From ee7778973ebfd9b0974a64500a00eeb4f71bc39e Mon Sep 17 00:00:00 2001 From: Martijn Heemels Date: Wed, 3 Sep 2014 12:07:35 +0200 Subject: [PATCH 1/2] Allow skipping of deletion phase. when SKIP_DELETE is to true the script only writes new backups and creates new buckets. [SYSPRJ-36] No attempts are made to delete data from S3. Set this to true when the credentials you provide don't have the rights to perform deletions. This is a handy way to prevent disaster should someone malicious gain access to them. With correctly restricted IAM permissions they won't be able to delete existing backups. You'll need to use a separate server and credentials to purge old backups. --- settings-sample.rb | 9 +++++++++ simple-s3-backup.rb | 12 +++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/settings-sample.rb b/settings-sample.rb index 548401c..4bfa462 100644 --- a/settings-sample.rb +++ b/settings-sample.rb @@ -17,6 +17,15 @@ # use SSL to transmit backups to S3 (a good idea) USE_SSL = true +# LIMIT PRIVILEGES +# * Limits actions to only write new backups and create new buckets. No attempts are made to +# delete data from S3. Set this to true when the credentials you provide don't have the +# rights to perform deletions. This is a handy way to prevent disaster should someone +# malicious gain access to them. With correctly restricted IAM permissions they won't be +# able to delete existing backups. Use a separate server and credentials to purge old backups. +# (default is false) +SKIP_DELETE = false + # CREATE AWS/S3 CONNECTION AWS::S3::Base.establish_connection!( :access_key_id => '*** YOUR CREDENTIALS HERE ***', diff --git a/simple-s3-backup.rb b/simple-s3-backup.rb index 172cdbf..c586422 100755 --- a/simple-s3-backup.rb +++ b/simple-s3-backup.rb @@ -108,8 +108,10 @@ # Remove tmp directory FileUtils.remove_dir full_tmp_path -# Now, clean up unwanted archives -cutoff_date = Time.now.utc.to_i - (DAYS_OF_ARCHIVES * 86400) -bucket.objects.select{ |o| o.last_modified.to_i < cutoff_date }.each do |f| - S3Object.delete(f.key, S3_BUCKET) -end +# Now, clean up unwanted archives, if allowed +unless SKIP_DELETE + cutoff_date = Time.now.utc.to_i - (DAYS_OF_ARCHIVES * 86400) + bucket.objects.select{ |o| o.last_modified.to_i < cutoff_date }.each do |f| + S3Object.delete(f.key, S3_BUCKET) + end +end \ No newline at end of file From 6f68dc97452b64662b5d3c1472c41515af7427cf Mon Sep 17 00:00:00 2001 From: Martijn Heemels Date: Tue, 8 Sep 2015 10:46:31 +0200 Subject: [PATCH 2/2] Skip 'lost+found' db because it's not a real db but an artifact of putting the datadir on its own volume with ext3/4 fs. Trying to export this non-existent db breaks the script. --- simple-s3-backup.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/simple-s3-backup.rb b/simple-s3-backup.rb index c586422..71ea80d 100755 --- a/simple-s3-backup.rb +++ b/simple-s3-backup.rb @@ -36,6 +36,7 @@ connection = Sequel.mysql nil, :user => MYSQL_USER, :password => MYSQL_PASS, :host => 'localhost', :encoding => 'utf8' @databases = connection['show databases;'].collect { |db| db[:Database] } @databases.delete("performance_schema") # Remove this db from the list, since it makes no sense to back up and causes some errors with --events. + @databases.delete("#mysql50#lost+found") # Skip this db since backup would fail. Not a real db but artifact of putting the MySQL datadir on own volume with ext3/4 fs. elsif defined?(MYSQL_DBS) @databases = MYSQL_DBS end