diff --git a/settings-sample.rb b/settings-sample.rb index 548401c..4bfa462 100644 --- a/settings-sample.rb +++ b/settings-sample.rb @@ -17,6 +17,15 @@ # use SSL to transmit backups to S3 (a good idea) USE_SSL = true +# LIMIT PRIVILEGES +# * Limits actions to only write new backups and create new buckets. No attempts are made to +# delete data from S3. Set this to true when the credentials you provide don't have the +# rights to perform deletions. This is a handy way to prevent disaster should someone +# malicious gain access to them. With correctly restricted IAM permissions they won't be +# able to delete existing backups. Use a separate server and credentials to purge old backups. +# (default is false) +SKIP_DELETE = false + # CREATE AWS/S3 CONNECTION AWS::S3::Base.establish_connection!( :access_key_id => '*** YOUR CREDENTIALS HERE ***', diff --git a/simple-s3-backup.rb b/simple-s3-backup.rb index 172cdbf..71ea80d 100755 --- a/simple-s3-backup.rb +++ b/simple-s3-backup.rb @@ -36,6 +36,7 @@ connection = Sequel.mysql nil, :user => MYSQL_USER, :password => MYSQL_PASS, :host => 'localhost', :encoding => 'utf8' @databases = connection['show databases;'].collect { |db| db[:Database] } @databases.delete("performance_schema") # Remove this db from the list, since it makes no sense to back up and causes some errors with --events. + @databases.delete("#mysql50#lost+found") # Skip this db since backup would fail. Not a real db but artifact of putting the MySQL datadir on own volume with ext3/4 fs. elsif defined?(MYSQL_DBS) @databases = MYSQL_DBS end @@ -108,8 +109,10 @@ # Remove tmp directory FileUtils.remove_dir full_tmp_path -# Now, clean up unwanted archives -cutoff_date = Time.now.utc.to_i - (DAYS_OF_ARCHIVES * 86400) -bucket.objects.select{ |o| o.last_modified.to_i < cutoff_date }.each do |f| - S3Object.delete(f.key, S3_BUCKET) -end +# Now, clean up unwanted archives, if allowed +unless SKIP_DELETE + cutoff_date = Time.now.utc.to_i - (DAYS_OF_ARCHIVES * 86400) + bucket.objects.select{ |o| o.last_modified.to_i < cutoff_date }.each do |f| + S3Object.delete(f.key, S3_BUCKET) + end +end \ No newline at end of file