The following code snippet uses our https://github.com/pbkwee/s2i project to let you create a backup image of a Linux server, encrypt it, and then make it available for download (or transfer it directly to a remote server).
s2i requires PHP, and can make use of PHP’s built in HTTP server. You will need sufficient disk space on your VM image to create the download. The file is compressed, so the backup will typically be smaller than the disk space used on the VM.
wget -q -O s2i-create.sh 'https://raw.githubusercontent.com/pbkwee/s2i/main/s2i-create.sh'
bash s2i-create.sh --help
s2i-create.sh Creates a backup of a Linux server. It has options to let you download that via http (else you can scp it from the source). It has options to encrypt the backup file (e.g. via openssl or zip).
Usage: s2i-create.sh
--files (default to / )
--outputdir output directory [ /root/s2i.backup ]
--outputfile output file [ s2i.backup-dt ]
--outputextn output file extension [ gz | zip | gz.enc depending on encryption ]
--outputpath output file full path (overrides other output options)
--encrypt openssl (default if using --http) | zip (not so secure) | none (default if not using --http)
--password by default we will create a password for you. And use the same password each time the same outputdir is used. NA if encrypt==none.
--http (serve file on an http url)
--size output the size of the backup (without creating it or using any disk space)
--pipe output backup to a pipe. Can be used to directly transfer a backup to a separate server without creating an intermediary file on the server being backed up.
Put files/directories you wish to exclude in outputpath/exclude.log
By default the script will exclude directories including /proc /tmp /mnt /dev /sys /run /media
The default backup includes binary database files (if any, e.g. for postgres and mysql). You may prefer to exclude them, and run a database dump instead (e.g. per mysqlbackup.sh).
You can also stop database servers and other processes that may be updating files while you run this script.
If you use the --http option we will put the file on a URL that should be secret. However we still recommend you use one of the --encrypt options.
There is a backup.sh script that will let you run mysql database backups, prior to running s2i-create.sh
You can use Unix pipes to create a backup on a remote server without using much space for the backup on the source server.
Sample usage using pipes. On the server being backed up:
echo '/dont/backup/this/dir' > s2i.backup/exclude.log
nohup bash ./s2i-create.sh --outputdir s2i.backup --pipe
While this is running, go to the destination server:
ssh backupserver cat s2i.backup/pipe > s2i.backup.gz
Then use the s2i-restore.sh script if/when you need to overwrite a server image with a backup image.
The script will create the backup file and let you scp that to your remote host (encryption is optional here). It also provides an option to let you download that via a URL (in that case it would select an encryption option by default).
If you use the openssl encryption option you will need openssl. This is typically available on most Linux installs. There are also Windows binaries available, e.g. from https://curl.se/windows/
To ensure database consistency we recommend you stop the database server while the files are being copied. Alternatively you could create a database dump prior to creating the backup image.
The s2i project also has a restore.sh script that will overwrite a Linux server with the backup you had taken.