微慑信息网

网站备份策略の脚本 – 2021-09-06-vulsee.com

备份策略一

写shell脚本分别置放于各个网站下,根据实际情况配置,然后在需要备份的时候,登录每个vps进行备份,略感麻烦

备份策略二

通过本地脚本,预先配置每个vps的信息,如IP、端口、用户密码、路径等;在本地执行脚本,并获取下载链接,及时下载备份文件;目前采用策略二;

优点:备份方便

风险:若脚本泄露将导致vps失陷;但可通过ssh证书登录,降低风险;若如此,策略二脚本配置文件可单独存放,在执行脚本时读取即可,降低风险,

(1)直接配置到脚本:

注:可对备份文件进行一些hash,即文件名随机化,避免被探测

#coding:utf-8
'''
python2.7
'''
import paramiko
import datetime
import time


def backup(website,ssh_ip,ssh_port,ssh_user,ssh_pass,webpath,bkClass):

	currenttime = datetime.datetime.now().strftime("%Y_%m_%d")
	#存放备份文件的路径
	#webpath = '/home/wwwroot/default/'+website+'/'

	if bkClass == 'conf':
		#需要备份的路径
		backup_path = '/usr/local/nginx/conf/'
	else:
		backup_path = '/usr/local/mysql/var/'
	#存放备份的文件名
	filename = '{}-{}-{}.tar.gz'.format(website,bkClass,currenttime)
	#存放备份的文件地址
	filePath = webpath + filename
	
	ssh = paramiko.SSHClient()
	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
	ssh.connect(ssh_ip,port=ssh_port,username = ssh_user,password=ssh_pass)
	cmd = 'tar  -zcvf {} {}'.format(filePath,backup_path)
	ssh.exec_command(cmd)
	time.sleep(5)
	cmd_check = 'du -h {}'.format(filePath)
	stdin,stdout,stderr = ssh.exec_command(cmd_check)
	#stdin.write("Y")
	res = stdout.readlines()
	print 'File Size:',res[0].split('	')[0] 
	print 'File Path:',res[0].split('	')[1].strip() 
	print 'Download Url :','http://'+website+'/'+filename

def start():
	weblist = [
	#{"website":"11.com","ssh_ip":"1.0.0.1","ssh_port":"22","ssh_user":"root","ssh_pass":"123456","webpath":"/home/wwwroot/default/test.com/"},
	{"website":"22.com","ssh_ip":"1.2.3.4","ssh_port":"2222","ssh_user":"root","ssh_pass":"root","webpath":"/home/wwwroot/default/ali/"}
	]
	for webinfo in weblist:
		website = webinfo["website"]
		ssh_ip = webinfo["ssh_ip"]
		ssh_port = webinfo["ssh_port"]
		ssh_user = webinfo["ssh_user"]
		ssh_pass = webinfo["ssh_pass"]
		webpath = webinfo["webpath"]
		backup_class = ['db','conf']
		for bkClass in backup_class:
			backup(website,ssh_ip,ssh_port,ssh_user,ssh_pass,webpath,bkClass)

def main():
	start()

if __name__ == '__main__':
	main()

 

(2)配置到ini文件:

#coding:utf-8
'''
python2.7
'''
import paramiko
import datetime
import time
import random
import hashlib
import configparser


def backup(website,ssh_ip,ssh_port,ssh_user,ssh_pass,webpath,bkClass):

	currenttime = datetime.datetime.now().strftime("%Y_%m_%d")
	#存放备份文件的路径
	#webpath = '/home/wwwroot/default/'+website+'/'

	if bkClass == 'conf':
		#需要备份的路径
		backup_path = '/usr/local/nginx/conf/'
	else:
		backup_path = '/usr/local/mysql/var/'

	#存放备份的文件名
	filename = '{}-{}-{}.tar.gz'.format(website,bkClass,currenttime)
	#存放备份的文件地址
	filePath = webpath + filename
	
	ssh = paramiko.SSHClient()
	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
	try:
		ssh.connect(ssh_ip,port=ssh_port,username = ssh_user,password=ssh_pass)
		cmd = 'tar  -zcvf {} {}'.format(filePath,backup_path)
		ssh.exec_command(cmd)
		time.sleep(5)
		cmd_check = 'du -h {}'.format(filePath)
		stdin,stdout,stderr = ssh.exec_command(cmd_check)
		#stdin.write("Y")
		res = stdout.readlines()
		print '  [-]File Size:',res[0].split('	')[0] 
		print '  [-]File Path:',res[0].split('	')[1].strip() 
		print '  [-]Download Url :','http://'+website+'/'+filename
	except Exception as e:
		print website,e

def start():
	config = configparser.ConfigParser()
	iniPath = 'server.ini'
	config.read(iniPath)
	section = config.sections()
	for info in section:
		print '[+] starting backup :',info
		website = info
		ssh_ip = config[info]['ssh_ip']
		ssh_port = int(config[info]['ssh_port'])
		ssh_user = config[info]['ssh_user']
		ssh_pass = config[info]['ssh_pass']
		webpath = config[info]['webpath']
		backup_class = ['db','conf']
		for bkClass in backup_class:
			backup(website,ssh_ip,ssh_port,ssh_user,ssh_pass,webpath,bkClass)

def main():
	
	start()

if __name__ == '__main__':
	main()

ini文件示例,节点为网站域名:

以上,

1、File Size 非实际大小,仅确认是否开始备份,如果要确认实际大小,考虑监控tar压缩进程是否存在,不存在则压缩结束,再判断文件大小,应为实际大小

2、每执行一次备份就连接了一次ssh,可优化仅连接一次;

 

拓展阅读(点评/知识):

参考:https://www.cnblogs.com/XhyTechnologyShare/p/11935553.html

# 导包
import configparser
config = configparser.ConfigParser() # 类实例化

# 定义文件路径
path = r'D:\Python_Script\new_framework\source_file\broswer_config.ini'
# 第一种读取ini文件方式,通过read方法
config.read(path)
value = config['select']['url']
print('第一种方法读取到的值:',value)

# 第二种读取ini文件方式,通过get方法
value = config.get('select','url')
print('第二种方法读取到的值:',value)

# 第三种读取ini文件方式,读取到一个section中的所有数据,返回一个列表
value = config.items('select')
print('第三种方法读取到的值:',value)
# 将数据写入到ini文件中
config.add_section('login') # 首先添加一个新的section
config.set('login','username','admin')  # 写入数据
config.set('login','password','123456') # 写入数据
config.write(open(path,'a'))            #保存数据
# 读取ini文件中所有的section
section = config.sections()
print(section)

 

本文标题:网站备份策略の脚本 – 2021-09-06-vulsee.com
本文链接:
(转载请附上本文链接)
http://vulsee.com/archives/vulsee_2021/0906_14740.html
转载请附本站链接,未经允许不得转载,,谢谢:微慑信息网-VulSee.com » 网站备份策略の脚本 – 2021-09-06-vulsee.com
分享到: 更多 (0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

微慑信息网 专注工匠精神

访问我们联系我们