1
Tutorials and FAQs / Sample bash script for backups using the API
« on: December 23, 2019, 08:48:30 pm »
This is tested on CentOS but should be easily portable to other unix systems. Prerequisites are an OPNsense admin user with an API key, which does not require interactive login or a known password. It does not produce output when successful, so when called from cron it will email root with errors. Binaries needed are date, curl, gzip and find.
Bart...
#!/usr/bin/bash
# Change API key and secret, number of days to keep backups, the path to your backups and the hostname for your firewall
key="api key for backup user"
secret="api secret for backup user"
daystokeep=3
destination="/path/to/firewall/backups"
fwhost="firewall.fqdn"
date=$(date +%Y-%m-%d)
result=$(/usr/bin/curl -I -s -k -u "$key":"$secret" https://$fwhost/api/backup/backup/download | head -1)
if [[ $result != *"200"* ]]; then
echo "Result of the HTTP request is $result"
exit 1
fi
/usr/bin/curl -s -k -u "$key":"$secret" https://$fwhost/api/backup/backup/download > $date.xml
error=$?
if [ $error -gt 0 ]; then
echo "Curl returned error number $error"
exit 1
fi
/usr/bin/gzip $date.xml
mv $date.xml.gz $destination
/usr/bin/find $destination/* -mtime +$daystokeep -exec rm {} \;
Bart...
#!/usr/bin/bash
# Change API key and secret, number of days to keep backups, the path to your backups and the hostname for your firewall
key="api key for backup user"
secret="api secret for backup user"
daystokeep=3
destination="/path/to/firewall/backups"
fwhost="firewall.fqdn"
date=$(date +%Y-%m-%d)
result=$(/usr/bin/curl -I -s -k -u "$key":"$secret" https://$fwhost/api/backup/backup/download | head -1)
if [[ $result != *"200"* ]]; then
echo "Result of the HTTP request is $result"
exit 1
fi
/usr/bin/curl -s -k -u "$key":"$secret" https://$fwhost/api/backup/backup/download > $date.xml
error=$?
if [ $error -gt 0 ]; then
echo "Curl returned error number $error"
exit 1
fi
/usr/bin/gzip $date.xml
mv $date.xml.gz $destination
/usr/bin/find $destination/* -mtime +$daystokeep -exec rm {} \;