95
edits
Changes
From SME Server
Jump to navigationJump to searchBackup SME Server Remotely Using cURL (view source)
Revision as of 20:16, 8 April 2009
, 20:16, 8 April 2009→Scripting cURL and Improving Security
===Scripting cURL and Improving Security===
===Scripting cURL and Improving Security===
Now that we have show that we can pull a backup from an SME Server without any user interaction and without adding any software to the standard SME Server installation we can now wrap the whole process up in a simple script.
Now that we have shown that we can pull a backup from an SME Server without any user interaction and without adding any software to the standard SME Server installation we can now wrap the whole process up in a simple script.
As the machine I was using to do the backup on was also a Linux machine, I have used sh but if your machine is Windows you could do something similar in a .bat file.
As the machine I was using to do the backup on was also a Linux machine, I have used sh but if your machine is Windows you could do something similar in a .bat file.
{{Note box|All the following is done on the machine doing the backup NOT the SME Server you are backing up. No changes are ever made to the SME Server.}}
{{Note box|All the following is done on the machine doing the backup NOT the SME Server you are backing up. No changes are ever made to that SME Server.}}
On my backup machine I have a user smebackup (any user can be used) and in its home folder I have a bin folder to contain the do_backups script. This script contains some simple enhancements to the above cURL commands:
On my backup machine I have a user smebackup (any user can be used) and in its home folder I have a bin folder to contain the do_backups script. This script contains some simple enhancements to the above cURL commands:
In this script we have combined the two curl commands via an && that way the second command will only run if the first succeeds.
In this script we have combined the two curl commands via an && so that the second command will only run if the first command succeeds.
The use of date in the filename will append the day of the month to the filename this will mean that a new backup will be created for every day of the month and overwrite them next month, obviously if the next month has fewer days you may be left with a couple of backups from last month. This is for use in automated backups (see below) This process can be further enhanced or changed as required.
The use of date in the filename will append the day of the month to the filename. This will mean that a new backup will be created for every day of the month and overwrite them next month, obviously if the next month has fewer days you may be left with a couple of backups from last month. This is for use in automated backups (see below). This process can be further enhanced or changed as required.
This script has also been enhanced to read the password from the file sme_password also located in the bin folder. You will need to create the sme_password file in the bin folder. It should simply contain one line that is the password of your SME Server you wish to backup
This script has also been enhanced to read the password from the file sme_password also located in the bin folder. You will need to create the sme_password file in the bin folder. It should simply contain one line that is the password of your SME Server you wish to backup
{{Warning box|There are a couple of security consideration that you should consider when using curl.
{{Warning box|There are a couple of security considerations that you should consider when using curl.
1. Your basic cURL command first used will cause the password to appear momentarily in the ps listing this is avoided in the above script by placing the password in a file and using -F <nowiki>"password=<your_password_file" </nowiki>.<br>
1. Your basic cURL command first used will cause the password to appear momentarily in the ps listing. This is avoided in the above script by placing the password in a file and using -F <nowiki>"password=<your_password_file" </nowiki>.<br>
2. The cookie jar ~/.sme_cookies should not be made world readable otherwise others could use your downloaded cookies. Likewise the password file should also be protected!}}
2. The cookie jar ~/.sme_cookies should not be made world readable otherwise others could use your downloaded cookies. Likewise the password file should also be protected!}}
