Add a quick and dirty S3 restore script for when you need manual help in a pinch
This commit is contained in:
parent
fd00a1bb50
commit
4a87d65b47
@ -1,5 +1,6 @@
|
||||
# Which backup script to use. Configuration is somewhat unique to each script
|
||||
backup_script: s3backup
|
||||
restore_script: s3restore
|
||||
# When to kick off backups using the systemd timer
|
||||
backup_time: "*-*-* 02:00:00"
|
||||
# What format should the datestamps in the filenames of any backups be in?
|
||||
|
@ -3,6 +3,8 @@
|
||||
---
|
||||
- name: template out backup script
|
||||
template: src={{ backup_script }}.sh dest=/opt/backup.sh mode=0700 owner=root group=root
|
||||
- name: template out restore script
|
||||
template: src={{ restore_script }}.sh dest=/opt/restore.sh mode=0700 owner=root group=root
|
||||
- name: configure systemd service
|
||||
template: src=backup.service dest=/etc/systemd/system/backup.service mode=0644
|
||||
- name: configure systemd timer
|
||||
|
64
roles/backup/templates/s3restore.sh
Normal file
64
roles/backup/templates/s3restore.sh
Normal file
@ -0,0 +1,64 @@
|
||||
#! /bin/bash
|
||||
#
|
||||
# s3restore.sh
|
||||
# Companion script to s3backup.sh, this script obtains a listing of recent
|
||||
# backups and offers the user a choice to restore from.
|
||||
#
|
||||
# This script offers no automation; it is intended for use by hand.
|
||||
#
|
||||
# NOTICE: THIS FILE CONTAINS SECRETS
|
||||
# This file may contain the following secrets depending on configuration:
|
||||
# * An AWS access key
|
||||
# * An AWS session token
|
||||
# These are NOT things you want arbitrary readers to access! Ansible will
|
||||
# attempt to ensure this file has 0700 permissions, but that won't stop you
|
||||
# from changing that yourself
|
||||
# DO NOT ALLOW THIS FILE TO BE READ BY NON-ROOT USERS
|
||||
|
||||
# NOTICE: DO NOT MODIFY THIS FILE
|
||||
# Any changes made will be clobbered by Ansible
|
||||
# Please make any configuration changes in the main repo
|
||||
|
||||
set -e
|
||||
url="s3://{{ backup_s3_bucket}}/{{ inventory_hostname }}/"
|
||||
|
||||
# AWS S3 configuration
|
||||
# NOTE: THIS IS SECRET INFORMATION
|
||||
export AWS_ACCESS_KEY_ID="{{ backup_s3_aws_access_key_id }}"
|
||||
export AWS_SECRET_ACCESS_KEY="{{ backup_s3_aws_secret_access_key }}"
|
||||
|
||||
# Obtain a list possible restorable for this host
|
||||
declare -a BACKUPS
|
||||
printf "Querying S3 for restoreable backups (\e[35m$url\e[0m)...\n"
|
||||
while read line; do
|
||||
filename="$(echo "$line" | awk '{print $NF}')"
|
||||
BACKUPS+=("$filename")
|
||||
done < <(aws s3 ls "$url")
|
||||
|
||||
# Present the user with some options
|
||||
printf "Possible restorable backups:\n"
|
||||
printf "\e[37m\t%s\t%s\n\e[0m" "Index" "Filename"
|
||||
for index in "${!BACKUPS[@]}"; do
|
||||
printf "\t\e[32m%s\e[0m\t\e[34m%s\e[0m\n" "$index" "${BACKUPS[$index]}"
|
||||
done
|
||||
|
||||
# Ensure we can write to pwd
|
||||
if ! [ -w "$PWD" ]; then
|
||||
printf "To restore a backup, please navigate to a writeable directory\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Query for a backup to pull down
|
||||
printf "Please select a backup by \e[32mindex\e[0m to pull down\n"
|
||||
printf "It will be copied into the current directory as a tarball\n"
|
||||
read -p "?" restoreindex
|
||||
|
||||
# Sanity check user input
|
||||
if [ -z "${BACKUPS[$restoreindex]}" ]; then
|
||||
printf "Invalid selection, aborting: $restoreindex\n"
|
||||
exit 2
|
||||
fi
|
||||
|
||||
# Copy the thing
|
||||
printf "Pulling backup...\n"
|
||||
aws s3 cp "$url${BACKUPS[$restoreindex]}" ./
|
Loading…
Reference in New Issue
Block a user