From f48a0508a7a8a7f33fe5e6d3bb4dade136c96e4f Mon Sep 17 00:00:00 2001 From: Jake Jarvis Date: Tue, 27 Dec 2022 20:48:48 -0500 Subject: [PATCH] save automatic backups to Linode bucket --- .editorconfig | 15 +++++++++++++++ .gitattributes | 2 ++ .gitignore | 4 ++++ etc/systemd/system/mastodon-sidekiq.service | 2 +- scripts/backup.sh | 15 +++++++++++++-- 5 files changed, 35 insertions(+), 3 deletions(-) create mode 100644 .editorconfig create mode 100644 .gitattributes create mode 100644 .gitignore diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..6d94a3c --- /dev/null +++ b/.editorconfig @@ -0,0 +1,15 @@ +# http://editorconfig.org + +# this file is the top-most editorconfig file +root = true + +[*] +charset = utf-8 +end_of_line = lf +indent_style = space +indent_size = 2 +trim_trailing_whitespace = true +insert_final_newline = true + +[*.conf] +indent_style = tab diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..7ee2532 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +# Set default behavior to automatically normalize line endings. +* text=auto eol=lf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3a745f6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +# here be secrets +*.env* +!.env.example +*.pem diff --git a/etc/systemd/system/mastodon-sidekiq.service b/etc/systemd/system/mastodon-sidekiq.service index 9203492..1905cef 100644 --- a/etc/systemd/system/mastodon-sidekiq.service +++ b/etc/systemd/system/mastodon-sidekiq.service @@ -11,7 +11,7 @@ Environment="MALLOC_ARENA_MAX=2" Environment="LD_PRELOAD=libjemalloc.so" # note: this env is also set in .env.production, but this service is started before file is read: Environment="DB_POOL=15" -ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 15 +ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c $DB_POOL TimeoutSec=15 Restart=always # Proc filesystem diff --git a/scripts/backup.sh b/scripts/backup.sh index f3520ae..e9d714f 100755 --- a/scripts/backup.sh +++ b/scripts/backup.sh @@ -1,8 +1,8 @@ #!/bin/bash -# cronjob ran once per week at 3 AM on Monday; see https://crontab.guru/#0_3_*_*_1 +# cronjob ran every day at 3:15 AM; see https://crontab.guru/#15_3_*_*_* # syntax for crontab -e: -# 0 3 * * 1 bash -c "/home/mastodon/utils/scripts/backup.sh >> /home/mastodon/logs/cron.log 2>&1" +# 15 3 * * * bash -c "/home/mastodon/utils/scripts/backup.sh >> /home/mastodon/logs/cron.log 2>&1" # exit when any step fails set -euo pipefail @@ -38,14 +38,25 @@ sudo cp /var/lib/redis/dump.rdb "$TEMP_DIR/redis.rdb" echo "Backing up secrets..." sudo cp "$APP_ROOT/.env.production" "$TEMP_DIR/env.production" +echo "Backing up certs..." +sudo mkdir -p "$TEMP_DIR/certs" +sudo cp -r /etc/letsencrypt/{archive,live,renewal} "$TEMP_DIR/certs/" + echo "Compressing..." ARCHIVE_DEST="$BACKUPS_ROOT/mastodon-$(date "+%Y.%m.%d-%H.%M.%S").tar.gz" sudo tar --owner=0 --group=0 -czvf "$ARCHIVE_DEST" -C "$TEMP_DIR" . sudo chown "$MASTODON_USER":"$MASTODON_USER" "$ARCHIVE_DEST" +echo "Removing temp files..." sudo rm -rf --preserve-root "$TEMP_DIR" echo "Saved to $ARCHIVE_DEST" + +if command -v linode-cli >/dev/null 2>&1; then + echo "Uploading to S3..." + sudo linode-cli obj put "$ARCHIVE_DEST" jarvis-backup +fi + echo "🎉 done! (keep this archive safe!)" echo -e "\n===== backup.sh: finished at $(date '+%Y-%m-%d %H:%M:%S') =====\n"