(___)
( O )
/-------\ /
/ | ||V
* ||----||
^^ ^^
We’re basically setting up a crontab with two components:
Requirements:
An alternative would be to use rsync remotely from a dedicated backup host. And there’s also:
As for database backups you might add a few mysqldumps to the script or eventually use Mydumper.
First, check that you can reach your FTP service e.g. Dedibackup auth based on MAC address (note the , and absence of a password afterwards), as long as you enable autologin
lftp -u auto, DEDIBACKUP_SERVER_ADDRESS
and eventually clean your shit up
#glob -a rm -r -f *
gpg --version | head -1 # v1 is fine gpg --version | grep Cipher echo lala | gpg --no-use-agent --symmetric --cipher-algo TWOFISH --passphrase 'KEY_HERE' --output lala.gpg file lala.gpg gpg --no-use-agent --decrypt --cipher-algo TWOFISH --passphrase 'KEY_HERE' < lala.gpg
openssl version echo lala | openssl enc -aes-256-cbc -e -k 'LALA' -out lala.aes file lala.aes openssl enc -aes-256-cbc -d -k 'LALA' < lala.aes
Fetch the script templates as root, rename, tune a few variables and set the executable bit
cd /root/ wget https://pub.nethence.com/bin/BACKUP.txt cp BACKUP.txt BACKUP vi BACKUP secret=NEW-SYMMETRIC-KEY-HERE server=FTP-SERVER chmod +x BACKUP
and keep a copy of the key some place outside the server you wanna backup. Also write down your FTP password that you get from the DediBackup console, as you will still be able to reach your backups through normal FTP login if needed from a remote site.
Keep the script up-to-date (only secret and server should differ)
curl -s https://pub.nethence.com/bin/BACKUP.txt | diff -bu - BACKUP
Run a manual backup
time nice /root/BACKUP
Look for resulting files and check that this is multi-core capable (>100%)
ls -lF /data/backup/ top -b | grep gpg
And finally enable the job every night as a root cron.
15 3 * * * time nice /root/BACKUP 2>&1
lftp user credentials do not work with -e or -c https://unix.stackexchange.com/questions/469787/lftp-user-credentials-do-not-work-with-e-or-c
Encrypting and decrypting documents https://www.gnupg.org/gph/en/manual/x110.html
Symmetric Key Encryption with GnuPG http://www.savvyadmin.com/symmetric-key-encryption-with-gnupg/
GPG Encryption Guide - Part 4 (Symmetric Encryption) https://www.tutonics.com/2012/11/gpg-encryption-guide-part-4-symmetric.html
Home directory backup - The quick ‘n’ dirty guide https://www.dedoimedo.com/computers/linux-home-dir-backup-tar-gpg-guide.html
Thread: gpg: gpg-agent is not available in this session https://ubuntuforums.org/showthread.php?t=1420156
gpg encrypt file without keyboard interaction [closed] https://stackoverflow.com/questions/9460140/gpg-encrypt-file-without-keyboard-interaction
How can I automate gpg decryption which uses a passphrase while keeping it secret? https://unix.stackexchange.com/questions/400772/how-can-i-automate-gpg-decryption-which-uses-a-passphrase-while-keeping-it-secre
Encrypt tar.gz file on create https://askubuntu.com/questions/95920/encrypt-tar-gz-file-on-create
How to password protect gzip files on the command line? https://superuser.com/questions/162624/how-to-password-protect-gzip-files-on-the-command-line
How to Encrypt and Decrypt Files and Directories Using Tar and OpenSSL https://www.tecmint.com/encrypt-decrypt-files-tar-openssl-linux/
How should I change encryption according to *** WARNING : deprecated key derivation used https://askubuntu.com/questions/1093591/how-should-i-change-encryption-according-to-warning-deprecated-key-derivat