2022-05-23 01:48:13 -05:00
|
|
|
#! /bin/bash
|
|
|
|
#
|
|
|
|
# s3restore.sh
|
|
|
|
# Companion script to s3backup.sh, this script obtains a listing of recent
|
|
|
|
# backups and offers the user a choice to restore from.
|
|
|
|
#
|
|
|
|
# This script offers no automation; it is intended for use by hand.
|
|
|
|
#
|
|
|
|
# NOTICE: THIS FILE CONTAINS SECRETS
|
|
|
|
# This file may contain the following secrets depending on configuration:
|
|
|
|
# * An AWS access key
|
|
|
|
# * An AWS session token
|
|
|
|
# These are NOT things you want arbitrary readers to access! Ansible will
|
|
|
|
# attempt to ensure this file has 0700 permissions, but that won't stop you
|
|
|
|
# from changing that yourself
|
|
|
|
# DO NOT ALLOW THIS FILE TO BE READ BY NON-ROOT USERS
|
|
|
|
|
|
|
|
# NOTICE: DO NOT MODIFY THIS FILE
|
|
|
|
# Any changes made will be clobbered by Ansible
|
|
|
|
# Please make any configuration changes in the main repo
|
|
|
|
|
|
|
|
set -e
|
|
|
|
url="s3://{{ backup_s3_bucket}}/{{ inventory_hostname }}/"
|
|
|
|
|
|
|
|
# AWS S3 configuration
|
|
|
|
# NOTE: THIS IS SECRET INFORMATION
|
|
|
|
export AWS_ACCESS_KEY_ID="{{ backup_s3_aws_access_key_id }}"
|
|
|
|
export AWS_SECRET_ACCESS_KEY="{{ backup_s3_aws_secret_access_key }}"
|
|
|
|
|
|
|
|
# Obtain a list possible restorable for this host
|
|
|
|
declare -a BACKUPS
|
|
|
|
printf "Querying S3 for restoreable backups (\e[35m$url\e[0m)...\n"
|
|
|
|
while read line; do
|
|
|
|
filename="$(echo "$line" | awk '{print $NF}')"
|
|
|
|
BACKUPS+=("$filename")
|
2024-06-10 22:26:29 -05:00
|
|
|
done < <(aws s3 \
|
|
|
|
{% if backup_s3_aws_endpoint_url is defined %}
|
|
|
|
--endpoint-url="{{ backup_s3_aws_endpoint_url }}" \
|
|
|
|
{% endif %}
|
|
|
|
ls "$url")
|
2022-05-23 01:48:13 -05:00
|
|
|
|
|
|
|
# Present the user with some options
|
|
|
|
printf "Possible restorable backups:\n"
|
|
|
|
printf "\e[37m\t%s\t%s\n\e[0m" "Index" "Filename"
|
|
|
|
for index in "${!BACKUPS[@]}"; do
|
|
|
|
printf "\t\e[32m%s\e[0m\t\e[34m%s\e[0m\n" "$index" "${BACKUPS[$index]}"
|
|
|
|
done
|
|
|
|
|
|
|
|
# Ensure we can write to pwd
|
|
|
|
if ! [ -w "$PWD" ]; then
|
|
|
|
printf "To restore a backup, please navigate to a writeable directory\n"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Query for a backup to pull down
|
|
|
|
printf "Please select a backup by \e[32mindex\e[0m to pull down\n"
|
|
|
|
printf "It will be copied into the current directory as a tarball\n"
|
|
|
|
read -p "?" restoreindex
|
|
|
|
|
|
|
|
# Sanity check user input
|
|
|
|
if [ -z "${BACKUPS[$restoreindex]}" ]; then
|
|
|
|
printf "Invalid selection, aborting: $restoreindex\n"
|
|
|
|
exit 2
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Copy the thing
|
|
|
|
printf "Pulling backup...\n"
|
2024-06-10 22:26:29 -05:00
|
|
|
aws s3 \
|
|
|
|
{% if backup_s3_aws_endpoint_url is defined %}
|
|
|
|
--endpoint-url="{{ backup_s3_aws_endpoint_url }}" \
|
|
|
|
{% endif %}
|
|
|
|
cp "$url${BACKUPS[$restoreindex]}" ./
|