From eba69a5c73fc876282699944900f1c6543d3c5f5 Mon Sep 17 00:00:00 2001
From: "Christian P. MOMON" <christian.momon@devinsy.fr>
Date: Tue, 17 Jan 2023 14:21:45 +0100
Subject: [PATCH] Plan borg: updates (step).

---
 Plan Borg/README.md                           | 119 +++++++-----------
 Plan Borg/bin/dobackup-local                  |   2 +-
 Plan Borg/bin/{dochecks2 => dochecksb}        |   0
 Plan Borg/bin/doinit                          |   2 +-
 Plan Borg/bin/doinit-local                    |  23 ++++
 Plan Borg/bin/doinit-remote                   |  38 ++++++
 Plan Borg/bin/doinit-rsync                    |  39 ++++++
 Plan Borg/bin/{doprunes2 => doprunesb}        |   0
 Plan Borg/bin/lastbackups                     |   4 +-
 Plan Borg/models/model-conf-local.yaml        |   3 +-
 .../models/model-conf-remote-client.yaml      |   7 +-
 Plan Borg/models/model-conf-remote.yaml       |   5 +
 12 files changed, 158 insertions(+), 84 deletions(-)
 rename Plan Borg/bin/{dochecks2 => dochecksb} (100%)
 create mode 100755 Plan Borg/bin/doinit-local
 create mode 100755 Plan Borg/bin/doinit-remote
 create mode 100755 Plan Borg/bin/doinit-rsync
 rename Plan Borg/bin/{doprunes2 => doprunesb} (100%)

diff --git a/Plan Borg/README.md b/Plan Borg/README.md
index b2f54e8..2afc61c 100644
--- a/Plan Borg/README.md	
+++ b/Plan Borg/README.md	
@@ -12,7 +12,6 @@ Le plan Borg est une solution de sauvegarde basée sur Borgmatic.
 Ajouter les backports bullseye dans `/etc/apt/source.list` :
 ```
 deb http://ftp.fr.debian.org/debian/ bullseye-backports main
-
 ```
 
 Installer les paquets nécessaires :
@@ -33,49 +32,39 @@ chmod go-rwx ~/.ssh
 ssh-keygen -t ed25519
 ```
 
-Créer un dossier pour les scripts maison :
-```
-mkdir -p ~borg/bin
-```
-
 Récupérer les scripts et modèles :
 ```
 cd ~borg/
 mkdir bin models
-wget 
+URL=https://git.a-lec.org/a-lec/commissions/infrastructure/sauvegardes/-/raw/main/Plan%20Borg/
+cd bin
+wget -nv $URL/bin/dobackup-server
+wget -nv $URL/bin/dobackup-remote
+wget -nv $URL/bin/dobackup-rsync
+wget -nv $URL/bin/dobackups
+wget -nv $URL/bin/dochecks
+wget -nv $URL/bin/dochecksb
+wget -nv $URL/bin/doinit
+wget -nv $URL/bin/doprunes
+wget -nv $URL/bin/doprunesb
+wget -nv $URL/bin/lastbackups
+cd ../models
+wget -nv $URL/models/cron
+wget -nv $URL/models/excludes
+wget -nv $URL/models/model-conf-local.yaml
+wget -nv $URL/models/model-conf-remote.yaml
+#wget -nv $URL/models/model-conf-remote-client.yaml
+#wget -nv $URL/models/model-conf-rsync.yaml
+wget -nv $URL/models/retention.yaml
+cd .. ; find
 ```
 
-Créer les dossiers de configuration de Borgmatic :
+Déployer la configuration générique de Borgmatic :
 ```
 mkdir -p /etc/borgmatic/ /etc/borgmatic.d/
+cp /srv/borg/models/retention.yaml /etc/borgmatic/
+cp /srv/borg/models/excludes /etc/borgmatic/
 ```
-
-Définir dans `/etc/borgmatic/retention.yaml` les valeurs de rétentions communes :
-```
-    keep_within: 14d
-    keep_daily: 7
-    keep_weekly: 12
-    keep_monthly: 11
-```
-
-Définir dans `/etc/borgmatic/excludes` les patterns d'exclusion :
-```
-pp:var/cache/
-pp:var/backups/vm/
-pp:var/backups/borg/
-fm:*/.gvfs
-fm:*/.thumbnails
-fm:*/.bkl-thumbnails
-fm:*/Cache
-fm:*/.cache
-fm:*/cache
-fm:*/cache2
-fm:*/.davfs2
-fm:*/.local/share/Trash
-fm:*/lost+found
-fm:*/sharedfs
-```
-
 Définir une passphrase générique : 
 ```
 echo "XXXXXXXXXXXXXXXXXXXXXXXXXXX" > ~borg/.borg-passphrase
@@ -94,26 +83,16 @@ chown borg /var/backup/borg
 
 Configurer le `cron` dans `/etc/cron.d/backups` :
 ```
-10 0 * * *      borg     /srv/borg/bin/dobackups >> /var/backups/borg/dobackups.log 2>&1
-10 12 * * *     borg     /srv/borg/bin/doprune >> /var/backups/borg/doprune.log 2>&1
-10 5 * * 0     borg     /srv/borg/bin/dochecks >> /var/backups/borg/dochecks.log 2>&1
+cp /srv/borg/models/cron /etc/cron.d/backups
+cd /srv/borg/
+ln -s /etc/cron.d/backups cron
 ```
 
-# Configurer la sauvegarde de la machine locale
+# Configurer la sauvegarde du serveur de sauvegarde
 
-Créer une configuration pour la sauvegarde de la machine locale `/etc/borgmatic.d/sauvkipeu.yaml` :
+Initialiser le contexte Borgmatic :
 ```
-cp /srv/borg/models/model-conf-local.yaml /etc/borgmatic.d/
-```
-
-Vérifier que la configuration Borgmatic est valide :
-```
-validate-borgmatic-config
-```
-
-Initialiser le dépôt de la machine locale :
-```
-/srv/borg/bin/doinit sauvkipeu
+/srv/borg/bin/doinit-local
 ```
 
 Lancer la première sauvegarde locale (dure moins d'une minutes) :
@@ -123,43 +102,33 @@ time /srv/borg/bin/dobackup-local
 
 Afficher les informations du dépôt :
 ```
-borgmatic -c /etc/borgmatic.d/sauvkipeu.yaml info
+borgmatic -c /etc/borgmatic.d/$(hostname).yaml info
 ```
 
 Afficher la liste des sauvegardes du dépôt :
 ```
-borgmatic -c /etc/borgmatic.d/sauvkipeu.yaml list
+borgmatic -c /etc/borgmatic.d/$(hostname).yaml list
 ```
 
 Afficher le contenu de la sauvegarde :
 ```
-borgmatic -c /etc/borgmatic.d/sauvkipeu.yaml list --archive 2023-01-14T09:20
+borgmatic -c /etc/borgmatic.d/$(hostname).yaml list --archive $(borgmatic -c /etc/borgmatic.d/$(hostname).yaml list --short | tail -1)
 ```
 
-Ajouter le lancement de la sauvegarde dans `/srv/borg/bin/dobackups` :
+Ajouter le déclenchement de la sauvegarde dans `/srv/borg/bin/dobackups` :
 ```
 /srv/borg/bin/dobackup-local
 ```
+
 # Configurer la sauvegarde d'une machine en remote
 
 C'est le cas nominal. Le principe consiste à configurer le serveur de sauvegarde pour déclencher l'action de sauvegarde sur la machine à sauvegarder.
 
 ## Côté serveur de sauvegarde
 
-Configurer Borgmatic dans `/etc/borgmatic.d/foo.bar.org.yaml` :
+Initialiser le contexte Borgmatic :
 ```
-cp /srv/borg/models/model-conf-remote.yaml /etc/borgmatic.d/config.yaml
-```
-
-Modifier le chemin le chemin du dépôt :
-```
-    repositories:
-        - /var/backups/borg/foo.bar.org.repo
-```
-
-Créer le dossier du nouveau dépôt de sauvegarde :
-```
-/srv/borg/bin/doinit foo.bar.org
+/srv/borg/bin/doinit-remote status.libre-en-communs.org
 ```
 
 Ajouter un accès ssh restreint dans `/srv/borg/.ssh/authorized_keys` :
@@ -169,9 +138,9 @@ command="export BORG_PASSCOMMAND=/srv/borg/.borg-passphrase; borg serve --restri
 
 ## Côté machine à sauvegarder
 
-Ajouter les backports bullseye dans `/etc/apt/source.list` :
+Ajouter les backports bullseye dans `/etc/apt/source.list.d` :
 ```
-deb http://ftp.fr.debian.org/debian/ bullseye-backports main
+echo "deb http://ftp.fr.debian.org/debian/ bullseye-backports main" > /etc/apt/sources.list.d/backports.list
 ```
 
 Installer les paquets nécessaires :
@@ -183,9 +152,9 @@ Créer et peupler le dossier de configruation de Borgmatic :
 ```
 mkdir -p /etc/borgmatic
 cd /etc/borgmatic
-wget htpps://.../retention.yaml
-wget htpps://.../Plan B/models/excludes
-wget htpps://.../Plan B/models/model-conf-remote2.yaml /etc/borgmatic/config.yaml
+URL=https://git.a-lec.org/a-lec/commissions/infrastructure/sauvegardes/-/raw/main/Plan%20Borg/
+wget -nv $URL/models/excludes
+wget -nv $URL/models/model-conf-remote-client.yaml -O /etc/borgmatic/config.yaml
 ```
 
 Vérifier que la configuration Borgmatic est valide :
@@ -195,7 +164,7 @@ validate-borgmatic-config
 
 Configurer la passphrase dans `/etc/borgmatic/config.yaml` :
 ```
-     encryption_passphrase: XXXXXXXXXXXXXX
+     encryption_passphrase: 'XXXXXXXXXXXXXX'
 ```
 
 Ajouter la clé borg du serveur de sauvegarde dans `/home/admin666/.ssh/authorized_keys` :
@@ -217,7 +186,7 @@ borgmatic -c /etc/borgmatic.d/foo.bar.org.yaml info
 
 Afficher la liste des sauvegardes du dépôt :
 ```
-borgmatic -c /etc/borgmatic.d/foo.bar.orgyaml list
+borgmatic -c /etc/borgmatic.d/foo.bar.org.yaml list
 ```
 
 Afficher le contenu de la sauvegarde :
diff --git a/Plan Borg/bin/dobackup-local b/Plan Borg/bin/dobackup-local
index 24f018c..b61577b 100755
--- a/Plan Borg/bin/dobackup-local	
+++ b/Plan Borg/bin/dobackup-local	
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-COMPUTER=$(hostname -s)
+COMPUTER=$(hostname)
 CONFIG="/etc/borgmatic.d/$COMPUTER.yaml"
 if [ -f "$CONFIG" ]; then
     echo "=================================================================="
diff --git a/Plan Borg/bin/dochecks2 b/Plan Borg/bin/dochecksb
similarity index 100%
rename from Plan Borg/bin/dochecks2
rename to Plan Borg/bin/dochecksb
diff --git a/Plan Borg/bin/doinit b/Plan Borg/bin/doinit
index 755f86a..5936fca 100755
--- a/Plan Borg/bin/doinit	
+++ b/Plan Borg/bin/doinit	
@@ -2,7 +2,7 @@
 
 help()
 {
-    echo "Usage: doinit [ -h | -help | --help | <MACHINE> ]"
+    echo "Usage: doinit [ -h | -help | --help | <COMPUTER> ]"
     echo "Init a borg repository."
 }
 
diff --git a/Plan Borg/bin/doinit-local b/Plan Borg/bin/doinit-local
new file mode 100755
index 0000000..14befda
--- /dev/null
+++ b/Plan Borg/bin/doinit-local	
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+help()
+{
+    echo "Usage: doinit-local [ -h | -help | --help | <COMPUTER> ]"
+    echo "Init borgmatic configuration for the backup computer."
+}
+
+#
+help=0
+if (( $# != 0)); then
+    help
+else
+    echo "== Create the borgmatic configuration file."
+    cp /srv/borg/models/model-conf-local.yaml /etc/borgmatic.d/$(hostname).yaml
+    
+    echo "== Verify the bogmatic configuration file."
+    validate-borgmatic-config
+    
+    echo "== Create the repository directory."
+    /srv/borg/bin/doinit $(hostname)
+fi
+
diff --git a/Plan Borg/bin/doinit-remote b/Plan Borg/bin/doinit-remote
new file mode 100755
index 0000000..1d5f39e
--- /dev/null
+++ b/Plan Borg/bin/doinit-remote	
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+help()
+{
+    echo "Usage: doinit-remote [ -h | -help | --help | <COMPUTER> ]"
+    echo "Init borgmatic configuration for a remote computer."
+}
+
+#
+help=0
+if (( $# != 1)); then
+    help=1
+else    
+    for parameter in $@; do
+        if [ "$parameter" == "-h" ] || [ "$parameter" == "-help" ] || [ "$parameter" == "--help" ]; then
+            help=1
+        fi
+    done
+fi
+    
+if (( $help )); then
+    help
+else
+    COMPUTER="$1"
+
+    echo "== Create the borgmatic configuration file."
+    cp /srv/borg/models/model-conf-remote.yaml /etc/borgmatic.d/${COMPUTER}.yaml
+    
+    echo "== Update the repository directory in borgmatic configuration file."
+    sed -i s/\<HOSTNAME\>/${COMPUTER}/g /etc/borgmatic.d/${COMPUTER}.yaml
+
+    echo "== Verify the bogmatic configuration file."
+    validate-borgmatic-config
+    
+    echo "== Create the repository directory."
+    /srv/borg/bin/doinit ${COMPUTER}
+fi
+
diff --git a/Plan Borg/bin/doinit-rsync b/Plan Borg/bin/doinit-rsync
new file mode 100755
index 0000000..cf64d9c
--- /dev/null
+++ b/Plan Borg/bin/doinit-rsync	
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+help()
+{
+    echo "Usage: doinit-rsync [ -h | -help | --help | <COMPUTER> ]"
+    echo "Init borgmatic configuration for a rsync mirror."
+}
+
+#
+help=0
+if (( $# != 1)); then
+    help=1
+else    
+    for parameter in $@; do
+        if [ "$parameter" == "-h" ] || [ "$parameter" == "-help" ] || [ "$parameter" == "--help" ]; then
+            help=1
+        fi
+    done
+fi
+    
+if (( $help )); then
+    help
+else
+    COMPUTER="$1"
+
+    # TODOOOOOOOOOOOOOOOOOOOOOOOOOO
+    echo "== Create the borgmatic configuration file."
+    cp /srv/borg/models/model-conf-remote.yaml /etc/borgmatic.d/${COMPUTER}.yaml
+    
+    echo "== Update the repository directory in borgmatic configuration file."
+    sed -i s/\<HOSTNAME\>/${COMPUTER}/g /etc/borgmatic.d/${COMPUTER}.yaml
+
+    echo "== Verify the bogmatic configuration file."
+    validate-borgmatic-config
+    
+    echo "== Create the repository directory."
+    /srv/borg/bin/doinit ${COMPUTER}
+fi
+
diff --git a/Plan Borg/bin/doprunes2 b/Plan Borg/bin/doprunesb
similarity index 100%
rename from Plan Borg/bin/doprunes2
rename to Plan Borg/bin/doprunesb
diff --git a/Plan Borg/bin/lastbackups b/Plan Borg/bin/lastbackups
index 3a5d4b0..20fffcc 100755
--- a/Plan Borg/bin/lastbackups	
+++ b/Plan Borg/bin/lastbackups	
@@ -2,8 +2,8 @@
 
 SCRIPT_NAME="$(basename "$0")"
 
-BACKUPS_DIR="/var/backups/borg/$computer"
-cd $BACKUPS_DIR
+BORG_REPOS="/var/backups/borg/"
+cd $BORG_REPOS
 for BORG_REPO in $(ls -d *.repo); do
     if [ -d "$BORG_REPO" ]; then
         #echo "$BORG_REPO"
diff --git a/Plan Borg/models/model-conf-local.yaml b/Plan Borg/models/model-conf-local.yaml
index 2a4603b..bb73a7b 100644
--- a/Plan Borg/models/model-conf-local.yaml	
+++ b/Plan Borg/models/model-conf-local.yaml	
@@ -9,7 +9,7 @@ location:
         - /var
 
     repositories:
-        - /var/backups/borg/{hostname}.repo
+        - /var/backups/borg/{fqdn}.repo
 
     exclude_from:
         - /etc/borgmatic/excludes
@@ -25,6 +25,7 @@ consistency:
     checks:
         - repository
         - archives
+    prefix: '2' # This foo line is required with old borgmatic version.
 
 output:
     color: false
diff --git a/Plan Borg/models/model-conf-remote-client.yaml b/Plan Borg/models/model-conf-remote-client.yaml
index 7b76558..c09e761 100644
--- a/Plan Borg/models/model-conf-remote-client.yaml	
+++ b/Plan Borg/models/model-conf-remote-client.yaml	
@@ -9,8 +9,8 @@ location:
         - /var
 
     repositories:
-        - borgmaster@sauvkipeu:/var/backups/borg/foo.bar.org.repo
-        - borgmaster@gardefou:/var/backups/borg/foo.bar.org.repo
+        - borg@sauvkipeu:/var/backups/borg/$(hostname).repo
+        #- borg@gardefou:/var/backups/borg/$(hostname).repo
 
     exclude_from:
         - /etc/borgmatic/excludes
@@ -18,8 +18,7 @@ location:
 storage:
      ssh_command: ssh -p XXXXX
      encryption_passphrase: blablabla
-     # archive_name_format: '{fqdn}-{now:%Y-%m-%dT%H:%M}'
-     archive_name_format: '{fqdn}-{now:%Y%m%d}'
+     archive_name_format: '{fqdn}-{now:%Y-%m-%dT%H:%M}'
 
 retention:
      prefix: '{fqdn}-'
diff --git a/Plan Borg/models/model-conf-remote.yaml b/Plan Borg/models/model-conf-remote.yaml
index 5b469eb..844723f 100644
--- a/Plan Borg/models/model-conf-remote.yaml	
+++ b/Plan Borg/models/model-conf-remote.yaml	
@@ -7,10 +7,15 @@ location:
 retention:
     !include /etc/borgmatic/retention.yaml
 
+storage:
+    encryption_passcommand: 'cat /srv/borg/.borg-passphrase'
+    #archive_name_format: '{now:%Y-%m-%dT%H:%M}'
+
 consistency:
     checks:
         - repository
         - archives
+    prefix: '2' # This foo line is required with old borgmatic version.
 
 storage:
     encryption_passcommand: 'cat /srv/borg/.borg-passphrase'