#!/bin/bash set -Eeuo pipefail DATE="$(date +'%Y-%m-%d_%H-%M')" BACKUP_DIR="/home/debian/backup" LOG_DIR="/home/debian/Gestion_sondes/Logs" mkdir -p "$LOG_DIR" "$BACKUP_DIR" LOG_FILE="$LOG_DIR/backup_$DATE.log" exec > >(tee -a "$LOG_FILE") 2>&1 # Verrou anti-doublon exec 9>/tmp/backup_mysql.lock flock -n 9 || { echo "🔒 Un autre backup est en cours. Abandon."; exit 1; } BACKUP_FILE="$BACKUP_DIR/mysql_backup_$DATE.sql" # Cible NAS via WireGuard / LAN NAS_HOST="192.168.1.250" # à adapter avec l'IP locale réelle du NAS NAS_PORT="4422" # mettre 4422 seulement si DSM écoute réellement sur 4422 en local NAS_USER="Michel" NAS_DIR="/volume1/VPS/Gravelines" SSH_KEY="/home/debian/.ssh/id_ed25519" SSH_OPTS="-i $SSH_KEY -p $NAS_PORT \ -o BatchMode=yes -o PreferredAuthentications=publickey \ -o PasswordAuthentication=no -o PubkeyAuthentication=yes \ -o StrictHostKeyChecking=accept-new -o ConnectTimeout=10 \ -o ServerAliveInterval=30 -o ServerAliveCountMax=2" # Credentials MySQL MYSQL_DEFAULTS="/home/debian/.my.cnf" # PATH minimal pour cron export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin echo "🔷 Démarrage $(date '+%F %T') sur $(hostname -s)" echo "🔷 Dossier local : $BACKUP_DIR" echo "🔷 Dossier NAS : $NAS_DIR (hôte $NAS_HOST)" # 1) Pré-check SSH & droits écriture NAS echo "🔷 Test SSH NAS…" if ! ssh $SSH_OPTS "$NAS_USER@$NAS_HOST" "mkdir -p '$NAS_DIR' && test -w '$NAS_DIR' && echo __SSH_OK__"; then echo "❌ Impossible d'écrire sur $NAS_HOST:$NAS_DIR (clé SSH ? user ? droits ? SSH NAS activé ?)" exit 20 fi # 2) Dump MySQL echo "🔷 Dump MySQL…" if [[ -f "$MYSQL_DEFAULTS" ]]; then DUMP="mysqldump --defaults-file=$MYSQL_DEFAULTS --all-databases --single-transaction --quick --lock-tables=false --routines --events --triggers" else DUMP="mysqldump --all-databases --single-transaction --quick --lock-tables=false --routines --events --triggers" fi # Baisse de priorité IONICE="$(command -v ionice >/dev/null 2>&1 && echo 'ionice -c2 -n7' || true)" NICE="$(command -v nice >/dev/null 2>&1 && echo 'nice -n 10' || true)" bash -c "$IONICE $NICE $DUMP > '$BACKUP_FILE'" # Vérification locale if [[ ! -s "$BACKUP_FILE" ]]; then echo "❌ Fichier de backup vide : $BACKUP_FILE" exit 21 fi LOCAL_SIZE=$(stat -c%s "$BACKUP_FILE" 2>/dev/null || wc -c < "$BACKUP_FILE") echo "✅ Dump OK : $BACKUP_FILE ($LOCAL_SIZE octets)" # 3) Transfert NAS scp -O -P 4422 -i /home/debian/.ssh/id_ed25519 \ -o BatchMode=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no \ -o StrictHostKeyChecking=accept-new \ "$BACKUP_FILE" "$NAS_USER@$NAS_HOST:$NAS_DIR/" # 4) Vérification taille distante = locale BASENAME="$(basename "$BACKUP_FILE")" REMOTE_SIZE=$(ssh -p 4422 -i /home/debian/.ssh/id_ed25519 \ -o BatchMode=yes -o PreferredAuthentications=publickey -o PasswordAuthentication=no \ -o StrictHostKeyChecking=accept-new \ "$NAS_USER@$NAS_HOST" "wc -c < '$NAS_DIR/$BASENAME'" || echo 0) if [[ "$REMOTE_SIZE" != "$LOCAL_SIZE" ]]; then echo "❌ Taille différente après transfert (local=$LOCAL_SIZE, distant=$REMOTE_SIZE)" exit 22 fi echo "✅ Transfert OK → $NAS_HOST:$NAS_DIR/$BASENAME"