This is some script to make an encrypted backup of your (wiki) data and send it out via email (encrypted backup will be attached).
The email will contain short instructions how to decrypt and unpack the backup, also the date when the backup started.
Requirements:
- Linux or other Posix OS
- tar / gzip
- gpg (with the public key of RECIPIENT installed)
- mutt
- and of course you must be able to send mail from the server to the MAILTO address
After installing and successfully receiving some backup via email, please make sure you can decrypt and unpack it! Also make sure it really contains the correct data you wanted to have backupped.
Also make sure that you have stored your private key at a secure place and it is protected by a good pass phrase.
In case you lose passphrase or your private key gets out of your hands, make sure to have a revocation certificate, too.
![/!\](/moin_static19/modernized/img/alert.png "/!\")
You won't be able to use those encrypted backups if you lose passphrase or your private key!
#wikibackup - make encrypted backup of a wiki and send it via ftp or email RECIPIENT=gpgkeyowner@somewhere.net MAILTO=$RECIPIENT DATE=`date +%Y-%m-%d` FNAME=wikibackup-$DATE.tgz WIKIDIR=/where/your/wiki/data/is # -not -type d --> do not find directories or tar will double archive stuff [ "$1" == "full" ] && FINDOPTS="-not -type d" # find everything [ "$1" == "incremental" ] && FINDOPTS="-not -type d -and -mtime -2" # finds files changed in the last 2 days cd $WIKIDIR # Avoid saving the unencrypted data on the filesystem by using pipes: # if the key isn't signed, use --trust-model always find . $FINDOPTS | tar cz -T - -f - | gpg --encrypt --armor --trust-model always --recipient $RECIPIENT --output $FNAME.asc # FTP backup on a remote server ftp -n <<EOF open ftp.example.org user backupuser backuppass binary cd backups put $FNAME.asc bye EOF rm $FNAME.asc 2>/dev/null exit # alternatively, you can send it via email: mutt -s "Wiki Backup" -a $FNAME.asc $MAILTO <<EOF This is a backup of your wiki made at $DATE. To use it, do this: Windows ======= Save the attachment ($FNAME.asc). Decrypt it, using GPG or PGP. Unpack the resulting file ($FNAME) with WinZip, 7zip, WinRar or another program capable of extracting a .tgz (.tar.gz) archive. Linux ===== Save the attachment. gpg --decrypt $FNAME.asc tar xzf $FNAME EOF
You can use this /etc/cron.d/wikibackup file:
SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # m h dom mon dow user command # monday full backup 45 23 * * 1 root /path/to/wikibackup full # tuesday .. sunday incremental backup 45 23 * * 2-7 root /path/to/wikibackup incremental