Coder Social home page Coder Social logo

borg-scripts's Introduction

borg-scripts

These scripts make a lot of assumptions:

  1. Your server is configured for SSH key access
  2. Your user is able to SSH to that server without the need for any password.
  3. Your backups are stored in the home directory of the connecting user
  • It also assumes the backups directory/repo is called 'backups'
  1. You are using a Mac as the client
  • I don't believe the host matters to these scripts.

This is an attempt at automating the initialization, creation, and execution of borg backups to a remote server with per-user repos and encryption. This also takes into account that the password/keys are backed up in the encrypted backup and are lost if the client is lost and the user doesn't know the password, which in this case, they won't since it's created for them randomly. The passgen script will sideload a file with the password that you can then escrow. I wrote it to be picked up by a Jamf Pro Extension Attribute for use in my environment.

These scripts/methods have been working in production in my environment since Janurary 2018.

  • borg_setup
    • This is a big one. It creates the user's LaunchAgents for passgen and init and hourly.
    • borg_passgen is called at load of it's LaunchAgent, which is destroyed after 30 seconds.
    • borg_init is called at load of it's LaunchAgent, which is destroyed after 30 seconds.
    • borg_hourly's LaunchAgent is created, then loaded. It is not destroyed.
    • This MUST be run either by hand (bash borg_setup) or uploaded to the JSS. It will not work correctly if ran as a 'process' via a policy.
  • borg_passgen is ran once with a LaunchAgent from borg_setup
    • it assumes the correct person is logged in, and stores the password in their keychain and in .borgpass.
    • it assumes the user on the client is also a user on the server (LDAP, AD, whatever.)
  • borg_init is ran once with a LaunchAgent from borg_setup
    • this needs to pull things out of the user's keychain. easiest way is if that user is running the script.
  • borg_backup is ran hourly with a user LaunchAgent
    • it keeps one daily backup for 7 days, one weekly for 4 weeks, and one monthly for 6 months.
    • It does not keep hourly for the day, it only keeps the most recent hourly.

borg-scripts's People

Contributors

krispayne avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

hrishikeshvganu

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.