PageRenderTime 106ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 1ms

/management/backup.py

https://gitlab.com/oytunistrator/mailinabox
Python | 176 lines | 117 code | 24 blank | 35 comment | 19 complexity | f8db4466529349fad334795ed74b92cb MD5 | raw file
    

  1. #!/usr/bin/python3
    2. 

  2. 

  3. # This script performs a backup of all user data:
    4. 

  4. # 1) System services are stopped while a copy of user data is made.
    5. 

  5. # 2) An incremental backup is made using duplicity into the
    6. 

  6. #    directory STORAGE_ROOT/backup/duplicity.
    7. 

  7. # 3) The stopped services are restarted.
    8. 

  8. # 4) The backup files are encrypted with a long password (stored in
    9. 

  9. #    backup/secret_key.txt) to STORAGE_ROOT/backup/encrypted.
    10. 

  10. # 5) STORAGE_ROOT/backup/after-backup is executd if it exists.
    11. 

  11. 

  12. import os, os.path, shutil, glob, re, datetime
    13. 

  13. import dateutil.parser, dateutil.relativedelta, dateutil.tz
    14. 

  14. 

  15. from utils import exclusive_process, load_environment, shell
    16. 

  16. 

  17. # settings
    18. 

  18. keep_backups_for = "31D" # destroy backups older than 31 days except the most recent full backup
    19. 

  19. 

  20. def backup_status(env):
    21. 

  21. 	# What is the current status of backups?
    22. 

  22. 	# Loop through all of the files in STORAGE_ROOT/backup/duplicity to
    23. 

  23. 	# get a list of all of the backups taken and sum up file sizes to
    24. 

  24. 	# see how large the storage is.
    25. 

  25. 

  26. 	now = datetime.datetime.now(dateutil.tz.tzlocal())
    27. 

  27. 	def reldate(date):
    28. 

  28. 		rd = dateutil.relativedelta.relativedelta(now, date)
    29. 

  29. 		if rd.days >= 7: return "%d days" % rd.days
    30. 

  30. 		if rd.days > 1: return "%d days, %d hours" % (rd.days, rd.hours)
    31. 

  31. 		if rd.days == 1: return "%d day, %d hours" % (rd.days, rd.hours)
    32. 

  32. 		return "%d hours, %d minutes" % (rd.hours, rd.minutes)
    33. 

  33. 

  34. 	backups = { }
    35. 

  35. 	basedir = os.path.join(env['STORAGE_ROOT'], 'backup/duplicity/')
    36. 

  36. 	encdir = os.path.join(env['STORAGE_ROOT'], 'backup/encrypted/')
    37. 

  37. 	for fn in os.listdir(basedir):
    38. 

  38. 		m = re.match(r"duplicity-(full|full-signatures|(inc|new-signatures)\.(?P<incbase>\d+T\d+Z)\.to)\.(?P<date>\d+T\d+Z)\.", fn)
    39. 

  39. 		if not m: raise ValueError(fn)
    40. 

  40. 

  41. 		key = m.group("date")
    42. 

  42. 		if key not in backups:
    43. 

  43. 			date = dateutil.parser.parse(m.group("date"))
    44. 

  44. 			backups[key] = {
    45. 

  45. 				"date": m.group("date"),
    46. 

  46. 				"date_str": date.strftime("%x %X"),
    47. 

  47. 				"date_delta": reldate(date),
    48. 

  48. 				"full": m.group("incbase") is None,
    49. 

  49. 				"previous": m.group("incbase") is None,
    50. 

  50. 				"size": 0,
    51. 

  51. 				"encsize": 0,
    52. 

  52. 			}
    53. 

  53. 

  54. 		backups[key]["size"] += os.path.getsize(os.path.join(basedir, fn))
    55. 

  55. 

  56. 		# Also check encrypted size.
    57. 

  57. 		encfn = os.path.join(encdir, fn + ".enc")
    58. 

  58. 		if os.path.exists(encfn):
    59. 

  59. 			backups[key]["encsize"] += os.path.getsize(encfn)
    60. 

  60. 

  61. 	backups = sorted(backups.values(), key = lambda b : b["date"], reverse=True)
    62. 

  62. 

  63. 	return {
    64. 

  64. 		"directory": basedir,
    65. 

  65. 		"encpwfile": os.path.join(env['STORAGE_ROOT'], 'backup/secret_key.txt'),
    66. 

  66. 		"encdirectory": encdir,
    67. 

  67. 		"tz": now.tzname(),
    68. 

  68. 		"backups": backups,
    69. 

  69. 	}
    70. 

  70. 

  71. def perform_backup(full_backup):
    72. 

  72. 	env = load_environment()
    73. 

  73. 

  74. 	exclusive_process("backup")
    75. 

  75. 

  76. 	# Ensure the backup directory exists.
    77. 

  77. 	backup_dir = os.path.join(env["STORAGE_ROOT"], 'backup')
    78. 

  78. 	backup_duplicity_dir = os.path.join(backup_dir, 'duplicity')
    79. 

  79. 	os.makedirs(backup_duplicity_dir, exist_ok=True)
    80. 

  80. 

  81. 	# On the first run, always do a full backup. Incremental
    82. 

  82. 	# will fail.
    83. 

  83. 	if len(os.listdir(backup_duplicity_dir)) == 0:
    84. 

  84. 		full_backup = True
    85. 

  85. 	else:
    86. 

  86. 		# When the size of incremental backups exceeds the size of existing
    87. 

  87. 		# full backups, take a new full backup. We want to avoid full backups
    88. 

  88. 		# because they are costly to synchronize off-site.
    89. 

  89. 		full_sz = sum(os.path.getsize(f) for f in glob.glob(backup_duplicity_dir + '/*-full.*'))
    90. 

  90. 		inc_sz = sum(os.path.getsize(f) for f in glob.glob(backup_duplicity_dir + '/*-inc.*'))
    91. 

  91. 		# (n.b. not counting size of new-signatures files because they are relatively small)
    92. 

  92. 		if inc_sz > full_sz * 1.5:
    93. 

  93. 			full_backup = True
    94. 

  94. 

  95. 	# Stop services.
    96. 

  96. 	shell('check_call', ["/usr/sbin/service", "dovecot", "stop"])
    97. 

  97. 	shell('check_call', ["/usr/sbin/service", "postfix", "stop"])
    98. 

  98. 

  99. 	# Update the backup mirror directory which mirrors the current
    100. 

  100. 	# STORAGE_ROOT (but excluding the backups themselves!).
    101. 

  101. 	try:
    102. 

  102. 		shell('check_call', [
    103. 

  103. 			"/usr/bin/duplicity",
    104. 

  104. 			"full" if full_backup else "incr",
    105. 

  105. 			"--no-encryption",
    106. 

  106. 			"--archive-dir", "/tmp/duplicity-archive-dir",
    107. 

  107. 			"--name", "mailinabox",
    108. 

  108. 			"--exclude", backup_dir,
    109. 

  109. 			"--volsize", "100",
    110. 

  110. 			"--verbosity", "warning",
    111. 

  111. 			env["STORAGE_ROOT"],
    112. 

  112. 			"file://" + backup_duplicity_dir
    113. 

  113. 			])
    114. 

  114. 	finally:
    115. 

  115. 		# Start services again.
    116. 

  116. 		shell('check_call', ["/usr/sbin/service", "dovecot", "start"])
    117. 

  117. 		shell('check_call', ["/usr/sbin/service", "postfix", "start"])
    118. 

  118. 

  119. 	# Remove old backups. This deletes all backup data no longer needed
    120. 

  120. 	# from more than 31 days ago. Must do this before destroying the
    121. 

  121. 	# cache directory or else this command will re-create it.
    122. 

  122. 	shell('check_call', [
    123. 

  123. 		"/usr/bin/duplicity",
    124. 

  124. 		"remove-older-than",
    125. 

  125. 		keep_backups_for,
    126. 

  126. 		"--archive-dir", "/tmp/duplicity-archive-dir",
    127. 

  127. 		"--name", "mailinabox",
    128. 

  128. 		"--force",
    129. 

  129. 		"--verbosity", "warning",
    130. 

  130. 		"file://" + backup_duplicity_dir
    131. 

  131. 		])
    132. 

  132. 

  133. 	# Remove duplicity's cache directory because it's redundant with our backup directory.
    134. 

  134. 	shutil.rmtree("/tmp/duplicity-archive-dir")
    135. 

  135. 

  136. 	# Encrypt all of the new files.
    137. 

  137. 	backup_encrypted_dir = os.path.join(backup_dir, 'encrypted')
    138. 

  138. 	os.makedirs(backup_encrypted_dir, exist_ok=True)
    139. 

  139. 	for fn in os.listdir(backup_duplicity_dir):
    140. 

  140. 		fn2 = os.path.join(backup_encrypted_dir, fn) + ".enc"
    141. 

  141. 		if os.path.exists(fn2): continue
    142. 

  142. 

  143. 		# Encrypt the backup using the backup private key.
    144. 

  144. 		shell('check_call', [
    145. 

  145. 			"/usr/bin/openssl",
    146. 

  146. 			"enc",
    147. 

  147. 			"-aes-256-cbc",
    148. 

  148. 			"-a",
    149. 

  149. 			"-salt",
    150. 

  150. 			"-in", os.path.join(backup_duplicity_dir, fn),
    151. 

  151. 			"-out", fn2,
    152. 

  152. 			"-pass", "file:%s" % os.path.join(backup_dir, "secret_key.txt"),
    153. 

  153. 			])
    154. 

  154. 

  155. 		# The backup can be decrypted with:
    156. 

  156. 		# openssl enc -d -aes-256-cbc -a -in latest.tgz.enc -out /dev/stdout -pass file:secret_key.txt | tar -z
    157. 

  157. 

  158. 	# Remove encrypted backups that are no longer needed.
    159. 

  159. 	for fn in os.listdir(backup_encrypted_dir):
    160. 

  160. 		fn2 = os.path.join(backup_duplicity_dir, fn.replace(".enc", ""))
    161. 

  161. 		if os.path.exists(fn2): continue
    162. 

  162. 		os.unlink(os.path.join(backup_encrypted_dir, fn))
    163. 

  163. 

  164. 	# Execute a post-backup script that does the copying to a remote server.
    165. 

  165. 	# Run as the STORAGE_USER user, not as root. Pass our settings in
    166. 

  166. 	# environment variables so the script has access to STORAGE_ROOT.
    167. 

  167. 	post_script = os.path.join(backup_dir, 'after-backup')
    168. 

  168. 	if os.path.exists(post_script):
    169. 

  169. 		shell('check_call',
    170. 

  170. 			['su', env['STORAGE_USER'], '-c', post_script],
    171. 

  171. 			env=env)
    172. 

  172. 

  173. if __name__ == "__main__":
    174. 

  174. 	import sys
    175. 

  175. 	full_backup = "--full" in sys.argv
    176. 

  176. 	perform_backup(full_backup)
    177. 

  177.