#!/bin/ksh

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
#:/usr/pkg/bin:/usr/pkg/sbin

[[ -n $1 ]] && item=$1

function cleanup {
        echo -n cleaning up $maxold days old backups ...
        find $backupdir/ -maxdepth 1 -type f -mtime +$maxold -exec rm -f {} \; && echo done
        #-name "*.$ext" -o -name "*.$ext.aes" | xargs rm -f
}

function postgresbkp {
        echo -n Backing up PostgreSQL...
        find /var/backup/postgres/ -type f -mtime +7 -name '*.sql.gz' -execdir rm -- '{}' \;
        su -c "pg_dumpall -c -U postgres \
		| gzip > /var/backup/postgres/dumpall-`date +%Y-%m-%d`.sql.gz" - postgres && echo done || echo FAIL
        echo
}

function tarup {
	[[ -z $1 ]] && echo function $0 requires \$1 && exit 1
	parent=${1%/*}
	child=${1##*/}
	# had issues with PDKSH (NetBSD) using ${target/\//}
        target=`echo $1 | sed 's|^/||; s|/|-|g; s|\.|_|g'`

        size=`du -sh $1/ | awk '{print $1}'`

	dest=$date.$target.tar.lz4.camellia
	echo -n $parent/$child/ \($size\) --\> $dest ...
	# https://serverfault.com/questions/525805/getting-errors-while-making-backup-of-whole-centos-with-tar
	tar --warning='no-file-ignored' \
		-I lz4 -cpSf - \
		--exclude "*.avi" \
		--exclude "*.pdf" \
                --exclude "*.cfile" \
		--exclude "www/dev/*" \
		--exclude "rrr/*" \
		--exclude "tp/*" \
		--exclude "home/*/.screen/*" \
		-C $parent/ $child | \
		openssl enc -e -camellia-256-ctr -k "$secret" -pbkdf2 -out $backupdir/$dest && du -h $backupdir/$dest | awk '{print $1}' || echo FAIL
		# decrypt with -d instead of -e

	unset parent child target size
}

[[ ! -f /etc/backup.conf ]] && echo setup /etc/backup.conf first && exit 1
[[ ! -f /etc/backup.lst ]] && echo setup /etc/backup.lst first && exit 1

[[ -z $HOSTNAME ]] && HOSTNAME=`uname -n`
. /etc/backup.conf

[[ ! -x `whence openssl` ]] && echo install openssl first && exit 1
[[ ! -x `whence lz4` ]] && echo install lz4 first && exit 1

[[ -z $backupdir ]] && echo need to define \$backupdir && exit 1
[[ -z $maxold ]] && echo need to define \$maxold && exit 1
[[ -z $secret ]] && echo need to define \$secret && exit 1
[[ $method = ftp && -z $uploaddir ]] && echo need to define \$uploaddir && exit 1
[[ -z $method ]] && echo need to define \$method && exit 1

echo backup directory is $backupdir/
mkdir -p $backupdir/
cleanup

# no colons otherwise tar might interpret it as host:path
date=`date +%Y-%m-%d-%H-%M-%S`

if [[ -z $item ]]; then
	for item in `grep -v ^# /etc/backup.lst`; do
		tarup $item
	done; unset item
	echo -n crontab-root --\> $date.crontab-root.camellia ...
	crontab -u root -l | openssl enc -camellia-256-ctr -e -k "$secret" -pbkdf2 \
		-out $backupdir/$date.crontab-root.camellia && du -h $backupdir/$dest | awk '{print $1}' || echo FAIL
else
	tarup $item
fi

# TODO enable function postgresbkp