From 87eb4c1cb00a4f89de02e3882d6900395711d4bd Mon Sep 17 00:00:00 2001
From: Daniel Dolezal <d.dolezal97@protonmail.com>
Date: Tue, 27 Sep 2022 14:11:30 +0200
Subject: [PATCH] add borg backup to pfsense-backup script

---
 Dockerfile        |   6 ++-
 backup.sh         |  72 ----------------------------
 borgBackup.sh     |  53 +++++++++++++++++++++
 pfsense-backup.sh | 117 ++++++++++++++++++++++++++++++----------------
 4 files changed, 133 insertions(+), 115 deletions(-)
 delete mode 100755 backup.sh
 create mode 100644 borgBackup.sh

diff --git a/Dockerfile b/Dockerfile
index 63cb35f..6abca33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,11 +8,13 @@ ENV BACKUPNAME=router
 
 # Install packages
 RUN apk update ; apk upgrade
-RUN apk add --no-cache wget tzdata bash
+RUN apk add --no-cache wget tzdata bash bash-completion \
+borgbackup
+
 RUN rm -rf /var/cache/apk/*
 
 COPY pfsense-backup.sh /
-COPY backup.sh /
+COPY borgBackup.sh /
 
 VOLUME ["/data"]
 CMD ["/pfsense-backup.sh"]
diff --git a/backup.sh b/backup.sh
deleted file mode 100755
index 8225360..0000000
--- a/backup.sh
+++ /dev/null
@@ -1,72 +0,0 @@
-#!/bin/sh
-
-
-# function definition
-function do_backup()
-{
-  wget -qO- --keep-session-cookies --save-cookies cookies.txt \
-    --no-check-certificate ${url}/diag_backup.php \
-    | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf.txt
-
-  wget -qO- --keep-session-cookies --load-cookies cookies.txt \
-    --save-cookies cookies.txt --no-check-certificate \
-    --post-data "login=Login&usernamefld=${PFSENSE_USER}&passwordfld=${PFSENSE_PASS}&__csrf_magic=$(cat csrf.txt)" \
-    ${url}/diag_backup.php  | grep "name='__csrf_magic'" \
-    | sed 's/.*value="\(.*\)".*/\1/' > csrf2.txt
-
-  wget --keep-session-cookies --load-cookies cookies.txt --no-check-certificate \
-    --post-data "download=download${getrrd}&__csrf_magic=$(head -n 1 csrf2.txt)" \
-    ${url}/diag_backup.php -q -O ${destination}/config-${BACKUPNAME}-${timestamp}.xml
-  return_value=$?
-  if [ $return_value -eq 0 ]; then
-    echo "Backup saved as ${destination}/config-${BACKUPNAME}-${timestamp}.xml"
-  else
-    echo "Backup failed"
-    exit 1
-  fi
-
-  rm cookies.txt csrf.txt csrf2.txt
-}
-
-# main execution
-# check for required parameters
-errors=0
-if [ -z "$PFSENSE_IP" ]; then echo "Must provide PFSENSE_IP" ; errors=$(($errors + 1)) ; fi
-if [ -z "$PFSENSE_USER" ]; then echo "Must provide PFSENSE_USER" ; errors=$(($errors + 1)); fi
-if [ -z "$PFSENSE_PASS" ]; then echo "Must provide PFSENSE_PASS" ; errors=$(($errors + 1)); fi
-if [ -z "$PFSENSE_SCHEME" ]; then echo "Must provide PFSENSE_SCHEME" ; errors=$(($errors + 1)); fi
-if [ -z "$BACKUPNAME" ]; then BACKUPNAME=$PFSENSE_IP; fi
-if [ $errors -ne 0 ]; then exit 1; fi
-
-# check for optional parameters
-if [ -z "$PFSENSE_CRON_SCHEDULE" ]; then cron=0 ; else cron=1 ; fi
-if [ -z "$PFSENSE_BACK_UP_RRD_DATA" ]; then
-  getrrd=""
-else
-  if [ "$PFSENSE_BACK_UP_RRD_DATA" == "0" ] ; then
-    getrrd="&donotbackuprrd=yes"
-  else
-    getrrd=""
-  fi
-fi
-if [ -z "$PFSENSE_BACKUP_DESTINATION_DIR" ]; then
-  destination="/data"
-else
-  destination="$PFSENSE_BACKUP_DESTINATION_DIR"
-fi
-
-# set up variables
-url=${PFSENSE_SCHEME}://${PFSENSE_IP}
-timestamp=$(date +%Y%m%d%H%M%S)
-
-do_backup
-if [ ! -z $keepfiles ]; then
- remove=$(ls -d -1tr $destination/*.xml | tail -n +$keepfiles | head -n1)
- if [ ! -z $remove ]; then
-  del=$(ls $destination/*.xml | head -n -$keepfiles)
-  if [ ! -z $del ]; then
-   rm -f $del
-   echo "Backup removed at $del"
-  fi
- fi
-fi
diff --git a/borgBackup.sh b/borgBackup.sh
new file mode 100644
index 0000000..fd5f3cb
--- /dev/null
+++ b/borgBackup.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+function create_borg_backup {
+  # $1 = ARCHIVE NAME
+  # $2 = FOLDER TO BACKUP
+  local ARCHIVE_NAME="$1"
+  local FOLDER_TO_BACKUP="$2"
+
+  if [ -z "$ARCHIVE_NAME" ]; then
+    echo "No archive name provided"
+    return 1
+  fi
+  if [ -z "$FOLDER_TO_BACKUP" ]; then
+    echo "No folder to backup provided"
+    return 1
+  fi
+  if [ -z "$BORG_CREATE_PARAMS" ]; then
+    echo "No borg create params provided"
+    return 1
+  fi
+
+  wait_for_borg_backup_done
+  echo "Creating Borg Backup from $FOLDER_TO_BACKUP into the Archive: $ARCHIVE_NAME"
+  borg create "${BORG_CREATE_PARAMS[@]}" "$BORG_REPO"::"$ARCHIVE_NAME-{now:%d.%m.%Y_%H:%M}" "$FOLDER_TO_BACKUP"
+}
+
+function purge_borg_backup {
+  # $1 = ARCHIVE NAME
+  local ARCHIVE_NAME="$1"
+
+  if [ -z "$ARCHIVE_NAME" ]; then
+    echo "No archive name provided"
+    return 1
+  fi
+  if [ -z "$BORG_PRUNE_PARAMS" ]; then
+    echo "No borg purge params provided"
+    return 1
+  fi
+
+  wait_for_borg_backup_done
+  echo "Purging Borg Backup Archive: $ARCHIVE_NAME"
+  borg prune -a "$ARCHIVE_NAME-*" "${BORG_PRUNE_PARAMS[@]}"
+}
+
+function wait_for_borg_backup_done {
+  local text_output=1
+  while pidof -x borg >/dev/null; do
+    if [ $text_output -eq 1 ]; then
+      echo "Borg already running, waiting that it finishes..."
+      text_output=0
+    fi
+    sleep 10
+  done
+}
\ No newline at end of file
diff --git a/pfsense-backup.sh b/pfsense-backup.sh
index ac4094b..f6871a5 100755
--- a/pfsense-backup.sh
+++ b/pfsense-backup.sh
@@ -1,8 +1,52 @@
 #!/bin/sh
+source "/borgBackup.sh"
 
 # function definition
-function do_backup()
-{
+function check_pfSense_vars_set() {
+  if [ -z "$PFSENSE_IP" ]; then echo "Must provide PFSENSE_IP" ; errors=$(($errors + 1)) ; fi
+  if [ -z "$PFSENSE_USER" ]; then echo "Must provide PFSENSE_USER" ; errors=$(($errors + 1)); fi
+  if [ -z "$PFSENSE_PASS" ]; then echo "Must provide PFSENSE_PASS" ; errors=$(($errors + 1)); fi
+  if [ -z "$PFSENSE_SCHEME" ]; then echo "Must provide PFSENSE_SCHEME" ; errors=$(($errors + 1)); fi
+  if [ -z "$BACKUPNAME" ]; then BACKUPNAME=$PFSENSE_IP; fi
+}
+
+function check_pfSense_optional_vars() {
+  if [ -z "$PFSENSE_CRON_SCHEDULE" ]; then cron=0 ; else cron=1 ; fi
+  if [ -z "$PFSENSE_BACK_UP_RRD_DATA" ]; then
+    getrrd=""
+  else
+    if [ "$PFSENSE_BACK_UP_RRD_DATA" == "0" ] ; then
+      getrrd="&donotbackuprrd=yes"
+    else
+      getrrd=""
+    fi
+  fi
+  if [ -z "$PFSENSE_BACKUP_DESTINATION_DIR" ]; then
+    destination="/data"
+  else
+    destination="$PFSENSE_BACKUP_DESTINATION_DIR"
+  fi
+}
+
+function check_borg_backup_vars() {
+  if [ ! -z "$BORG_BACKUP_TRUE" ]; then
+    if [ "$BORG_REPO" ]; then echo "Musst provice BORG_REPO"; errors=$(($errors + 1)); fi
+    if [ "$BORG_CREATE_PARAMS" ]; then echo "Musst provice BORG_CREATE_PARAMS"; errors=$(($errors + 1)); fi
+    if [ "$BORG_PRUNE_PARAMS" ]; then echo "Musst provice BORG_PRUNE_PARAMS"; errors=$(($errors + 1)); fi
+  fi
+}
+
+function load_crontab_when_exists_or_create() {
+  if [ -f "$destination/crontab.txt" ]; then
+    crontab "$destination/crontab.txt"
+  else
+    echo "$PFSENSE_CRON_SCHEDULE FROM_CRON=1 /pfsense-backup.sh" >> "$destination/crontab.txt"
+    crontab "$destination/crontab.txt"
+  fi
+  crond -f
+}
+
+function do_backup() {
   wget -qO- --keep-session-cookies --save-cookies cookies.txt \
     --no-check-certificate ${url}/diag_backup.php \
     | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf.txt
@@ -27,32 +71,38 @@ function do_backup()
   rm cookies.txt csrf.txt csrf2.txt
 }
 
+function run_backups() {
+  do_backup
+  if [ ! -z "$BORG_BACKUP_TRUE" ]; then
+    create_borg_backup "$BACKUPNAME" "${destination}/config-${BACKUPNAME}-${timestamp}.xml"
+    purge_borg_backup "$BACKUPNAME"
+  fi
+}
+
+function cleanup_old_backups_when_set() {
+  if [ ! -z $keepfiles ]; then
+    remove=$(ls -d -1tr $destination/*.xml | tail -n +$keepfiles | head -n1)
+    if [ ! -z $remove ]; then
+      del=$(ls $destination/*.xml | head -n -$keepfiles)
+      if [ ! -z $del ]; then
+        rm -f $del
+        echo "Backup removed at $del"
+      fi
+    fi
+  fi
+}
+
 # main execution
 # check for required parameters
 errors=0
-if [ -z "$PFSENSE_IP" ]; then echo "Must provide PFSENSE_IP" ; errors=$(($errors + 1)) ; fi
-if [ -z "$PFSENSE_USER" ]; then echo "Must provide PFSENSE_USER" ; errors=$(($errors + 1)); fi
-if [ -z "$PFSENSE_PASS" ]; then echo "Must provide PFSENSE_PASS" ; errors=$(($errors + 1)); fi
-if [ -z "$PFSENSE_SCHEME" ]; then echo "Must provide PFSENSE_SCHEME" ; errors=$(($errors + 1)); fi
-if [ -z "$BACKUPNAME" ]; then BACKUPNAME=$PFSENSE_IP; fi
+check_pfSense_vars_set
 if [ $errors -ne 0 ]; then exit 1; fi
 
 # check for optional parameters
-if [ -z "$PFSENSE_CRON_SCHEDULE" ]; then cron=0 ; else cron=1 ; fi
-if [ -z "$PFSENSE_BACK_UP_RRD_DATA" ]; then
-  getrrd=""
-else
-  if [ "$PFSENSE_BACK_UP_RRD_DATA" == "0" ] ; then
-    getrrd="&donotbackuprrd=yes"
-  else
-    getrrd=""
-  fi
-fi
-if [ -z "$PFSENSE_BACKUP_DESTINATION_DIR" ]; then
-  destination="/data"
-else
-  destination="$PFSENSE_BACKUP_DESTINATION_DIR"
-fi
+check_pfSense_optional_vars
+
+# borg backups vars set
+check_borg_backup_vars
 
 # set up variables
 url=${PFSENSE_SCHEME}://${PFSENSE_IP}
@@ -60,26 +110,11 @@ timestamp=$(date +%Y%m%d%H%M%S)
 
 if [ $cron -eq 1 ]; then
   if [ -z "$FROM_CRON" ]; then
-    if [ -f $destination/crontab.txt ]; then
-     crontab $destination/crontab.txt
-    else
-     echo "$PFSENSE_CRON_SCHEDULE FROM_CRON=1 /pfsense-backup.sh" >> $destination/crontab.txt
-     crontab $destination/crontab.txt
-    fi
-    crond -f
+    load_crontab_when_exists_or_create
   else
-   do_backup
-   if [ ! -z $keepfiles ]; then
-    remove=$(ls -d -1tr $destination/*.xml | tail -n +$keepfiles | head -n1)
-    if [ ! -z $remove ]; then
-     del=$(ls $destination/*.xml | head -n -$keepfiles)
-     if [ ! -z $del ]; then
-      rm -f $del
-      echo "Backup removed at $del"
-     fi
-    fi
-   fi
+    run_backups
+    cleanup_old_backups_when_set
   fi
 else
-  do_backup
+  run_backups
 fi