connectivity

5.4 KB•J2

wireguard-backup.sh.j2

5.4 KB • 196 lines • plaintext

1#!/bin/bash
2# ==============================================================================
3# WireGuard Backup Script
4# ==============================================================================
5#
6# Description: Creates comprehensive backups of WireGuard configuration and data
7# Usage: ./wireguard-backup.sh [full|config-only|rotate]
8#
9# This script is automatically generated by Ansible - DO NOT EDIT MANUALLY
10# Template: wireguard-backup.sh.j2
11#
12# ==============================================================================
13
14set -euo pipefail
15
16# Configuration
17WG_CONFIG_DIR="{{ docker_base_path }}/wireguard/config"
18BACKUP_DIR="{{ docker_base_path }}/wireguard/backups"
19RETENTION_DAYS={{ backup_retention_days | default(7) }}
20LOG_FILE="/var/log/wireguard-backup.log"
21TIMESTAMP=$(date +%Y%m%d-%H%M%S)
22
23# Ensure directories exist
24mkdir -p "${BACKUP_DIR}"
25
26# Logging function
27log() {
28    echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "${LOG_FILE}"
29}
30
31# Error handling function
32error_exit() {
33    log "ERROR: $1"
34    exit 1
35}
36
37# Validate configuration directory
38validate_config() {
39    if [[ ! -d "${WG_CONFIG_DIR}" ]]; then
40        error_exit "WireGuard configuration directory not found: ${WG_CONFIG_DIR}"
41    fi
42    
43    if [[ ! -f "${WG_CONFIG_DIR}/wg-easy.db" ]]; then
44        log "WARNING: WireGuard database file not found - continuing with config backup only"
45    fi
46}
47
48# Create full backup (config + database)
49create_full_backup() {
50    local backup_file="${BACKUP_DIR}/wireguard-full-${TIMESTAMP}.tar.gz"
51    
52    log "Creating full WireGuard backup"
53    validate_config
54    
55    # Create backup
56    tar -czf "${backup_file}" -C "${WG_CONFIG_DIR}" . 2>/dev/null || true
57    
58    if [[ -f "${backup_file}" ]]; then
59        log "Full backup created: ${backup_file}"
60        echo "Backup size: $(du -h "${backup_file}" | cut -f1)"
61        echo "Backup contents: $(tar -tzf "${backup_file}" | wc -l) files"
62    else
63        error_exit "Failed to create full backup"
64    fi
65}
66
67# Create configuration-only backup
68create_config_backup() {
69    local backup_file="${BACKUP_DIR}/wireguard-config-${TIMESTAMP}.tar.gz"
70    
71    log "Creating WireGuard configuration backup"
72    validate_config
73    
74    # Backup only config files (exclude database)
75    tar -czf "${backup_file}" -C "${WG_CONFIG_DIR}" --exclude="*.db" --exclude="*.db-*" . 2>/dev/null || true
76    
77    if [[ -f "${backup_file}" ]]; then
78        log "Configuration backup created: ${backup_file}"
79        echo "Backup size: $(du -h "${backup_file}" | cut -f1)"
80    else
81        error_exit "Failed to create configuration backup"
82    fi
83}
84
85# Rotate old backups
86rotate_backups() {
87    log "Rotating backups older than ${RETENTION_DAYS} days"
88    
89    local files_removed=0
90    local space_freed=0
91    
92    # Find and remove old backup files
93    find "${BACKUP_DIR}" -name "wireguard-*.tar.gz" -mtime +${RETENTION_DAYS} -print0 | while IFS= read -r -d '' file; do
94        local file_size=$(du -b "${file}" | cut -f1)
95        rm -f "${file}"
96        files_removed=$((files_removed + 1))
97        space_freed=$((space_freed + file_size))
98        log "Removed old backup: ${file}"
99    done
100    
101    if [[ ${files_removed} -gt 0 ]]; then
102        log "Rotation complete: ${files_removed} files removed, $(numfmt --to=iec ${space_freed}) freed"
103    else
104        log "No old backups found for rotation"
105    fi
106}
107
108# Verify backup integrity
109verify_backup() {
110    local backup_file="${1}"
111    
112    if [[ ! -f "${backup_file}" ]]; then
113        error_exit "Backup file not found: ${backup_file}"
114    fi
115    
116    log "Verifying backup integrity: ${backup_file}"
117    
118    # Test tar archive
119    if tar -tzf "${backup_file}" >/dev/null 2>&1; then
120        log "Backup verification successful"
121        echo "Backup contains: $(tar -tzf "${backup_file}" | wc -l) files"
122    else
123        error_exit "Backup verification failed - archive may be corrupt"
124    fi
125}
126
127# List available backups
128list_backups() {
129    log "Available WireGuard backups:"
130    
131    if ls "${BACKUP_DIR}"/wireguard-*.tar.gz 1>/dev/null 2>&1; then
132        echo "Backup files in ${BACKUP_DIR}:"
133        ls -la "${BACKUP_DIR}"/wireguard-*.tar.gz
134        echo ""
135        echo "Total backup size: $(du -sh "${BACKUP_DIR}" | cut -f1)"
136        echo "Number of backups: $(ls "${BACKUP_DIR}"/wireguard-*.tar.gz 2>/dev/null | wc -l)"
137    else
138        echo "No backup files found in ${BACKUP_DIR}"
139    fi
140}
141
142# Show usage
143usage() {
144    cat << EOF
145WireGuard Backup Script
146
147Usage: $0 [command]
148
149Commands:
150  full          Create full backup (config + database)
151  config-only   Create configuration-only backup (exclude database)
152  rotate        Remove backups older than ${RETENTION_DAYS} days
153  list          List available backups
154  verify [file] Verify backup file integrity
155  help          Show this help message
156
157Examples:
158  $0 full
159  $0 config-only
160  $0 rotate
161  $0 list
162  $0 verify /docker/wireguard/backups/wireguard-full-20231201-120000.tar.gz
163
164Backup retention: ${RETENTION_DAYS} days
165Backup directory: ${BACKUP_DIR}
166EOF
167}
168
169# Main execution
170main() {
171    local command="${1:-help}"
172    
173    case "${command}" in
174        full)
175            create_full_backup
176            ;;
177        config-only)
178            create_config_backup
179            ;;
180        rotate)
181            rotate_backups
182            ;;
183        list)
184            list_backups
185            ;;
186        verify)
187            verify_backup "${2:-}"
188            ;;
189        help|*)
190            usage
191            ;;
192    esac
193}
194
195# Run main function with all arguments
196main "$@"

1#!/bin/bash 2# ============================================================================== 3# WireGuard Backup Script 4# ============================================================================== 5# 6# Description: Creates comprehensive backups of WireGuard configuration and data 7# Usage: ./wireguard-backup.sh [full|config-only|rotate] 8# 9# This script is automatically generated by Ansible - DO NOT EDIT MANUALLY 10# Template: wireguard-backup.sh.j2 11# 12# ============================================================================== 13 14set -euo pipefail 15 16# Configuration 17WG_CONFIG_DIR="{{ docker_base_path }}/wireguard/config" 18BACKUP_DIR="{{ docker_base_path }}/wireguard/backups" 19RETENTION_DAYS={{ backup_retention_days | default(7) }} 20LOG_FILE="/var/log/wireguard-backup.log" 21TIMESTAMP=$(date +%Y%m%d-%H%M%S) 22 23# Ensure directories exist 24mkdir -p "${BACKUP_DIR}" 25 26# Logging function 27log() { 28 echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "${LOG_FILE}" 29} 30 31# Error handling function 32error_exit() { 33 log "ERROR: $1" 34 exit 1 35} 36 37# Validate configuration directory 38validate_config() { 39 if [[ ! -d "${WG_CONFIG_DIR}" ]]; then 40 error_exit "WireGuard configuration directory not found: ${WG_CONFIG_DIR}" 41 fi 42 43 if [[ ! -f "${WG_CONFIG_DIR}/wg-easy.db" ]]; then 44 log "WARNING: WireGuard database file not found - continuing with config backup only" 45 fi 46} 47 48# Create full backup (config + database) 49create_full_backup() { 50 local backup_file="${BACKUP_DIR}/wireguard-full-${TIMESTAMP}.tar.gz" 51 52 log "Creating full WireGuard backup" 53 validate_config 54 55 # Create backup 56 tar -czf "${backup_file}" -C "${WG_CONFIG_DIR}" . 2>/dev/null || true 57 58 if [[ -f "${backup_file}" ]]; then 59 log "Full backup created: ${backup_file}" 60 echo "Backup size: $(du -h "${backup_file}" | cut -f1)" 61 echo "Backup contents: $(tar -tzf "${backup_file}" | wc -l) files" 62 else 63 error_exit "Failed to create full backup" 64 fi 65} 66 67# Create configuration-only backup 68create_config_backup() { 69 local backup_file="${BACKUP_DIR}/wireguard-config-${TIMESTAMP}.tar.gz" 70 71 log "Creating WireGuard configuration backup" 72 validate_config 73 74 # Backup only config files (exclude database) 75 tar -czf "${backup_file}" -C "${WG_CONFIG_DIR}" --exclude="*.db" --exclude="*.db-*" . 2>/dev/null || true 76 77 if [[ -f "${backup_file}" ]]; then 78 log "Configuration backup created: ${backup_file}" 79 echo "Backup size: $(du -h "${backup_file}" | cut -f1)" 80 else 81 error_exit "Failed to create configuration backup" 82 fi 83} 84 85# Rotate old backups 86rotate_backups() { 87 log "Rotating backups older than ${RETENTION_DAYS} days" 88 89 local files_removed=0 90 local space_freed=0 91 92 # Find and remove old backup files 93 find "${BACKUP_DIR}" -name "wireguard-*.tar.gz" -mtime +${RETENTION_DAYS} -print0 | while IFS= read -r -d '' file; do 94 local file_size=$(du -b "${file}" | cut -f1) 95 rm -f "${file}" 96 files_removed=$((files_removed + 1)) 97 space_freed=$((space_freed + file_size)) 98 log "Removed old backup: ${file}" 99 done 100 101 if [[ ${files_removed} -gt 0 ]]; then 102 log "Rotation complete: ${files_removed} files removed, $(numfmt --to=iec ${space_freed}) freed" 103 else 104 log "No old backups found for rotation" 105 fi 106} 107 108# Verify backup integrity 109verify_backup() { 110 local backup_file="${1}" 111 112 if [[ ! -f "${backup_file}" ]]; then 113 error_exit "Backup file not found: ${backup_file}" 114 fi 115 116 log "Verifying backup integrity: ${backup_file}" 117 118 # Test tar archive 119 if tar -tzf "${backup_file}" >/dev/null 2>&1; then 120 log "Backup verification successful" 121 echo "Backup contains: $(tar -tzf "${backup_file}" | wc -l) files" 122 else 123 error_exit "Backup verification failed - archive may be corrupt" 124 fi 125} 126 127# List available backups 128list_backups() { 129 log "Available WireGuard backups:" 130 131 if ls "${BACKUP_DIR}"/wireguard-*.tar.gz 1>/dev/null 2>&1; then 132 echo "Backup files in ${BACKUP_DIR}:" 133 ls -la "${BACKUP_DIR}"/wireguard-*.tar.gz 134 echo "" 135 echo "Total backup size: $(du -sh "${BACKUP_DIR}" | cut -f1)" 136 echo "Number of backups: $(ls "${BACKUP_DIR}"/wireguard-*.tar.gz 2>/dev/null | wc -l)" 137 else 138 echo "No backup files found in ${BACKUP_DIR}" 139 fi 140} 141 142# Show usage 143usage() { 144 cat << EOF 145WireGuard Backup Script 146 147Usage: $0 [command] 148 149Commands: 150 full Create full backup (config + database) 151 config-only Create configuration-only backup (exclude database) 152 rotate Remove backups older than ${RETENTION_DAYS} days 153 list List available backups 154 verify [file] Verify backup file integrity 155 help Show this help message 156 157Examples: 158 $0 full 159 $0 config-only 160 $0 rotate 161 $0 list 162 $0 verify /docker/wireguard/backups/wireguard-full-20231201-120000.tar.gz 163 164Backup retention: ${RETENTION_DAYS} days 165Backup directory: ${BACKUP_DIR} 166EOF 167} 168 169# Main execution 170main() { 171 local command="${1:-help}" 172 173 case "${command}" in 174 full) 175 create_full_backup 176 ;; 177 config-only) 178 create_config_backup 179 ;; 180 rotate) 181 rotate_backups 182 ;; 183 list) 184 list_backups 185 ;; 186 verify) 187 verify_backup "${2:-}" 188 ;; 189 help|*) 190 usage 191 ;; 192 esac 193} 194 195# Run main function with all arguments 196main "$@"