| Commit message (Collapse) | Author | Age | Lines |
|
|
|
|
|
|
|
| |
Technically the quotes here should not be needed, but shellcheck still
emits an error for them (see [1]). Quoting doesn't hurt here, so just do
that.
[1] https://github.com/koalaman/shellcheck/issues/2443
|
|
|
|
|
|
|
|
|
| |
lifeboat runs with 'set -e', meaning it stops executing whenever a
command invoked by it fails. This means that the entire script stops if
rclone fails - potentially ignoring future sync targets.
Make sure we catch any failure on rclone's side so the script can
continue.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The check command does not verify the actual pack files by default,
since restic needs to read each one and the repository may be hosted on
a cloud repository where downloads are expensive.
Since we are working with local repositories, checking for integrity is
not that expensive. However, to ease the daily burden, use the
--read-data-subset option to check only a random 10% of the repository.
After a couple of weeks, then, we can be reasonably sure that, if no
errors were raised, the repository is still intact.
|
|
|
|
|
|
| |
Currently, multiple backups on the same host are hard to identify, so
print out the repo name instead of the hostname (which is visible in the
From header anyway).
|
|
|
|
|
|
|
|
|
| |
The service unit is based on lifeboat defaults and will make sure that
restic-priv can be invoked with CAP_DAC_READ_SEARCH whilst locking down
other forms of privilege escalation.
The timer is mostly for convenient overriding in lifeboat@.timer.d/. We
expect users to adjust this as necessary for their purposes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the 'run-report' command and a new config file
'config/recipient' which indicates the recipient of the report.
Since lifeboat was always intended to be run via a cronjob, we assumed
mail functionality would come from the specific crond implementation.
This is well-supported throughout, but not a feature that systemd's
timers (yet?) have. Since one of our systems is now running systemd, we
needed a decent alternative.
A wrapper script was considered, but at that point we could also just as
simply include mail support in lifeboat itself. We have chosen to
implement this by calling out to sendmail, which seems to be a de-facto
standard (postfix has sendmail compatibility, as does msmtp). It should
be available on a wide range of systems.
For now, hardcode the message headers and send mail to one recipient
only. Set the X-Report header for simple filtering by mail clients.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In sync_default, we test whether the config/sync file exists before
reading from it. If it does not exist, we return from the function using
the exit status of the last command (test), which in this case is 1.
For default setups that do not specify a config/sync file, this will
lead to the script as a whole exiting unsuccessfully even though no
error occurred. Make sure to set the exit status to 0 in order to signal
successful completion of the sync task.
Reported-by: Jan Rathner <jarainf@freenode>
|
| |
|
|
|
|
|
| |
The command must not have completed successfully if usage() was called,
so indicate this to the user as well.
|
| |
|
|
|
|
|
|
|
|
|
| |
sync_default() suffers from needlessly complicated logic in its
threshold test. Join the two if clauses together and skip targets
cleanly by using `continue` instead.
Where possible, use OR lists instead of if clauses and also inline the
whole sync_single() function, which was only called from here.
|
|
|
|
|
| |
Instead of using another variable name to refer to the value of
LIFEBOAT_ROOT or its default, use LIFEBOAT_ROOT directly.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
When before lifeboat was expecting the user to populate the run, post,
and sync scripts, now it includes a sane default for each step of the
backup process, making deployments much more simple.
The post script was split up into retain and clean.
|
| |
|
| |
|
| |
|
| |
|
|
|