Shell scripts to manage and maintain Ubuntu servers
There are several scripts included in server-scripts
, each of which perform different functions. They all use a shared .env.sh
to function. This .env
should be created on each environment where you wish to run the server-scripts
, and it should be excluded from your git repo via .gitignore
.
backup_s3.sh
The backup_s3.sh
script syncs the backups from LOCAL_BACKUPS_PATH
to the Amazon S3 bucket specified in REMOTE_S3_BUCKET
.
This script assumes that you have already installed awscli and have configured it with your credentials.
It's recommended that you set up a separate user with access to only S3, and set up a private S3 bucket for your backups.
backup_dropbox.sh
The backup_dropbox.sh
script uploads a compressed archive of the backups from LOCAL_BACKUPS_PATH
to the Dropbox folder specified in REMOTE_DROPBOX_PATH
.
This script assumes that you have already installed dbxcli and have configured it with your credentials.
server-scripts
git repo to your server.example.env
file, and rename it to .env
..env
file into your favorite editor, and replace REPLACE_ME
with the appropriate settings.All configuration is done in the .env
file, rather than in the scripts themselves. This is is so that the same scripts can be used in multiple environments such as local
dev, staging
, and live
production without modification. Just create a .env
file in each environment, and keep it out of your git repo via .gitignore
.
All settings that are prefaced with LOCAL_
refer to the local environment where the script will be run, not your local
dev environment.
LOCAL_ROOT_PATH
is the absolute path to the root of your local server install, with a trailing /
after it.
LOCAL_CHOWN_USER
is the user that is the owner of your entire server install.
LOCAL_CHOWN_GROUP
is your webserver's group, usually either nginx
or apache
.
LOCAL_BACKUPS_PATH
is the absolute path to the directory where local backups should be stored. For database backups, a sub-directory LOCAL_DB_NAME/db
will be created inside the LOCAL_BACKUPS_PATH
directory to store the database backups. Paths should always have a trailing /
All settings that are prefaced with REMOTE_
refer to the remote environment where assets and the database will be pulled from.
REMOTE_SSH_LOGIN
is your ssh login to the remote server, e.g.: [email protected]
REMOTE_SSH_PORT
is the port to use for ssh on the remote server. This is normally 22
REMOTE_ROOT_PATH
is the absolute path to the root of your server install on the remote server, with a trailing /
after it.
REMOTE_BACKUPS_PATH
is the absolute path to the directory where the remote backups are stored. For database backups, a sub-directory REMOTE_DB_NAME/db
inside the REMOTE_BACKUPS_PATH
directory is used for the database backups. Paths should always have a trailing /
REMOTE_S3_BUCKET
is the name of the Amazon S3 bucket to backup to via the backup_s3.sh
script
REMOTE_DROPBOX_PATH
is the path of the Dropbox folder to backup to via the backup_dropbox.sh
script
REMOTE_SLACK_HOOK
is the incoming webhook url to post notifications to Slack via the notify_slack.sh
script
REMOTE_TELEGRAM_HOOK
is the incoming webhook url to post notifications to Telegram via the notify_telegram.sh
script
REMOTE_TELEGRAM_CHAT_ID
is the chat id to post notifications to Telegram via the notify_telegram.sh
script
Normally when you ssh
into a remote server (as some of the server-scripts
do), you have to enter your password. Best practices from a security POV is to not allow for password-based logins, but instead use SSH Keys.
The day in, day out benefit of setting up SSH Keys is that you never have to enter your password again, so it allows for automated execution of the various server-scripts
. Use the excellent How To Set Up SSH Keys artice as a guide for setting up your SSH keys.
If you use git
, a sample .gitignore
file that you can modify & use for your server projects is included in server-scripts
as example.gitignore
. If you wish to use it, the file should be copied to your server project root, and renamed .gitignore
If you change file permissions on your remote server, you may encounter git complaining about overwriting existing local changes
when you try to deploy. This is because git considers changing the executable flag to be a change in the file, so it thinks you changed the files on your server (and the changes are not checked into your git repo).
To fix this, we just need to tell git to ignore permission changes on the server. You can change the fileMode
setting for git
on your server, telling it to ignore permission changes of the files on the server:
git config --global core.fileMode false
See the git-config man page for details.
If you want to run any of these scripts automatically at a set schedule, here's how to do it. We'll use the backup_dropbox.sh
script as an example, but the same applies to any of the scripts.
Please see the Setting up SSH Keys section and set up your SSH keys before you set up automatic script execution.
If you're using Forge you can set the backup_dropbox.sh
script to run nightly (or whatever interval you want) via the Scheduler. If you're using ServerPilot.io or are managing the server yourself, just set the backup_dropbox.sh
script to run via cron
at whatever interval you desire.