _20 it's a crazy fix to avoid pruning wordpress__2
# About thi _20 it's a crazy fix to avoid pruning wordpress__2
# if you prune wordpress
borg prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
"$borg" prune "$repo" -P "_${name}-" --keep-hourly 2 --keep-daily=7 --keep-weekly=8 --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# Prune legacy archive name without error on wordpress/wordpress__2
borg prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
"$borg" prune "$repo" -P "${name}_" --keep-within 2m --keep-monthly=12 2>&1 >/dev/null | log_with_timestamp
# We prune potential manual backup older than 1 year
borg prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp
"$borg" prune "$repo" --keep-within 1y 2>&1 >/dev/null | log_with_timestamp
}
do_mount() {
@ -69,7 +69,7 @@ do_mount() {
repo="$3"
size="$4"
description="$5"
borg mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
"$borg" mount "$repo::$name" "$work_dir" 2>&1 >/dev/null | log_with_timestamp
}
work_dir="$2"
@ -86,7 +86,7 @@ case "$1" in
do_backup "$work_dir" "$name" "$repo" "$size" "$description"
;;
mount)
do_mount
do_mount "$work_dir" "$name" "$repo" "$size" "$description"
;;
*)
echo "hook called with unknown argument \`$1'" >&2

2
conf/sudoer
View file

@ -1 +1 @@
__APP__ ALL=(root) NOPASSWD: /usr/local/bin/backup-with-__APP__, /usr/local/bin/borg, /usr/bin/yunohost backup create *, /usr/bin/yunohost app setting *, /bin/ls, /usr/bin/test
__APP__ ALL=(root) NOPASSWD: __INSTALL_DIR__/backup-with-borg, __INSTALL_DIR__/venv/bin/borg, /usr/bin/yunohost backup create *, /usr/bin/yunohost app setting *, /bin/ls, /usr/bin/test

2
conf/systemd.service
View file

@ -4,7 +4,7 @@ After=network.target
[Service]
Type=oneshot
ExecStart=/usr/bin/sudo /usr/local/bin/backup-with-__APP__ __APP__
ExecStart=/usr/bin/sudo __INSTALL_DIR__/backup-with-borg __APP__
User=__APP__
Group=__APP__

25
config_panel.toml
View file

@ -3,14 +3,14 @@ version = "1.0"
[main]
services = []
[main.settings]
[main.state]
name = ""
visible = "false"
[main.settings.state]
[main.state.state]
type = "string"
[main.settings.last_run]
[main.state.last_run]
type = "string"
[main.general]
@ -25,7 +25,7 @@ services = []
[main.general.repository]
ask.en = "Repository"
type = "string"
help = "Specify a local repository like /mount/my_external_harddrive/backups or a remote repository using this format: ssh://USER@DOMAIN.TLD:PORT/~/backup . If you plan to use borgserver_ynh app : 'USER' is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than ~/backup."
help = "Specify a local repository (`/mount/my_external_harddrive/backups`) or a remote repository (`ssh://USER@DOMAIN.TLD:PORT/~/backup`). If you plan to use a remote borgserver_ynh app : `USER` is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than `~/backup`."
[main.general.ssh_public_key]
ask.en = "Public key: {ssh_public_key}"
@ -33,9 +33,10 @@ services = []
bind = "/root/.ssh/id___APP___ed25519.pub"
[main.general.on_calendar]
ask.en = "Frequency"
ask.en = "When at at which frequency should the backups be performed?"
ask.fr = "Quand et à quelle fréquence les sauvegardes doivent-elles être effectuées ?"
type = "string"
help = "With which regular time schedule should the backups be performed? (see systemd OnCalendar format)"
help = "For example: `Monthly`, `Weekly`, `Daily` (=every day at midnight), `Hourly`, `Sat *-*-1..7 18:00:00` (=the first saturday of every month at 18:00), `4:00` (=every day at 4 AM), `5,17:00` (=every day at 5 AM and 5 PM). See the [systemd OnCalendar format for full syntax doc](https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer)"
bind = "OnCalendar:/etc/systemd/system/__APP__.timer"
[main.general.mailalert]
@ -47,7 +48,7 @@ services = []
help = "Alerts are sent to the first user of this server"
[main.content]
name = "What should be backuped ?"
name = "What should be backuped?"
optional = false
[main.content.conf]
@ -67,11 +68,11 @@ services = []
type = "tags"
help = "App list separated by comma. You can write 'all' to select all apps, even those installed after this borg app. You can also select all apps but some apps by writing 'exclude:' following by an app list separated by comma."
[advanced]
name = "Advanced"
[list]
name = "Last backups list"
services = []
[advanced.list]
name = "Last backups list"
[advanced.list.last_backups]
[list.list]
name = ""
[list.list.last_backups]
ask.en = ""
type = "markdown"

28
doc/ADMIN.md Normal file
View file

@ -0,0 +1,28 @@
## Testing that backup work as expected
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually from the command line:
```bash
systemctl start borg
```
Once the backup completes, you can check that a backup is listed in the webadmin > Applications > Borg > 'Last backups list'.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
- Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
- Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```bash
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
- Be sure to have your passphrase available even if your server is completely broken

1
doc/DECSRIPTION.md
View file

@ -1 +0,0 @@
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) implementation to backup a YunoHost server. This is the Borg Backup App to be installed on a server to backup. It works together with a [Borg Server App](https://github.com/YunoHost-Apps/borgserver_ynh) installed on a host server.

16
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1,16 @@
A [Borg](https://borgbackup.readthedocs.io/en/stable/index.html#what-is-borgbackup) integration to backup your YunoHost server to another remote server (e.g. one of your friends).
This app is the "client" part, meant to be installed on the server to be backed up. It works in combination with the [borg server app](https://apps.yunohost.org/app/borgserver) installed on a diffent machine.
### Features
- Backup on a remote machine, in comination with the [borg server app](https://apps.yunohost.org/app/borgserver)
- ... or on a [commercial borg service](https://www.borgbackup.org/support/commercial.html)
- Backups are encrypted (the remote server can't read the content) and deduplicated (optimize space)
- Backups are ran automatically, you can choose when and at which frequency
- You can choose what apps are backuped
- Receive email alerts if the backup fails (the [borg server app](https://apps.yunohost.org/app/borgserver) also checks that new content arrives and send an email to your friend otherwise)
### Install procedure
Maybe counter-intuitively, you should *first* install this app (`borg_ynh`) and *then* (`borgserver_ynh`) on the other machine. In fact, at the end of the install of `borg_ynh`, you will be provided with the info, in particular the SSH public key, to be used to setup `borgserver_ynh` on the other machine.

222
doc/DISCLAIMER.md
View file

@ -1,222 +0,0 @@
## :warning: NB. : This doc is partially obsolete and should be reworked! :warning:
## How to backup your server with this app?
You want to backup a critical "guest" Server A onto a remote "host" Server B, you need:
* Domain name of server B: `host.serverb`
* Name of the server B SSH user (to be created by `borgserver`) for connection from Server A: `borgservera`
* **Strong passphrase** to encrypt your backups on host Server B. And to **restore your backups**!!
* IDs of YunoHost apps you want to backup
* Regular time schedule for your backups, see below
* Install Borg Backup App (`borg`) on guest Server A
* Install Borg Server App (`borgserver`) on host Server B
* Save the passphrase in another place than your server. Without the passphrase, you won't be able to restore data.
You should received an email after the first backup succeeded.
### Set up Borg Backup App on guest Server A
Firstly, set up the Borg Backup App (`borg`) on the guest Server A you want to backup:
```
$ yunohost app install borg
In which borg repository location do you want to backup your files ?: user@host.serverb:/remote/repository
Provide a strong passphrase to encrypt your backups. No blank space:
Should Borg backup your YunoHost configuration? [yes | no] (default: yes):
Should Borg backup emails and user home directory? [yes | no] (default: yes):
Which apps should Borg backup ? (default: all):
With which regular time schedule should the backups be performed? (see systemd OnCalendar format) (default: Daily):
Do you want admin to receive mail notifications on backups ? [always | errors_only | never]: never
```
#### Syntax to define a backup time schedule
You can schedule regular backups at specific time. Only one regular time schedule is possible for one `borg` instance, see below for workaround. Some examples:
* Monthly :
* Weekly :
* Daily : Daily at midnight
* Hourly : Hourly o Clock
* Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
* 4:00 : Every day at 4 AM
* 5,17:00 : Every day at 5 AM and at 5 PM
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
#### Information generated by Borg Backup
At the end of the installation, the Borg Backup App (``borg``) displays the SSH public key and the SSH user to give to the person who has access to the host Server B and will set up Borg Server App.
```
You should now install the "Borg Server" app on host.serverb and fill questions like this:
User: servera
Public key: ssh-ed25519 AAAA[...] root@guest.servera
```
This information is also sent by email to the admin of guest Server A.
If you don't find the email and you don't see the message in the log bar you can find the SSH public key with this command:
```
$ cat /root/.ssh/id_borg_ed25519.pub
ssh-ed25519 AAAA[...] root@guest.servera
```
### Set up Borg Server App on host Server B
Secondly, set up the Borg Server App (``borgserver``) on the host Server B that will store your backups:
```
$ yunohost app install borgserver
Indicate the ssh user to create: servera
Indicate the public key given by Borg Backup app (borg) setup: ssh-ed25519 AAAA[...] root@guest.servera
Indicate the storage quota: 5G
```
### Test the Borg Apps setup
At this step your backup should run at the scheduled time. Note that the first backup can take very long, as much data has to be copied through ssh. Following backups are incremental: only newly generated data since last backup will be copied.
If you want to test correct Borg Apps setup before scheduled time, you can start a backup manually on guest Server A:
```
$ systemctl start borg
```
Next you can check presence of your backup repository on host Server B:
```
$ BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list servera@host.serverb:~/backup
```
You will need the passphrase to run ``borg`` commands on the backup repository created on the host Server B.
## Check regularly your backup
If you want to be sure to be able to restore your server, you should try to restore regularly the archives. But this process is quite time consumming.
You should at least:
* Keep your apps up to date (if apps are too old, they could be difficult to restore on a more recent recent version)
* Check regularly the presence of `info.json` and `db.sql` or `dump.sql` in your apps archives
```
borg list ./::ARCHIVE_NAME | grep info.json
borg list ./::ARCHIVE_NAME | grep db.sql
borg list ./::ARCHIVE_NAME | grep dump.sql
```
* Be sure to have your passphrase available even if your server is completely broken
## How to restore a complete system
*For infos on restoring process, check [this yunohost forum thread](https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/3) and [that one](https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583/3), also [using Borg with sshkeys](https://thisiscasperslife.wordpress.com/2017/11/28/using-borg-backup-across-ssh-with-sshkeys/), the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
In the following explanations:
- the server to backup/restore will be called: `yuno`
- the remote server that receives and store the back will be called: `rem`
- `rem` is accessible at the domain `rem.tld`
- the remote user on `rem` which owns the Borg backups will be called `yurem`
- backup files will be stored in `rem` in the directory: `/home/yurem/backup`
### Overview
The idea here, if you need to restore a whole yunohost system is:
1. Install a new Debian VM
2. Install YunoHost in it the usual way
3. Go through YunoHost postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```
## Tips
### Edit the list of YunoHost apps to backup
``yunohost app setting borg apps -v "nextcloud,wordpress"``
### Other usefull borg commands
[Get the storage space used by the backup repository on the host server](https://borgbackup.readthedocs.io/en/stable/usage/info.html)
``borg info /home/servera/backup``
### Backup YunoHost apps with different criticallity levels
If you want to backup your guest server:
* with different YunoHost apps
* at different regular time schedule
* on different host servers
Then you can set up multiple instances of the Borg Apps on same servers.
For instance:
* Borg Backup instance ``borg``: backup nextcloud daily on host Server B
* Borg Backup instance ``borg__2``: backup all other YunoHost apps weekly on host Server C
### Settings location
Settings of apps are in /etc/yunohost/apps/*/settings.yml, so are the settings for borg_ynh as well. Be careful though to not savagely manually edit them if you don't know what you're doing.

109
doc/FULL_RESTORE.md Normal file
View file

@ -0,0 +1,109 @@
This is a copy-paste of the discussion at <https://forum.yunohost.org/t/restoring-whole-yunohost-from-borg-backups/12705/5>. See also <https://forum.yunohost.org/t/how-to-properly-backup-and-restore/12583>, the [`borg extract` documentation](https://borgbackup.readthedocs.io/en/stable/usage/extract.html), and this [general tutorial on Borg Backup](https://practical-admin.com/blog/backups-using-borg/).*
## How to restore a complete system
In the following explanations:
* the server to backup/restore will be called: `yuno`
* the remote server that receives and store the back will be called: `rem`
* `rem` is accessible at the domain `rem.tld`
* the remote user on `rem` which owns the Borg backups will be called `yurem`
* backup files will be stored in `rem` in the directory: `/home/yurem/backup`
### Overview
If you need to restore a whole yunohost system:
1. Setup a new Debian system
2. Install YunoHost the usual way
3. Go through YunoHost's postinstall (parameters you will supply are not crucial, as they will be replaced by the restore)
4. Install Borg
5. Setup `rem` to accept ssh connections from `yuno`
6. Use Borg to import backups from `rem` to `yuno`
7. Restore Borg backups with the `yunohost backup restore` command, first config, then data, then each app one at a time
8. Remove the Borg app and restore it
### Make it possible for `yuno` to connect to `rem` with Borg
At this stage, we will assume that `yuno` is a freshly installed YunoHost (based on Buster in my case). You should also have performed the YunoHost postinstall.
If you don't want to restore the whole system, just some apps, you can skip some of the steps below.
#### Install the Borg YunoHost app in `yuno`
The idea here is just to install Borg, not in order to create backups, but only to use Borg commands to import remote backups.
So for example, you can install it doing the following:
```bash
sudo yunohost app install borg -a "server=rem.tld&ssh_user=yurem&conf=0&data=0&apps=hextris&on_calendar=2:30"
```
#### Make sure that `rem` accepts ssh connections from `yuno`
In `yuno` you will need to get the ssh key that borg just created while installing: `sudo cat /root/.ssh/id_borg_ed25519.pub`, copy it to clipboard.
Connect via ssh to `rem`, go to `/home/yurem/.ssh/authorized_keys`, and past the Borg public key you got at previous step.
Now to make sure this worked, you can try to SSH from `yuno` to `rem`.
In `yuno` : `ssh -i /root/.ssh/id_borg_ed25519 yurem@rem.tld` . If you can get into `rem` , without it prompting for a password, then you're good to continue :)
### Restore backups to `yuno`
⚠️ For the commands in the following section to work, you will need to be root in `yuno` (you can become root running `sudo su`).
⚠️ Restoration of backups can take quite a while, you'd better do them in a separate process, so that it doesn't stop if your terminal session gets closed. For this, you can for example use [tmux](https://www.howtogeek.com/671422/how-to-use-tmux-on-linux-and-why-its-better-than-screen/).
In `yuno` now, you should be able to list backups in `rem` with the following command:
```bash
SRV=yurem@rem.tld:/home/yurem/backup
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg list $SRV
```
You can then reimport one to `yuno` with:
```bash
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar $SRV::auto_BACKUP_NAME /home/yunohost.backup/archives/auto_BACKUP_NAME.tar.gz
```
And then restore the archive in `yuno` with:
```bash
yunohost backup restore auto_BACKUP_NAME --system # for config and data backups
yunohost backup restore auto_BACKUP_NAME --apps # for other backups (=apps)
```
### And Nextcloud? It's super heavy!!
For Nextcloud, the best is probably to reimport the backup without the data. And to import the data manually.
For that, you can do the following (as root):
```bash
SRV=yurem@rem.tld:/home/yurem/backup
# export the app without data
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg export-tar -e apps/nextcloud/backup/home/yunohost.app $SRV::auto_nextcloud_XX_XX_XX_XX:XX /home/yunohost.backup/archives/auto_nextcloud_XX_XX_XX_XX:XX.tar.gz
# extract the data from the backup to the nextcloud folder
cd /home/yunohost.app/nextcloud
BORG_RSH="ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=yes " borg extract $SRV::auto_nextcloud_XX_XX_XX_XX:XX apps/nextcloud/backup/home/yunohost.app/nextcloud/
mv apps/nextcloud/backup/home/yunohost.app/nextcloud/data data
rm -r apps
# now you can simply restore nextcloud app
yunohost backup restore auto_nextcloud_XX_XX_XX_XX:XX --apps
```
### Restore Borg
Once you've restored the whole system, you will probably want to restore the Borg app as well.
For that, remove the "dummy" Borg you installed to do the restoration, and restore Borg the same ways as for other apps:
```bash
sudo yunohost app remove borg
sudo yunohost backup restore auto_borg_XX_XX_XX_XX:XX --apps
```

12
doc/POST_INSTALL.md Normal file
View file

@ -0,0 +1,12 @@
You should check out the admin documentation of this app after installation for more info!
If you selected a remote borg server as backup target, you should now install the "Borg Server" app on `__SERVER__` and with the following credentials (you may need to send this to your friend):
- User: `__SSH_USER__`
- Public key: `__PUBLIC_KEY__`
Or directly using command line:
`yunohost app install https://github.com/YunoHost-Apps/borgserver_ynh -a "ssh_user=__SSH_USER__&public_key=__PUBLIC_KEY__"`
NB: the SSH user is not meant to pre-exist on the server on which borgserver is installed!

23
doc/PRE_UPGRADE.d/1.2.8.md Normal file
View file

@ -0,0 +1,23 @@
This app has gone through a major revamp!
The upgrade should be mainly transparent to you. However, if you have multiple instances of this app, one upgrade will break other instances and you'll need to upgrade every instance of borg installed on your server.
Also, developer aren't flawless and we might have missed something during our tests.
We **highly** recommend to check that your backups are still being created after the upgrade.
You can manually trigger borg backups from command line with:
```bash
systemctl start borg
```
Or, for a single app, for example Nextcloud:
```bash
sudo yunohost backup create --apps nextcloud --methods borg_app
```
If you find *any* issue or have a doubt, feel free to contact the YunoHost team on Github or Matrix.
Backups are important. In any case, check your backups regularly.

104
manifest.json
View file

@ -1,104 +0,0 @@
{
"name": "Borg Backup",
"id": "borg",
"packaging_format": 1,
"description": {
"en": "Backup your server on a host server using Borg",
"fr": "Sauvegardez votre serveur sur un serveur distant avec Borg"
},
"version": "1.1.16~ynh30",
"url": "https://borgbackup.readthedocs.io",
"upstream": {
"license": "BSD-3-Clause",
"website": "https://borgbackup.readthedocs.io"
},
"license": "BSD-3-Clause",
"maintainer": {
"name": "ljf",
"email": "ljf+borg_ynh@reflexlibre.net",
"url": "https://reflexlibre.net"
},
"requirements": {
"yunohost": ">= 11.0.9"
},
"multi_instance": true,
"services": [],
"arguments": {
"install" : [
{
"name": "repository",
"type": "string",
"ask": {
"en": "In which borg repository location do you want to backup your files ?",
"fr": "Dans quel repo borg souhaitez-vous sauvegarder vos fichiers ?"
},
"help":{
"en": "Specify a local repository like /mount/my_external_harddrive/backups or a remote repository using this format: ssh://USER@DOMAIN.TLD:PORT/~/backup . If you plan to use borgserver_ynh app : 'USER' is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than ~/backup."
},
"example": "ssh://john@serverb.tld:22/~/backup"
},
{
"name": "passphrase",
"type": "password",
"ask": {
"en": "Provide a strong passphrase to encrypt your backups. No blank space",
"fr": "Indiquez une phrase de passe forte pour chiffrer vos sauvegardes. Sans espaces"
},
"help":{
"en": "Keep it safe! ...if you want to be able to restore. Do not communicate it to host Server holder or anyone else.",
"fr": "Gardez-la précieusement! ...si vous voulez pouvoir restaurer. Ne donnez pas la clé au possesseur du Serveur distant, ni personne."
}
},
{
"name": "conf",
"type": "boolean",
"ask": {
"en": "Should Borg backup your YunoHost configuration?",
"fr": "Borg doit-il sauvegarder la configuration système YunoHost ?"
},
"default": true
},
{
"name": "data",
"type": "boolean",
"ask": {
"en": "Should Borg backup emails and user home directory?",
"fr": "Borg doit-il sauvegarder les mails et les répertoires des utilisateurs ?"
},
"default": true
},
{
"name": "apps",
"type": "string",
"ask": {
"en": "Which apps should Borg backup ?",
"fr": "Quelles applications doivent être sauvegardées par Borg ?"
},
"help":{
"en": "App list separated by comma. You can write 'all' to select all apps, even those installed after this borg app. You can also select all apps but some apps by writing 'exclude:' following by an app list separated by comma.",
"fr": "Liste d'applications séparées par des virgules. Vous pouvez écrire 'all' pour sélectionner toutes les apps, même celles installées après cette application borg. Vous pouvez aussi sélectionner toutes les apps sauf certaines en écrivant 'exclude:' suivi d'une liste d'applications séparées par des virgules."
},
"default": "all"
},
{
"name": "on_calendar",
"type": "string",
"ask": {
"en": "With which regular time schedule should the backups be performed? (see systemd OnCalendar format)",
"fr": "À quelle fréquence les sauvegardes doivent-elles être effectuées ? (voir le format OnCalendar de systemd)"
},
"example": "Monthly or Weekly or Daily or Hourly or 4:00 or 5,17:00 or Sat --1..7 18:00:00",
"default": "Daily"
},
{
"name": "mailalert",
"type": "select",
"ask": {
"en": "Do you want admin to receive mail notifications on backups ?",
"fr": "Souhaitez-vous recevoir des notifications par mail à chaque sauvegarde ?"
},
"choices": ["always", "errors_only", "never"]
}
]
}
}

96
manifest.toml Normal file
View file

@ -0,0 +1,96 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
packaging_format = 2
id = "borg"
name = "Borg Backup"
description.en = "Regularly create deduplicated, encrypted backups sent to another server using Borg"
description.fr = "Créez régulièrement des sauvegardes dédupliquées et chiffées envoyées sur un autre serveur à l'aide de Borg"
version = "1.2.8~ynh1"
maintainers = ["ljf"]
[upstream]
license = "BSD-3-Clause"
website = "https://borgbackup.readthedocs.io"
cpe = "cpe:2.3:a:borg_project:borg"
fund = "https://www.borgbackup.org/support/fund.html"
[integration]
yunohost = ">= 11.0.9"
architectures = "all"
multi_instance = true
ldap = "not_relevant"
sso = "not_relevant"
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
[install]
[install.repository]
ask.en = "In which borg repository location do you want to backup your files ?"
ask.fr = "Dans quel repo borg souhaitez-vous sauvegarder vos fichiers ?"
help.en = "Specify a local repository (`/mount/my_external_harddrive/backups`) or a remote repository (`ssh://USER@DOMAIN.TLD:PORT/~/backup`). If you plan to use a remote borgserver_ynh app : `USER` is *not* meant to be an existing user on the guest server, instead, it will be created *on the host server* during the installation of the Borg Server App. With borgserver_ynh apps you can't specify another repo path than `~/backup`."
type = "string"
example = "ssh://john@serverb.tld:22/~/backup"
[install.passphrase]
ask.en = "Provide a strong passphrase to encrypt your backups. No blank space"
ask.fr = "Indiquez une phrase de passe forte pour chiffrer vos sauvegardes. Sans espaces"
help.en = "Keep it safe! There will be **no way** to restore your backup if you lose it. Do not communicate it to the remote host server holder, or anyone else."
help.fr = "Gardez-la précieusement ! Il sera impossible de restaurer vos sauvegardes sans celle-ci. Ne donnez pas cette clé à la personne qui gère le serveur distant - où à n'importe qui d'ailleurs."
type = "password"
[install.conf]
ask.en = "Should Borg backup your YunoHost configuration?"
ask.fr = "Borg doit-il sauvegarder la configuration système YunoHost ?"
type = "boolean"
default = true
[install.data]
ask.en = "Should Borg backup emails and user home directories?"
ask.fr = "Borg doit-il sauvegarder les mails et les répertoires (home) des utilisateurs ?"
type = "boolean"
default = true
[install.apps]
ask.en = "Which apps should Borg backup ?"
ask.fr = "Quelles applications doivent être sauvegardées par Borg ?"
help.en = "App list separated by comma. You can write 'all' to select all apps, even those installed after this borg app. You can also select all apps but some apps by writing 'exclude:' following by an app list separated by comma."
help.fr = "Liste d'applications séparées par des virgules. Vous pouvez écrire 'all' pour sélectionner toutes les apps, même celles installées après cette application borg. Vous pouvez aussi sélectionner toutes les apps sauf certaines en écrivant 'exclude:' suivi d'une liste d'applications séparées par des virgules."
type = "string"
default = "all"
[install.on_calendar]
ask.en = "When at at which frequency should the backups be performed?"
ask.fr = "Quand et à quelle fréquence les sauvegardes doivent-elles être effectuées ?"
type = "string"
help = "For example: `Monthly`, `Weekly`, `Daily` (=every day at midnight), `Hourly`, `Sat *-*-1..7 18:00:00` (=the first saturday of every month at 18:00), `4:00` (=every day at 4 AM), `5,17:00` (=every day at 5 AM and 5 PM). See the [systemd OnCalendar format for full syntax doc](https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer)"
default = "Daily"
[install.mailalert]
ask.en = "Do you want admin to receive mail notifications on backups ?"
ask.fr = "Souhaitez-vous recevoir des notifications par mail à chaque sauvegarde ?"
type = "select"
choices = ["always", "errors_only", "never"]
default = "errors_only"
[resources]
[resources.system_user]
[resources.install_dir]
[resources.apt]
packages = [
"python3-pip",
"python3-dev",
"python3-jinja2",
"python3-setuptools",
"python3-venv",
"libacl1-dev",
"libssl-dev",
"liblz4-dev",
"libfuse3-dev",
"pkg-config",
]

139
scripts/_common.sh
View file

@ -3,124 +3,39 @@
#=================================================
# COMMON VARIABLES
#=================================================
# App package root directory should be the parent folder
PKG_DIR=$(cd ../; pwd)
BORG_VERSION=1.1.16
pkg_dependencies="python3-pip python3-dev libacl1-dev libssl-dev liblz4-dev python3-jinja2 python3-setuptools python3-venv virtualenv libfuse-dev pkg-config"
#=================================================
# PERSONAL HELPERS
#=================================================
# Install borg with pip if borg is not here
install_borg_with_pip () {
if [ -d /opt/borg-env ]; then
/opt/borg-env/bin/python /opt/borg-env/bin/pip list | grep "borgbackup *$BORG_VERSION" || ynh_secure_remove /opt/borg-env
ynh_exec_as "$app" python3 -m venv --upgrade "$install_dir/venv"
venvpy="$install_dir/venv/bin/python3"
ynh_exec_as "$app" "$venvpy" -m pip install --upgrade setuptools wheel
BORG_VERSION=$(ynh_app_upstream_version)
ynh_exec_as "$app" "$venvpy" -m pip install borgbackup[pyfuse3]=="$BORG_VERSION"
}
_gen_and_save_public_key() {
public_key=""
if [[ -n "$server" ]]; then
private_key="/root/.ssh/id_${app}_ed25519"
if [ ! -f "$private_key" ]; then
ssh-keygen -q -t ed25519 -N "" -f "$private_key"
fi
public_key=$(cat "$private_key.pub")
fi
if [ ! -d /opt/borg-env ]; then
python3 -m venv /opt/borg-env
/opt/borg-env/bin/python /opt/borg-env/bin/pip install pip -U
/opt/borg-env/bin/python /opt/borg-env/bin/pip install setuptools -U
/opt/borg-env/bin/python /opt/borg-env/bin/pip install wheel
ynh_print_info --message="Installing/compiling borg, this may take some time..."
/opt/borg-env/bin/python /opt/borg-env/bin/pip install borgbackup[fuse]==$BORG_VERSION
echo "#!/bin/bash
/opt/borg-env/bin/python /opt/borg-env/bin/borg \"\$@\"" > /usr/local/bin/borg
touch "/opt/borg-env/$(ynh_get_debian_release)"
fi
# We need this to be executable by other borg apps
chmod a+x /usr/local/bin/borg
ynh_app_setting_set --app="$app" --key=public_key --value="$public_key"
}
#=================================================
# COMMON HELPERS
# EXPERIMENTAL HELPERS
#=================================================
ynh_export () {
local ynh_arg=""
for var in $@;
do
ynh_arg=$(echo $var | awk '{print toupper($0)}')
if [ "$var" == "path_url" ]; then
ynh_arg="PATH"
fi
ynh_arg="YNH_APP_ARG_$ynh_arg"
export $var="${!ynh_arg}"
done
}
# Save listed var in YunoHost app settings
# usage: ynh_save_args VARNAME1 [VARNAME2 [...]]
ynh_save_args () {
for var in $@;
do
local setting_var="$var"
if [ "$var" == "path_url" ]; then
setting_var="path"
fi
ynh_app_setting_set $app $setting_var "${!var}"
done
}
# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: -m --app_message= - The message to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
local mail_bin=/usr/bin/bsd-mailx
else
local mail_bin=/usr/bin/mail.mailutils
fi
# Send the email to the recipients
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

19
scripts/backup
View file

@ -8,30 +8,17 @@
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
ynh_backup --src_path="/usr/local/bin/backup-with-$app"
ynh_backup --src_path="/etc/sudoers.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path="/etc/systemd/system/$app.timer"
ynh_backup --src_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_backup --src_path="/etc/sudoers.d/$app"
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519" --not_mandatory
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519.pub" --not_mandatory

7
scripts/config
View file

@ -4,6 +4,8 @@ source /usr/share/yunohost/helpers
ynh_abort_if_errors
borg="$install_dir/venv/bin/borg"
#=================================================
# SPECIFIC GETTERS FOR TOML SHORT KEY
#=================================================
@ -46,8 +48,8 @@ get__data_multimedia() {
}
get__last_backups() {
cat << EOF
ask: |-
$(BORG_PASSPHRASE="$(ynh_app_setting_get $app passphrase)" BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes " borg list --short --last 50 ${old[repository]} | sed 's/^/ /g' 2> /dev/null)
ask: |-
$(BORG_PASSPHRASE="$(ynh_app_setting_get $app passphrase)" BORG_RSH="ssh -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes " "$borg" list --short --last 50 ${old[repository]} | sed 's/^/ /g' 2> /dev/null)
EOF
}
@ -76,4 +78,3 @@ set__data_multimedia() {
# GENERIC FINALIZATION
#=================================================
ynh_app_config_run $1

124
scripts/install
View file

@ -9,138 +9,84 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
export app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
ynh_export repository passphrase on_calendar conf data apps mailalert
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
server=""
if [[ $repository == *"@"* ]]; then
server=$(echo "$repository" | cut -d"@" -f2 | cut -d"/" -f1)
if [[ $server == *":"* ]]; then
server="[$(echo "$server" | cut -d":" -f1)]:$(echo "$server" | cut -d":" -f2)"
ssh_regex='^ssh://([^@]*)@([^:/]*)(:[0-9]+)?/(.*)$'
if [[ "$repository" =~ $ssh_regex ]]; then
ssh_user="${BASH_REMATCH[1]}"
server="${BASH_REMATCH[2]}"
port="${BASH_REMATCH[3]}"
if [[ -n "$port" ]]; then
server="[$server]$port"
fi
ssh_user=$(echo "$repository" | cut -d"@" -f1 | cut -d"/" -f2)
else
ssh_user=""
server=""
fi
ynh_app_setting_set --app=$app --key=ssh_user --value="$ssh_user"
ynh_app_setting_set --app=$app --key=server --value="$server"
state="repository uncreated"
ynh_app_setting_set --app=$app --key=state --value="$state"
last_run="-"
ynh_save_args repository server passphrase on_calendar conf data apps mailalert state last_run
ynh_app_setting_set --app=$app --key=last_run --value="$last_run"
# passwords aren't saved by default
ynh_app_setting_set --app=$app --key=passphrase --value="$passphrase"
#=================================================
# INSTALL DEPENDENCIES
# INSTALL BORG
#=================================================
ynh_script_progression --message="Installing dependencies..."
ynh_script_progression --message="Installing Borg..."
ynh_install_app_dependencies $pkg_dependencies
install_borg_with_pip
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
_gen_and_save_public_key
# Create a system user
ynh_system_user_create --username=$app
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# SPECIFIC SETUP
#=================================================
# ACTIVATE BACKUP METHODS
# SETUP THE BACKUP METHOD
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# SETUP THE BACKUP METHOD
#=================================================
ynh_add_config --template="backup_method" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_add_config --template="backup-with-borg" --destination="/usr/local/bin/backup-with-$app"
chmod u+x "/usr/local/bin/backup-with-$app"
chown $app:$app "/usr/local/bin/backup-with-$app"
ynh_add_config --template="backup-with-borg" --destination="$install_dir/backup-with-borg"
chmod u+x "$install_dir/backup-with-borg"
chown "$app:$app" "$install_dir/backup-with-borg"
ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
if [ ! -z "$server" ]; then
#=================================================
# GENERATE SSH KEY
#=================================================
private_key="/root/.ssh/id_${app}_ed25519"
test -f $private_key || ssh-keygen -q -t ed25519 -N "" -f $private_key
#=================================================
# Display key
#=================================================
echo "You should now install the \"Borg Server\" app on $server and with the following credentials:
User: ${ssh_user}
Public key: $(cat ${private_key}.pub)"
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="You should now install the \"Borg Server\" app on $server and with the following credentials:
User: ${ssh_user}
Public key: $(cat ${private_key}.pub)
Or if you want to use cli:
yunohost app install https://github.com/YunoHost-Apps/borgserver_ynh -a \"ssh_user=${ssh_user}&public_key=$(cat ${private_key}.pub)\"
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/borg_ynh"
ynh_send_readme_to_admin "$message"
fi
#=================================================
# SETUP SYSTEMD
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
#=================================================
# CONFIGURE SYSTEMD TIMER
#=================================================
# Configure the systemd timer
ynh_add_config --template="systemd.timer" --destination="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

32
scripts/remove
View file

@ -9,45 +9,27 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..."
yunohost service remove $app
if ynh_exec_warn_less yunohost service status $app >/dev/null; then
ynh_script_progression --message="Removing $app service integration..."
yunohost service remove $app
fi
#=================================================
# REMOVE DEPENDENCIES
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Removing dependencies..."
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
ynh_remove_app_dependencies
#=================================================
# REMOVE FILES
#=================================================
systemctl stop $app.timer
systemctl disable $app.timer --quiet
ynh_remove_systemd_config
ynh_secure_remove "/etc/systemd/system/$app.timer"
ynh_secure_remove "/usr/local/bin/backup-with-$app"
ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
# Remove borg if we are removing the last borg app on the system
if [ "$(yunohost app list | grep "id: borg" | wc -l)" == "1" ] ; then
ynh_secure_remove "/opt/borg-env"
ynh_secure_remove "/usr/local/bin/borg"
fi
ynh_secure_remove "/etc/systemd/system/$app.timer"
ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
#=================================================
# END OF SCRIPT

65
scripts/restore
View file

@ -10,70 +10,47 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
# INSTALL BORG
#=================================================
ynh_script_progression --message="Reinstalling Borg..."
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
ynh_install_app_dependencies $pkg_dependencies
install_borg_with_pip
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
_gen_and_save_public_key
# Create a system user
ynh_system_user_create --username=$app
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# ACTIVATE BACKUP METHODS
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# RESTORE FILES
#=================================================
ynh_restore
ynh_restore_file --origin_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod u+x "/usr/local/bin/backup-with-$app"
chown $app:$app "/usr/local/bin/backup-with-$app"
ynh_restore_file --origin_path="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
ynh_restore_file --origin_path="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

125
scripts/upgrade
View file

@ -9,52 +9,30 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
export app=$YNH_APP_INSTANCE_NAME
export repository="$(ynh_app_setting_get $app repository)"
export server="$(ynh_app_setting_get $app server)"
export ssh_user="$(ynh_app_setting_get $app ssh_user)"
export passphrase="$(ynh_app_setting_get $app passphrase)"
export on_calendar="$(ynh_app_setting_get $app on_calendar)"
export conf="$(ynh_app_setting_get $app conf)"
export data="$(ynh_app_setting_get $app data)"
export apps="$(ynh_app_setting_get $app apps)"
export mailalert="$(ynh_app_setting_get $app mailalert)"
if [[ $mailalert != "always" && $mailalert != "errors_only" && $mailalert != "never" ]]; then
ynh_app_setting_set --app=$app --key="mailalert" --value="errors_only"
export mailalert="errors_only"
fi
ynh_app_setting_set --app=$app --key="state" --value="not run since last update"
ynh_app_setting_set --app=$app --key="last_run" --value="-"
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# CHECK IF AN UPGRADE IS NEEDED
# STANDARD UPGRADE STEPS
#=================================================
ynh_check_app_version_changed
# STOP SYSTEMD SERVICE
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=$app.timer --action="stop"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
if [[ "${mailalert:-}" != "always" && "${mailalert:-}" != "errors_only" && "${mailalert:-}" != "never" ]]; then
ynh_app_setting_set --app=$app --key="mailalert" --value="errors_only"
export mailalert="errors_only"
fi
ynh_app_setting_set --app=$app --key="state" --value="not run since last update"
ynh_app_setting_set --app=$app --key="last_run" --value="-"
if [ -z "$repository" ]; then
repository="ssh://$ssh_user@$server/~/backup"
@ -76,85 +54,60 @@ fi
# Replace backports with pip
[ ! -e " /etc/apt/sources.list.d/$app-stretch-backports.list" ] || rm -f /etc/apt/sources.list.d/$app-stretch-backports.list
# Reinstall borg if debian change of major version
if [ ! -f "/opt/borg-env/$(ynh_get_debian_release)" ] ; then
ynh_secure_remove /opt/borg-env
# Clear legacy stuff
if [ -d /opt/borg-env ]; then
ynh_secure_remove --file="/opt/borg-env"
ynh_secure_remove --file="/usr/local/bin/borg"
ynh_secure_remove --file="/usr/local/bin/backup-with-borg"
fi
#=================================================
# UPGRADE DEPENDENCIES
# UPGRADE BORG
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app
#=================================================
# SPECIFIC UPGRADE
#=================================================
# Upgrade borgbackup
#=================================================
ynh_script_progression --message="Upgrading borgbackup..." --weight=1
ynh_script_progression --message="Upgrading Borg..." --weight=1
install_borg_with_pip
_gen_and_save_public_key
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
chmod u+w "/var/log/$app"
#=================================================
# SETUP THE BACKUP METHOD
#=================================================
ynh_script_progression --message="Setting up backup method..." --weight=1
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
ynh_add_config --template="backup_method" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
ynh_add_config --template="backup-with-borg" --destination="/usr/local/bin/backup-with-$app"
chmod u+x "/usr/local/bin/backup-with-$app"
chown $app:$app "/usr/local/bin/backup-with-$app"
ynh_add_config --template="backup-with-borg" --destination="$install_dir/backup-with-borg"
chmod u+x "$install_dir/backup-with-borg"
chown "$app:$app" "$install_dir/backup-with-borg"
ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
chown root:root "/etc/sudoers.d/$app"
#=================================================
# SETUP SYSTEMD
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
# Disable the service, this is to prevent the service from being triggered at boot time
systemctl disable $app.service --quiet
#=================================================
# CONFIGURE SYSTEMD TIMER
#=================================================
ynh_add_config --template="systemd.timer" --destination="/etc/systemd/system/$app.timer"
systemctl enable $app.timer --quiet
systemctl start $app.timer
mkdir -p /etc/yunohost/hooks.d/backup
mkdir -p /var/log/${app}
chown -R $app:$app /var/log/${app}
chmod u+w /var/log/${app}
#=================================================
# GENERIC FINALIZATION
#=================================================
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
# Inactive services are ignored cause it's a timer
yunohost service add $app --description="Deduplicating backup program" --test_status="systemctl show $app.service -p ActiveState --value | grep -v failed"
#=================================================
# END OF SCRIPT
#=================================================

38
tests.toml Normal file
View file

@ -0,0 +1,38 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
test_format = 1.0
[default]
args.repository = "ssh://sam@domain.tld:22/~/backup"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "errors_only"
# -------------------------------
# Commits to test upgrade from
# -------------------------------
[default.test_upgrade_from.d1cd666ee27f5cfb8e40c6f44a09370381b41b35]
name = "Older ynh 11 version"
args.server = "domain.tld:22"
args.ssh_user = "package_checker"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "never"
[local_directory]
args.repository = "/mnt/backup"
args.passphrase = "A_Passphrase"
args.conf = 1
args.data = 1
args.apps = "all"
args.on_calendar = "Daily"
args.mailalert = "errors_only"