From 7af64daab97b865520b2d1be1251f4ec89cece09 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 4 Feb 2014 15:55:02 +1100 Subject: [PATCH 01/12] small update to man page now that we have encryption support directly --- pgsql-backup.pod | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/pgsql-backup.pod b/pgsql-backup.pod index 72ac3eb..acaf909 100644 --- a/pgsql-backup.pod +++ b/pgsql-backup.pod @@ -337,21 +337,21 @@ A sample hook is included: F<hook-postbackup.sh> =head1 SECURITY -Database dumps created by this script are unencrypted; you should take into -consideration the following (incomplete list) of implications, especially if -your database(s) store sensitive information such as usernames, passwords, -credit card details or other personal information (espeically those of your -customers). +Database dumps created by this script are unencrypted by default; you should +take into consideration the following (incomplete list) of implications, +especially if your database(s) store sensitive information such as usernames, +passwords, credit card details or other personal information (espeically those +of your customers). =over 4 =item * When writing to disk, ensure the backup directory has restictive permissions to prevent unauthorized users gaining access to the backups. -=item * Use the L</POSTBACKUP> hook to encrypt your backups. +=item * Enable encryption of the output files. See L</CONFIG_ENCRYPT>. =item * When emailing backup dumps, avoid the emails being trasmitted over -untrusted networks (ie, the internet). Internal mail systems only. Be aware +untrusted networks (eg, the internet). Internal mail systems only. Be aware of mail systems that archive emails may retain copies of your backups. =item * If you don't administer the email server, please respect your email From 1e472f0bc3fa93519799718333b6d1af4824fb21 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Sat, 26 Apr 2014 13:59:59 +1000 Subject: [PATCH 02/12] fix syntax in Makefile that Debian systems arent happy with --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index eec4956..6d31fc9 100644 --- a/Makefile +++ b/Makefile @@ -36,7 +36,7 @@ bin: test src/$(PROJECT).sh config: pgsql-backup.conf # Install (without overwriting) configuration files - [[ -e $(DESTDIR)$(D_CNF)/pgsql-backup.conf ]] || \ + [ -e $(DESTDIR)$(D_CNF)/pgsql-backup.conf ] || \ install -D -m 0644 $(PROJECT).conf $(DESTDIR)$(D_CNF)/pgsql-backup.conf docs: $(PROJECT).pod From fcb2d4c49af2e9bc92c503e3a1ed25bb01974ca8 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Fri, 25 Jul 2014 11:34:48 +1000 Subject: [PATCH 03/12] symlink instead of hardlink the 'latest' files no real difference except rdiff-backup (and probably some other software) doesn't handle hardlinks properly so doing it this way should prevent problems with that. --- src/pgsql-backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 17962c3..082c309 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -273,7 +273,7 @@ function encrypt_file() { function link_latest() { local _fname="$1" if [[ "$CONFIG_LATEST" == 'yes' ]] ; then - ln -f "${_fname}" "$CONFIG_BACKUPDIR/latest/" + ln -sf "${_fname}" "$CONFIG_BACKUPDIR/latest/" fi return 0 } From 92431eb6f89f6592316647483fdfc779de5ef654 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 2 Sep 2014 19:16:52 +1000 Subject: [PATCH 04/12] resolve issue #4 --- pgsql-backup.conf | 1 + src/pgsql-backup.sh | 95 +++++++++++++++++++++++++++++++++++++++------ 2 files changed, 84 insertions(+), 12 deletions(-) diff --git a/pgsql-backup.conf b/pgsql-backup.conf index 8adbbc2..3a2dbef 100644 --- a/pgsql-backup.conf +++ b/pgsql-backup.conf @@ -43,6 +43,7 @@ CONFIG_MAXATTSIZE="4000" ## script uses a specific version (ie, if you have multiple instances of ## postgresql installed) #CONFIG_PG_DUMP='/usr/bin/pg_dump' +#CONFIG_PG_DUMPALL='/usr/bin/pg_dumpall' #CONFIG_PSQL='/usr/bin/psql' #CONFIG_GZIP='/bin/gzip' #CONFIG_BZIP2='/bin/bzip2' diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 082c309..8b095f4 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -47,6 +47,7 @@ function set_config_defaults() { CONFIG_MAILADDR='root' CONFIG_DBEXCLUDE='' CONFIG_CREATE_DATABASE='yes' + CONFIG_DUMP_GLOBALS='yes' CONFIG_DOWEEKLY='1' CONFIG_COMP='none' CONFIG_LATEST='1' @@ -58,6 +59,7 @@ function set_config_defaults() { CONFIG_ENCRYPT=no CONFIG_PG_DUMP=$(which pg_dump 2> /dev/null || true) + CONFIG_PG_DUMPALL=$(which pg_dumpall 2> /dev/null || true) CONFIG_PSQL=$(which psql 2> /dev/null || true) CONFIG_MAILX=$(which mail 2> /dev/null || true) CONFIG_GZIP=$(which gzip 2> /dev/null || true) @@ -100,9 +102,10 @@ source $rc_fname || { echo "Error reading configuration file: $rc_fname" >&2; ex # Make sure our binaries are good missing_bin='' -[[ ! -x "$CONFIG_PG_DUMP" ]] && missing_bin="$missing_bin\t'pgdump' not found: $CONFIG_PG_DUMP\n" -[[ ! -x "$CONFIG_PSQL" ]] && missing_bin="$missing_bin\t'psql' not found: $CONFIG_PSQL\n" -[[ ! -x "$CONFIG_MAILX" ]] && missing_bin="$missing_bin\t'mail' not found: $CONFIG_MAILX\n" +[[ ! -x "$CONFIG_PG_DUMP" ]] && missing_bin="$missing_bin\t'pgdump' not found: $CONFIG_PG_DUMP\n" +[[ ! -x "$CONFIG_PG_DUMPALL" ]] && missing_bin="$missing_bin\t'pgdumpall' not found: $CONFIG_PG_DUMPALL\n" +[[ ! -x "$CONFIG_PSQL" ]] && missing_bin="$missing_bin\t'psql' not found: $CONFIG_PSQL\n" +[[ ! -x "$CONFIG_MAILX" ]] && missing_bin="$missing_bin\t'mail' not found: $CONFIG_MAILX\n" [[ ! -x "$CONFIG_GZIP" && "$CONFIG_COMP" == 'gzip' ]] && missing_bin="$missing_bin\t'gzip' not found: $CONFIG_GZIP\n" [[ ! -x "$CONFIG_BZIP2" && "$CONFIG_COMP" == 'bzip2' ]] && missing_bin="$missing_bin\t'bzip2' not found: $CONFIG_BZIP2\n" [[ ! -x "$CONFIG_XZ" && "$CONFIG_COMP" == 'xz' ]] && missing_bin="$missing_bin\t'xz' not found: $CONFIG_XZ\n" @@ -131,10 +134,12 @@ declare -r CONFIG_MAXATTSIZE declare -r CONFIG_MAILADDR declare -r CONFIG_DBEXCLUDE declare -r CONFIG_CREATE_DATABASE +declare -r CONFIG_DUMP_GLOBALS declare -r CONFIG_DOWEEKLY declare -r CONFIG_COMP declare -r CONFIG_LATEST declare -r CONFIG_PG_DUMP +declare -r CONFIG_PG_DUMPALL declare -r CONFIG_PSQL declare -r CONFIG_GZIP declare -r CONFIG_BZIP2 @@ -158,7 +163,8 @@ DOM=$(date +%d) # Date of the Month e.g. 27 M=$(date +%B) # Month e.g "January" W=$(date +%V) # Week Number e.g 37 backupfiles="" -OPT="--blobs" # OPT string for use with pg_dump (format is appended below) +declare PG_DUMP_OPTS="--blobs" # options for use with pg_dump (format is appended below) +declare PG_DUMPALL_OPTS="" # options for use with pg_dumpall # Does backup dir exist and can we write to it? [[ ! -n "$CONFIG_BACKUPDIR" ]] && { echo "Configuration option 'CONFIG_BACKUPDIR' is not optional!" >&2; exit 2; } @@ -193,7 +199,7 @@ case "$CONFIG_DUMPFORMAT" in OUTEXT='dump' ;; esac -OPT="$OPT --format=${CONFIG_DUMPFORMAT}" +PG_DUMP_OPTS="$PG_DUMP_OPTS --format=${CONFIG_DUMPFORMAT}" # IO redirection for logging. log_stdout=$(mktemp "$CONFIG_BACKUPDIR/logs/$CONFIG_PGHOST-$$-log.XXXX") # Logfile Name @@ -212,7 +218,12 @@ exec 2> $log_stderr # stderr replaced with file $log_stderr. function dbdump() { local _args="$1" local _output_fname="$2" - $CONFIG_PG_DUMP $OPT $_args > $_output_fname + $CONFIG_PG_DUMP $PG_DUMP_OPTS $_args > $_output_fname + return $? +} +function dump_globals() { + local _output_fname="$1" + $CONFIG_PG_DUMPALL $PG_DUMPALL_OPTS --globals-only > $_output_fname return $? } @@ -283,7 +294,10 @@ function link_latest() { # Hostname for LOG information; also append socket to if [[ "$CONFIG_PGHOST" == "localhost" ]] ; then HOST="$HOSTNAME" - [[ "$CONFIG_SOCKET" ]] && OPT="$OPT --host=$CONFIG_SOCKET" + if [[ "$CONFIG_SOCKET" ]] ; then + PG_DUMP_OPTS="$PG_DUMP_OPTS --host=$CONFIG_SOCKET" + PG_DUMPALL_OPTS="$PG_DUMPALL_OPTS --host=$CONFIG_SOCKET" + fi else HOST=$CONFIG_PGHOST fi @@ -315,9 +329,9 @@ fi # ask pg_dump to include CREATE DATABASE in the dump output? if [[ "$CONFIG_CREATE_DATABASE" == "no" ]] ; then - OPT="$OPT --no-create" + PG_DUMP_OPTS="$PG_DUMP_OPTS --no-create" else - OPT="$OPT --create" + PG_DUMP_OPTS="$PG_DUMP_OPTS --create" fi # If backing up all DBs on the server @@ -333,13 +347,26 @@ else DBNAMES="$CONFIG_DBNAMES" fi +# what part of the rotation are we dumping this time? +declare -u write_monthly write_weekly write_daily +if [[ $DOM == "01" ]] ; then + # Monthly Backup + write_monthly='yes' +elif [[ $DNOW == $DOWEEKLY ]] ; then + # Weekly Backup + write_weekly='yes' +else + # Daily Backup + write_daily='yes' +fi + for DB in $DBNAMES ; do # Create Seperate directory for each DB [[ ! -d "$CONFIG_BACKUPDIR/monthly/$DB" ]] && mkdir "$CONFIG_BACKUPDIR/monthly/$DB" [[ ! -d "$CONFIG_BACKUPDIR/weekly/$DB" ]] && mkdir "$CONFIG_BACKUPDIR/weekly/$DB" [[ ! -d "$CONFIG_BACKUPDIR/daily/$DB" ]] && mkdir "$CONFIG_BACKUPDIR/daily/$DB" - if [[ $DOM == "01" ]] ; then + if [[ -n "$write_monthly" ]] ; then # Monthly Backup echo Monthly Backup of $DB... # note we never automatically delete old monthly backups @@ -352,7 +379,7 @@ for DB in $DBNAMES ; do backupfiles="${backupfiles} $outfile" echo echo '----------------------------------------------------------------------' - elif [[ $DNOW == $DOWEEKLY ]] ; then + elif [[ -n "$write_weekly" ]] ; then # Weekly Backup echo "Weekly Backup of Database '$DB'" echo "Rotating 5 weeks Backups..." @@ -373,7 +400,7 @@ for DB in $DBNAMES ; do backupfiles="$backupfiles $outfile" echo echo '----------------------------------------------------------------------' - else + elif [[ -n "$write_daily" ]] ; then # Daily Backup echo "Daily Backup of Database '$DB'" echo "Rotating last weeks Backup..." @@ -387,9 +414,53 @@ for DB in $DBNAMES ; do backupfiles="$backupfiles $outfile" echo echo '----------------------------------------------------------------------' + else + # this is a bug if we get here + echo "Ooops! Bug detected." + exit -1 fi done +# dump globals (eg, login roles etc) +if [[ "$CONFIG_DUMP_GLOBALS" == 'yes' ]] ; then + if [[ -n "$write_monthly" ]] ; then + echo Monthly Backup of globals... + # note we never automatically delete old monthly backups + outfile="${CONFIG_BACKUPDIR}/monthly/globals_${FULLDATE}.${M}.${MDB}.${OUTEXT}" + elif [[ -n "$write_weekly" ]] ; then + # Weekly Backup + echo "Weekly Backup of globals" + echo "Rotating 5 weeks backups..." + if [ $W -le 05 ] ; then + REMW="$(expr 48 + $W)" + elif [ $W -lt 15 ] ; then + REMW="0$(expr $W - 5)" + else + REMW="$(expr $W - 5)" + fi + rm -f $CONFIG_BACKUPDIR/weekly/globals_week.$REMW.* + outfile="$CONFIG_BACKUPDIR/weekly/globals_week.$W.$FULLDATE.${OUTEXT}" + elif [[ -n "$write_daily" ]] ; then + # Daily Backup + echo "Daily Backup of globals" + echo "Rotating last weeks backups..." + rm -f $CONFIG_BACKUPDIR/daily/globals*.$DOW.* + outfile="$CONFIG_BACKUPDIR/daily/globals_$FULLDATE.$DOW.${OUTEXT}" + else + # this is a bug if we get here + echo "Ooops! Bug detected." + false; + fi + + dump_globals "$outfile" + outfile=$(compress_file "$outfile") + outfile=$(encrypt_file "$outfile") + echo "Globals written to $(basename $outfile)" + backupfiles="${backupfiles} $outfile" + echo + echo '----------------------------------------------------------------------' +fi + if [[ "$CONFIG_ENCRYPT" == 'yes' ]] ; then cat <<EOT !!! IMPORTANT !!! From 726255e92d9c50db25e33773d4101dff654a2ad3 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 2 Sep 2014 19:18:08 +1000 Subject: [PATCH 05/12] cleanup repeated code to keep it DRY --- src/pgsql-backup.sh | 34 ++++++++++------------------------ 1 file changed, 10 insertions(+), 24 deletions(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 8b095f4..993520c 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -371,14 +371,6 @@ for DB in $DBNAMES ; do echo Monthly Backup of $DB... # note we never automatically delete old monthly backups outfile="${CONFIG_BACKUPDIR}/monthly/${DB}/${DB}_${FULLDATE}.${M}.${MDB}.${OUTEXT}" - dbdump "${DB}" "$outfile" - outfile=$(compress_file "$outfile") - outfile=$(encrypt_file "$outfile") - link_latest "$outfile" - echo "Backup written to $(basename $outfile)" - backupfiles="${backupfiles} $outfile" - echo - echo '----------------------------------------------------------------------' elif [[ -n "$write_weekly" ]] ; then # Weekly Backup echo "Weekly Backup of Database '$DB'" @@ -392,33 +384,27 @@ for DB in $DBNAMES ; do fi rm -f $CONFIG_BACKUPDIR/weekly/$DB/${DB}_week.$REMW.* outfile="$CONFIG_BACKUPDIR/weekly/$DB/${DB}_week.$W.$FULLDATE.${OUTEXT}" - dbdump "$DB" "$outfile" - outfile=$(compress_file "$outfile") - outfile=$(encrypt_file "$outfile") - link_latest "$outfile" - echo "Backup written to $(basename $outfile)" - backupfiles="$backupfiles $outfile" - echo - echo '----------------------------------------------------------------------' elif [[ -n "$write_daily" ]] ; then # Daily Backup echo "Daily Backup of Database '$DB'" echo "Rotating last weeks Backup..." rm -f $CONFIG_BACKUPDIR/daily/$DB/*.$DOW.* outfile="$CONFIG_BACKUPDIR/daily/$DB/${DB}_$FULLDATE.$DOW.${OUTEXT}" - dbdump "$DB" "$outfile" - outfile=$(compress_file "$outfile") - outfile=$(encrypt_file "$outfile") - link_latest "$outfile" - echo "Backup written to $(basename $outfile)" - backupfiles="$backupfiles $outfile" - echo - echo '----------------------------------------------------------------------' else # this is a bug if we get here echo "Ooops! Bug detected." exit -1 fi + + # do the dump now we know where to write to + dbdump "${DB}" "$outfile" + outfile=$(compress_file "$outfile") + outfile=$(encrypt_file "$outfile") + link_latest "$outfile" + echo "Backup written to $(basename $outfile)" + backupfiles="${backupfiles} $outfile" + echo + echo '----------------------------------------------------------------------' done # dump globals (eg, login roles etc) From e9fc2f80d2ad034401ab1763ea9d6b62fa867d84 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 2 Sep 2014 19:24:37 +1000 Subject: [PATCH 06/12] update documentation for commit 92431eb6f89f6592 --- pgsql-backup.conf | 3 +++ pgsql-backup.pod | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/pgsql-backup.conf b/pgsql-backup.conf index 3a2dbef..89af92b 100644 --- a/pgsql-backup.conf +++ b/pgsql-backup.conf @@ -61,6 +61,9 @@ CONFIG_DBEXCLUDE="template0" # Include CREATE DATABASE in backup? CONFIG_CREATE_DATABASE=yes +# Make a dump of the PostgreSQL globals (ie login roles) +#CONFIG_DUMP_GLOBALS=yes + # Which day do you want weekly backups? (1 to 7 where 1 is Monday) CONFIG_DOWEEKLY=1 diff --git a/pgsql-backup.pod b/pgsql-backup.pod index acaf909..7be529e 100644 --- a/pgsql-backup.pod +++ b/pgsql-backup.pod @@ -168,6 +168,16 @@ Type: C<yes> or C<no> Default: yes +=head2 CONFIG_DUMP_GLOBALS + +Make a dump of the PostgreSQL globals (ie login roles). If set to C<yes> then +pg_dumpall (NOT pg_dump) is called with with C<--globals-only> flag and output +is saved to a distinct file in the C<CONFIG_BACKUPDIR> path. + +Type: C<yes> or C<no> + +Default: yes + =head2 CONFIG_DOWEEKLY Which day to create a weekly archive of the dumps. Use '0' to not do weekly From 56c2a2f00dcbfd01029f1f2344ad25c268d0b33b Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 2 Sep 2014 19:28:06 +1000 Subject: [PATCH 07/12] fix typo in readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5027d9b..67c89e2 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Use `PREFIX` to change install location make PREFIX=/opt install You will probably want the script to run on a regular basis; you can do this -using cron. Create `/etc/cron.d/pgsql-backup with the following contents: +using cron. Create `/etc/cron.d/pgsql-backup` with the following contents: 0 1 * * * root /usr/local/bin/pgsql-backup From 274470f751616e56b5109b3b2749238753e6a7ff Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 2 Sep 2014 19:29:51 +1000 Subject: [PATCH 08/12] fix typo on man page --- pgsql-backup.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pgsql-backup.pod b/pgsql-backup.pod index 7be529e..f7158ba 100644 --- a/pgsql-backup.pod +++ b/pgsql-backup.pod @@ -350,7 +350,7 @@ A sample hook is included: F<hook-postbackup.sh> Database dumps created by this script are unencrypted by default; you should take into consideration the following (incomplete list) of implications, especially if your database(s) store sensitive information such as usernames, -passwords, credit card details or other personal information (espeically those +passwords, credit card details or other personal information (especially those of your customers). =over 4 From 591274aeed3a86b7533429aa055a019e4eb4dbf7 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Thu, 4 Sep 2014 13:56:55 +1000 Subject: [PATCH 09/12] use "command" instead of "which" --- src/pgsql-backup.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 993520c..444ae30 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -58,14 +58,14 @@ function set_config_defaults() { CONFIG_POSTBACKUP='' CONFIG_ENCRYPT=no - CONFIG_PG_DUMP=$(which pg_dump 2> /dev/null || true) - CONFIG_PG_DUMPALL=$(which pg_dumpall 2> /dev/null || true) - CONFIG_PSQL=$(which psql 2> /dev/null || true) - CONFIG_MAILX=$(which mail 2> /dev/null || true) - CONFIG_GZIP=$(which gzip 2> /dev/null || true) - CONFIG_BZIP2=$(which bzip2 2> /dev/null || true) - CONFIG_XZ=$(which xz 2> /dev/null || true) - CONFIG_OPENSSL=$(which openssl 2> /dev/null || true) + CONFIG_PG_DUMP=$(command -v pg_dump || true) + CONFIG_PG_DUMPALL=$(command -v pg_dumpall || true) + CONFIG_PSQL=$(command -v psql || true) + CONFIG_MAILX=$(command -v mail || true) + CONFIG_GZIP=$(command -v gzip || true) + CONFIG_BZIP2=$(command -v bzip2 || true) + CONFIG_XZ=$(command -v xz || true) + CONFIG_OPENSSL=$(command -v openssl || true) } # Path to options file From 4ab6e770b8d565c0cb19be18820383c14f7524b3 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 7 Oct 2014 16:10:21 +1100 Subject: [PATCH 10/12] use a temporary directory for logs and password files --- src/pgsql-backup.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 444ae30..41df178 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -120,6 +120,14 @@ fi # strip any trailing slash from BACKUPDIR CONFIG_BACKUPDIR="${CONFIG_BACKUPDIR%/}" +# we need a temporary directory to work with and we'll throw in +# an EXIT hook to make sure it is cleaned up when we're finished +function cleanup() { + rm -Rf "$TEMP_PATH" +} +declare -r TEMP_PATH=$(mktemp -d --tmpdir '.pgsqlbup.XXXX') +trap cleanup EXIT + # set our umask umask $CONFIG_UMASK @@ -175,7 +183,6 @@ declare PG_DUMPALL_OPTS="" # options for use with pg_dumpall [[ ! -d "$CONFIG_BACKUPDIR/daily" ]] && mkdir "$CONFIG_BACKUPDIR/daily" [[ ! -d "$CONFIG_BACKUPDIR/weekly" ]] && mkdir "$CONFIG_BACKUPDIR/weekly" [[ ! -d "$CONFIG_BACKUPDIR/monthly" ]] && mkdir "$CONFIG_BACKUPDIR/monthly" -[[ ! -d "$CONFIG_BACKUPDIR/logs" ]] && mkdir "$CONFIG_BACKUPDIR/logs" if [[ "$CONFIG_LATEST" == "yes" ]] ; then [[ ! -d "$CONFIG_BACKUPDIR/latest" ]] && mkdir "$CONFIG_BACKUPDIR/latest" # cleanup previous 'latest' links @@ -202,8 +209,8 @@ esac PG_DUMP_OPTS="$PG_DUMP_OPTS --format=${CONFIG_DUMPFORMAT}" # IO redirection for logging. -log_stdout=$(mktemp "$CONFIG_BACKUPDIR/logs/$CONFIG_PGHOST-$$-log.XXXX") # Logfile Name -log_stderr=$(mktemp "$CONFIG_BACKUPDIR/logs/$CONFIG_PGHOST-$$-err.XXXX") # Error Logfile Name +log_stdout="$TEMP_PATH/$CONFIG_PGHOST-$$.log" # Logfile Name +log_stderr="$TEMP_PATH/$CONFIG_PGHOST-$$.err" # Error Logfile Name touch $log_stdout exec 6>&1 # Link file descriptor #6 with stdout. exec > $log_stdout # stdout replaced with file $log_stdout. @@ -267,16 +274,13 @@ function encrypt_file() { # we want to store the passphrase in a temporary file rather than # pass it to openssl on the command line where it would be visible # in the process tree - local _passphrase_file=$(mktemp "$CONFIG_BACKUPDIR/.opensslpass.XXXX") + local _passphrase_file="$TEMP_PATH/opensslpass" chmod 600 "$_passphrase_file" echo "$CONFIG_ENCRYPT_PASSPHRASE" > "$_passphrase_file" $CONFIG_OPENSSL $ENCRYPTION_CIPHER -a -salt -pass file:"$_passphrase_file" -in "$_fname" -out "${_new_fname}" echo "${_new_fname}" - ### TODO: handle this more securely / reliably (eg, if openssl fails and - ### bash aborts us before getting here) Probably need to use an - ### exit hook with a cleanup function? rm -f "$_passphrase_file" "$_fname" return 0 } @@ -537,8 +541,4 @@ else STATUS=0 fi -# Clean up Logfile -rm -f "$log_stdout" -rm -f "$log_stderr" - exit $STATUS From cff919636b9f4b83d32d7856bdd33b45a159be83 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 7 Oct 2014 16:10:33 +1100 Subject: [PATCH 11/12] make some more variables readonly --- src/pgsql-backup.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index 41df178..aa9ca03 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -164,12 +164,12 @@ export PGHOST="$CONFIG_PGHOST" export PGPORT="$CONFIG_PGPORT" export PGDATABASE="$CONFIG_PGDATABASE" -FULLDATE=$(date +%Y-%m-%d_%Hh%Mm) # Datestamp e.g 2002-09-21_11h52m -DOW=$(date +%A) # Day of the week e.g. "Monday" -DNOW=$(date +%u) # Day number of the week 1 to 7 where 1 represents Monday -DOM=$(date +%d) # Date of the Month e.g. 27 -M=$(date +%B) # Month e.g "January" -W=$(date +%V) # Week Number e.g 37 +declare -r FULLDATE=$(date +%Y-%m-%d_%Hh%Mm) # Datestamp e.g 2002-09-21_11h52m +declare -r DOW=$(date +%A) # Day of the week e.g. "Monday" +declare -r DNOW=$(date +%u) # Day number of the week 1 to 7 where 1 represents Monday +declare -r DOM=$(date +%d) # Date of the Month e.g. 27 +declare -r M=$(date +%B) # Month e.g "January" +declare -r W=$(date +%V) # Week Number e.g 37 backupfiles="" declare PG_DUMP_OPTS="--blobs" # options for use with pg_dump (format is appended below) declare PG_DUMPALL_OPTS="" # options for use with pg_dumpall From befb8238ba2843ae6a080bdefd1e5241788e2b86 Mon Sep 17 00:00:00 2001 From: Phillip Smith <fukawi2@gmail.com> Date: Tue, 7 Oct 2014 16:37:44 +1100 Subject: [PATCH 12/12] bump version number --- src/pgsql-backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pgsql-backup.sh b/src/pgsql-backup.sh index aa9ca03..d04bb96 100755 --- a/src/pgsql-backup.sh +++ b/src/pgsql-backup.sh @@ -20,7 +20,7 @@ # # Version Number -VER=0.9.14 +VER=0.9.15 set -e # treat any error as fatal