From f0f9ab7800ac390fb711541d580969d231bced84 Mon Sep 17 00:00:00 2001 From: turtlebasket Date: Sun, 25 Jun 2023 09:25:32 -0700 Subject: [PATCH] backup host + tweaks --- README.md | 38 +++++++++++++++++++++++++++----------- backup/README.md | 24 ++++++++++++++++++++++++ backup/prune.sh | 15 +++++++++++++++ 3 files changed, 66 insertions(+), 11 deletions(-) create mode 100644 backup/README.md create mode 100644 backup/prune.sh diff --git a/README.md b/README.md index 323e962..24bf9c9 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,14 @@ # Michael's Homelab -## Hosts & Services +## Hosts -### Cuddlefish +| Host | OS | Services | +| :--- | :--- | :------- | +| Cuddlefish | ![CentOS](https://img.shields.io/badge/centos%207-002260?style=for-the-badge&logo=centos&logoColor=F0F0F0) | Gitea | +| Rocktiplex | ![Rocky Linux](https://img.shields.io/badge/-Rocky%20Linux%209-%2310B981?style=for-the-badge&logo=rockylinux&logoColor=white) | Fathom | -![CentOS](https://img.shields.io/badge/centos%207-002260?style=for-the-badge&logo=centos&logoColor=F0F0F0) - -- `git.michaellisano.com` - -### Rocktiplex - -![Rocky Linux](https://img.shields.io/badge/-Rocky%20Linux%209-%2310B981?style=for-the-badge&logo=rockylinux&logoColor=white) - -- `analytics.michaellisano.com` + + ## Dockerized Cloudflared Notes @@ -34,3 +30,23 @@ Then in this case the name of the target service is `gitea-server`, and (per Doc https://git.michaellisano.com -> http://gitea-server:3000 ``` +## Backup Decryption Notes + +Everything is encrypted with [age](https://github.com/FiloSottile/age). + +All keys are generated using age-keygen and stored in a text file, e.g. + +**backup-key.txt** + +``` +# created: 2023-06-24T18:01:36-07:00 +# public key: age12345... +AGE-SECRET-KEY-xyz123... +``` + +Decrypting a file: + +``` +age -d -i backup-key.txt -o NAME.tar.gz NAME.tar.gz.enc +``` + diff --git a/backup/README.md b/backup/README.md new file mode 100644 index 0000000..f22548e --- /dev/null +++ b/backup/README.md @@ -0,0 +1,24 @@ +# Generic Backup Host + +## Filenames + +Container volume backups are of the format: + +``` +gitea-data-2023-06-17_050002.tar.gz.enc +^ ^ ^ +| | Backups are encrypted tarballs +| | +| ISO Datetime separated by _ +| +Container volume name (*-data) +``` + +## Matching + +Regex to match backups that are *not* from the first of every month: + +``` +.*-data-\d{4}-\d{2}-([^0][0-9]|[0-9][^1])_.* +``` + diff --git a/backup/prune.sh b/backup/prune.sh new file mode 100644 index 0000000..38c4bca --- /dev/null +++ b/backup/prune.sh @@ -0,0 +1,15 @@ +#!/usr/bin/bash + +# Prunes container data folders monthly on backup host +# - Regex has been tested and works +# - Script is not yet tested + +ARCHIVES=$(ls | grep -E "[0-9A-Za-z]+-data-\d{4}-\d{2}-([^0][0-9]|[0-9][^1])_.*") + +for archive in $ARCHIVES; do + if [ -d $archive ]; then + echo "Removing $archive" + rm -f $archive + fi +done +