diff --git a/README.md b/README.md index 57745c4..15cc48a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ ![Ubiquiti Unifi Dream Machine Backup to FTP Banner](docs/images/banner.png) -One problem of Ubiquitis Unifi Dream Machine (UDM / UDP Pro) is the automatic backup feature. Don't get me wrong... it is great to have an automatic backup feature, but storing backups just on the UDM itself is not a good practice. If you have to hard reset the UDM or the UDM dies, the backups get unaccessable and you have to start from scratch. +One problem of Ubiquitis Unifi Dream Machine (UDM / UDP Pro) is the automatic backup feature. Don't get me wrong... it is great to have an automatic backup feature, but storing backups just on the UDM itself is not a good practice. If you have to hard reset the UDM or the UDM dies, the backups get unaccessable and you have to start from scratch. Also, the newly introduced cloud backup feature is beta and doesn't take care about your Unifi Protection setup. For security reasons, enabling SSH on the UDM and pull the backups from the UDM was not an option for me, as SSH on the UDM is reachable from every VLAN by using password authentication. You could configure that, but your configuration gets resettet on each boot. @@ -17,11 +17,8 @@ So, pushing backups was the only option. For this I built this docker container, - [GitHub Repo - udm-utilities](https://github.com/boostchicken/udm-utilities) - [GitHub Profile - John D.](https://github.com/boostchicken) -1. Customize the [on_boot.d/80-udm-backup-ftp.sh](on_boot.d/80-udm-backup-ftp.sh) script and copy it over to the UDM into the On-Boot-Script folder (`/mnt/data/on_boot.d`). - - This script creates a cronjob, which creates and starts the container to copy the automated backups to your FTP server. By default the container runs once per hour, which of course can be customized in the script. - - In the scirpt are also 4 variables, which are used by the container to logon to the FTP server and copy over the backups. +1. Customize conf.env with your own values and store in a folder called `/mnt/data/udm-backup-ftp` on your UDM (you can store the file wherever you want, but than you have to change the path in the `ENV_FILE` variable in the `80-udm-backup-ftp.sh` script file). In this example, which is also the default of the script file, the configuration is stored in `/mnt/data/udm-backup-ftp/conf.env`. + This file needs 4 variables to work, which are used by the container to logon to the FTP server and copy over the backups. ```shell FTP_SERVER={SERVERNAME} @@ -29,8 +26,20 @@ So, pushing backups was the only option. For this I built this docker container, FTP_USER={FTPUSER} FTP_PASSWORD={FTPPASSWORD} ``` + Please make your the configuration file is only readable by root. + ```shell + chmod 0400 /mnt/data/udm-backup-ftp/conf.env + ``` + +1. Customize the [on_boot.d/80-udm-backup-ftp.sh](on_boot.d/80-udm-backup-ftp.sh) script and copy it over to the UDM into the On-Boot-Script folder (`/mnt/data/on_boot.d`). + + This script creates a cronjob, which pulls and starts the container to copy the automated backups to your FTP server. By default the container runs once per hour, which of course can be customized in the script. + + In the script you can configure two variables: + - `ENV_FILE` if you are storing your FTP credentials in a different path than proposed (`/mnt/data/udm-backup-ftp/conf.env`). + - Comment `PROTECT_MOUNT` variable if you do not want to do backups for Unifi Protect. - Please edit the variables and copy the script to `/mnt/data/on_boot.d`. You also have to make the script executeable. + Please make your changes and copy the script to `/mnt/data/on_boot.d`. You also have to make the script executeable. ```shell chmod a+x /mnt/data/on_boot.d/80-udm-backup-ftp.sh ``` diff --git a/conf.env.dist b/conf.env.dist new file mode 100644 index 0000000..8a362f2 --- /dev/null +++ b/conf.env.dist @@ -0,0 +1,4 @@ +FTP_SERVER={SERVERNAME} +FTP_PATH={BACKUPPATH} +FTP_USER={FTPUSER} +FTP_PASSWORD={FTPPASSWORD} \ No newline at end of file diff --git a/on_boot.d/80-udm-backup-ftp.sh b/on_boot.d/80-udm-backup-ftp.sh index 701da1a..8af4257 100644 --- a/on_boot.d/80-udm-backup-ftp.sh +++ b/on_boot.d/80-udm-backup-ftp.sh @@ -22,11 +22,7 @@ echo " Configure scheduled copy of backups to external FTP server" echo "------------------------------------------------------------" -FTP_SERVER={SERVERNAME} -FTP_PATH={BACKUPPATH} -FTP_USER={FTPUSER} -FTP_PASSWORD={FTPPASSWORD} - +ENV_FILE='/mnt/data/udm-backup-ftp/conf.env' CRON_FILE='/etc/cron.d/udm-backup-ftp' CRON_SCHEDULE='30 * * * *' @@ -35,26 +31,31 @@ SDN_MOUNT="/mnt/data/unifi-os/unifi/data/backup/autobackup:/backups/unifi:ro" # you can comment next line to disable protect backup (or if protect is disabled on your UDM) PROTECT_MOUNT="/mnt/data_ext/unifi-os/unifi-protect/backups:/backups/protect:ro" -CRON_CMD="${CRON_SCHEDULE} podman run -it --rm --name UDM-FTP-Backup --network=host -e \"FTP_SERVER=$FTP_SERVER\" -e \"FTP_PATH=$FTP_PATH\" -e \"FTP_USER=$FTP_USER\" -e \"FTP_PASSWORD=$FTP_PASSWORD\"" +CRON_CMD="${CRON_SCHEDULE} podman run -it --rm --name UDM-FTP-Backup --network=host --env-file='$ENV_FILE'" BACKUP_IMG='docker.io/aessing/udm-backup-ftp' +if [ ! -r "$ENV_FILE" ]; then + echo "ERROR: File '$ENV_FILE' not found or is not readable!" 1>&2 + echo "Please create it based on 'conf.env.dist' with your own values" 1>&2 + exit 1 +fi -if [ ! -z "${SDN_MOUNT}" ]; then +if [ -n "${SDN_MOUNT:-}" ]; then CRON_CMD="${CRON_CMD} -v \"$SDN_MOUNT\"" fi -if [ ! -z "${PROTECT_MOUNT}" ]; then +if [ -n "${PROTECT_MOUNT:-}" ]; then CRON_CMD="${CRON_CMD} -v \"$PROTECT_MOUNT\"" fi CRON_CMD="${CRON_CMD} ${BACKUP_IMG}" -if [ ! -f "${CRON_FILE}" ]; then +if [ ! -f "${CRON_FILE:-}" ]; then echo "${CRON_CMD}" > ${CRON_FILE} chmod 644 ${CRON_FILE} /etc/init.d/crond reload ${CRON_FILE} fi echo " - done" -echo "" +echo