36 lines
1.3 KiB
Bash
36 lines
1.3 KiB
Bash
#!/bin/sh
|
|
# OpenWrt config backup — ash/busybox compatible
|
|
# Runs on the router, pushes backup to a designated Pi via SCP.
|
|
# The Pi then includes it in its restic backup automatically.
|
|
#
|
|
# One-time setup:
|
|
# 1. On the router: ssh-keygen -t ed25519 -f /etc/dropbear/backup_id
|
|
# 2. Add the public key to ~/.ssh/authorized_keys on RECEIVER_HOST
|
|
# 3. Test: ssh -i /etc/dropbear/backup_id pi@RECEIVER_HOST "echo ok"
|
|
set -e
|
|
|
|
RECEIVER_HOST="192.168.x.x" # REPLACE — IP of the designated Pi
|
|
RECEIVER_USER="pi" # REPLACE — SSH user on the Pi
|
|
RECEIVER_DIR="/var/backups/openwrt"
|
|
SSH_KEY="/etc/dropbear/backup_id"
|
|
|
|
BACKUP_FILE="/tmp/openwrt-$(date +%F).tar.gz"
|
|
|
|
# Create config archive (includes /etc/config, /etc/openwrt_release, etc.)
|
|
sysupgrade --create-backup "$BACKUP_FILE"
|
|
|
|
# Push to receiver Pi
|
|
scp -i "$SSH_KEY" -o StrictHostKeyChecking=no \
|
|
"$BACKUP_FILE" \
|
|
"${RECEIVER_USER}@${RECEIVER_HOST}:${RECEIVER_DIR}/"
|
|
|
|
# Clean up local copy
|
|
rm -f "$BACKUP_FILE"
|
|
|
|
# Keep only last 14 backups on the Pi
|
|
ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no \
|
|
"${RECEIVER_USER}@${RECEIVER_HOST}" \
|
|
"ls -t ${RECEIVER_DIR}/openwrt-*.tar.gz 2>/dev/null | tail -n +15 | xargs -r rm -f"
|
|
|
|
logger -t openwrt-backup "Config backup pushed to ${RECEIVER_HOST}:${RECEIVER_DIR}"
|