CPanelBackup helps you generate and restore CPanel backups. It was initially written as Bacula pre-job-run hook, but was quickly expanded to do more.
Use the CLI script provided, run cpb_runner --help to see all the options.
Now let’s go through the backup process.
- Bacula runs a job.
- Bacula invokes pre-run hook on the client (
cpb_runner) - Bacula backups /home & /backups/cpanelbackup/accounts dirs
- Bacula invokes pre-run hook on the client (
The hook is invoked with the following options:
cpb_runner --action backupThe script now backups all cpanel accounts into /backups/cpanelbackup/accounts dir, where CPanel pkgacct ’s *.tar files are placed.
- Something initiates backup restoral
- Backup files are placed into:
- CPanel backups (tar): /backups/cpanelbackup/backups/cpanelbackup/accounts
- Home dir backups (plain): /backups/cpanelbackup/home
- User runs
cpb_runnerscript
- Backup files are placed into:
The script could be run as following:
cpb_runner --action restore --users theusername --home-rsync --delete-source --smart-idThis will ask cpb to move theusername.tar file from /backups/cpanelbackup/backups/cpanelbackup/accounts/ to /backups/cpanelbackup/accounts/ dir, restore from it, rsync home dir from /backups/cpanelbackup/home/theusername/ to /home/theusername/ and delete all backup data for that user afterwards in case of success.
Log file is written into /var/log/cp-backup-runner.log by default.
- —smart-id
- Sets proper ownership on files below user homedir after rsync, but only in case public_html has incorrect uid/gid. TODO: check how ACLs would behave.
- —process-sql-grants
- Stores mysql user access information (AKA grant data) into mysql.sql file and incorporates it into final tar archive. It mimics what pkgacct would’ve done, but skips dumping table data. Same applies during restoral – it tries to exec mysql statements from that file if it’s present.
CPanel is a big nasty miserable mess in regards to general architecture and software design. It appears like tons of monkeys from different zoos were lured into one big purple cave where they were given a task of “getting API and CLI tools done immediately” without much thinking. 1 This could probably be the reason for all the workarounds we have to implement here.