backup-over-ssh-tunnel

#!/bin/bash -x
#-------------------------------------------------------------------------------
# dit script backupt de /root/ /home/ /etc/ en /usr/ en de /data
# flip hess 2011 06 20 [email protected]
#
#-------------------------------------------------------------------------------

# Global variables:

PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
SCRIPT_PATH="${0}"


# Functions:

# The main function.
function fMain()
{
  # source and destination:
  local DEST_DIR='/backups/HOST'
  local SOURCEDIRS='etc root usr home var'

  # tunnel settings:
  local LOCALHOST='127.0.0.1'
  local TUNNELPORT='2622'

  # ssh settings:
  local SSH="ssh -q -A"
  local SSHPORT='22'
  local USER='YOU'
  local KEYCHAIN_FILE='/root/.keychain/backup-sh'

  # hops in between:
  local HOP1='bastionhost.example.com'
  local HOP2='fisthop.example.com'
  local HOP3='nexthop.internal.example.com'
  local HOP4='final.destination.internal.example.com'

  # how long should the tunnel stay open:
  local SLEEPYTIME='1200'

  # rsync settings:
  local RSYNC="rsync -q"
  local RUSER='root'

  # time settings:
  local TIME_STAMP="$(date '+%F_%H.%M.%S')"

  # Check whether arguments are given:
  if [ ${#} -gt 0 ]
  then
    fShowUsage
    return 1
  fi

  # Load SSH agent environment variables:
  if [ -f "${KEYCHAIN_FILE}" ]
  then
    . "${KEYCHAIN_FILE}"
  else
    echo "\"${KEYCHAIN_FILE}\" does not exist!"
    return 3
  fi

  # Check target directory:
  if [ ! -d "${DEST_DIR}" ]
  then
    echo "Backup directory \"${DEST_DIR}\" does not exist!"
    return 2
  fi

  # Check whether SSH to first  host without password is possible:
  if ( ! ssh -p${SSHPORT} -o 'BatchMode yes' -qq ${USER}@${HOP1} exit 0 )
  then
    echo "No SSH access to host ${HOP1}"
    return 4
  fi

  # define tunnel vars:
  local TUNNEL="${TUNNELPORT}:${LOCALHOST}:${TUNNELPORT}"

  # setup tunnel:
  ${SSH} -p${SSHPORT} -t -A -L ${TUNNEL} ${USER}@${HOP1} ${SSH} -p${SSHPORT} -t -A -L ${TUNNEL} ${HOP2} ${SSH} -p${SSHPORT} -t -A -L ${TUNNELPORT}:${HOP4}:${SSHPORT} ${HOP3} "sleep ${SLEEPYTIME}" > /dev/null 2>&1 &

  # sleep for a while
  sleep 5

  # check if tunnel is alive:
  echo "QUIT" | nc 127.0.0.1 ${TUNNELPORT} | grep -q 'SSH-2.0-OpenSSH'
  if [ ${?} != 0 ]
  then
    echo "Tunnel instable or nonexistent... exiting backup script! or check ssh output with netcat!"
    exit 1
  fi

#  # start script on machine to rsync homedirs to local homedir:
#    ${SSH} ${RUSER}@${LOCALHOST} -p ${TUNNELPORT} "/root/scripts/rsync-to-disk"
#
#  # exit code checken:
#  if [ ${?} !=  0 ]
#  then
#   echo "running Syncscript through ssh-tunnel on ${HOP4} failed!"
#   exit 1
#  fi

  # ALL DIRS BACKUPPEN

  # for loopje:
  for SOURCEDIR in ${SOURCEDIRS}
  do
     # Check target directory:
     if [ ! -d ${DEST_DIR}/${SOURCEDIR} ]
     then
       echo "${DEST_DIR}/${SOURCEDIR} does not exist, creating..."
       mkdir -p ${DEST_DIR}/${SOURCEDIR}
       # check exit code
       if [ ${?} != 0 ]
       then
         echo "Failed to create ${DEST_DIR}/${SOURCEDIR}, skipping....."
         continue
       fi
     fi

     # rsync dir to backupdir location:
     ${RSYNC} --exclude '.gvfs' -avz -e "${SSH} -p${TUNNELPORT}" ${RUSER}@${LOCALHOST}:/${SOURCEDIR} ${DEST_DIR}/${SOURCEDIR}

     # check if succeeded
     if [ ${?} != 0 ]
     then
       echo " offdisk backup of ${SOURCEDIR} on \"${TIME_STAMP}\" has failed "
       continue
     fi
  done


  return 0
}

# Shows usage.
function fShowUsage()
{
  echo "Usage: ${SCRIPT_PATH}"
  return 0
}


# Start the program:
fMain "${@}"

# Exit with previous return code:
exit "${?}"