CloudHost/BC-bak
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
BC-bak/bc-backup.conf.template

123 lines
4.2 KiB
Plaintext
Raw Permalink Normal View History

Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# Business Central SaaS Backup Configuration
# Copy this file to bc-backup.conf and fill in your values
# IMPORTANT: Keep this file secure! It contains sensitive credentials.
# ===================================
# Azure AD Application Configuration
# ===================================
# Create an Azure AD App Registration with the following:
# 1. Navigate to https://portal.azure.com
# 2. Go to Azure Active Directory > App registrations > New registration
# 3. Name: "BC-Backup-Service" (or your preferred name)
# 4. Supported account types: "Accounts in this organizational directory only"
# 5. After creation, note the following:
# Your Azure AD Tenant ID (Directory ID)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AZURE_TENANT_ID="ea58ff97-60cb-4e6d-bc25-a55921f9c93c"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# Application (client) ID from the app registration
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AZURE_CLIENT_ID="6430f1b8-b968-4e91-8214-0386618bc920"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# Client secret (create under Certificates & secrets > New client secret)
# IMPORTANT: Save this immediately - it won't be shown again!
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AZURE_CLIENT_SECRET="uuB8Q~sh~WUpwGJXeV8NL2KVO4lKQWSnZnWV_aav"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# ===================================
# Azure AD API Permissions
# ===================================
# Add the following API permission to your app:
# 1. Go to API permissions > Add a permission
# 2. Select "Dynamics 365 Business Central"
# 3. Select "Application permissions"
feat: switch from Admin Center database export to BC API v2.0 data extraction The Admin Center export API requires an Azure Storage SAS URI which requires an Azure Subscription - defeating the purpose of an independent backup. Instead, use BC API v2.0 to extract critical business data (customers, vendors, items, GL entries, invoices, etc.) as JSON files. - bc-export.ps1: rewritten to use BC API v2.0 endpoints, extracts 23 entity types per company with OData pagination support - bc-backup.sh: handles JSON export directory, creates tar.gz archive before encrypting and uploading to S3 - bc-backup.conf.template: removed Azure Storage SAS config, added optional BC_COMPANY_NAME filter - decrypt-backup.sh: updated for tar.gz.gpg format, shows extracted entity files and metadata after decryption Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-10 07:33:32 +01:00
# 4. Check "API.ReadWrite.All"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# 5. Click "Grant admin consent" (requires Global Admin)
# ===================================
# Business Central Configuration
# ===================================
# Your BC environment name (e.g., "Production", "Sandbox")
# Find this in BC Admin Center: https://businesscentral.dynamics.com/
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
BC_ENVIRONMENT_NAME="Production"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
feat: switch from Admin Center database export to BC API v2.0 data extraction The Admin Center export API requires an Azure Storage SAS URI which requires an Azure Subscription - defeating the purpose of an independent backup. Instead, use BC API v2.0 to extract critical business data (customers, vendors, items, GL entries, invoices, etc.) as JSON files. - bc-export.ps1: rewritten to use BC API v2.0 endpoints, extracts 23 entity types per company with OData pagination support - bc-backup.sh: handles JSON export directory, creates tar.gz archive before encrypting and uploading to S3 - bc-backup.conf.template: removed Azure Storage SAS config, added optional BC_COMPANY_NAME filter - decrypt-backup.sh: updated for tar.gz.gpg format, shows extracted entity files and metadata after decryption Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-10 07:33:32 +01:00
# Optional: Limit export to a specific company name
# Leave empty to export all companies in the environment
BC_COMPANY_NAME=""
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# ===================================
# Encryption Configuration
# ===================================
# Strong passphrase for GPG encryption
# Generate a secure passphrase: openssl rand -base64 32
# IMPORTANT: Store this securely! You'll need it to decrypt backups.
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
ENCRYPTION_PASSPHRASE="pUmLZqBxukhpfoFSKrtP1Fd735131JLLGm4QxLOAl0w="
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# Alternative: Use GPG key ID instead of passphrase (leave empty to use passphrase)
# GPG_KEY_ID=""
# ===================================
# S3 Storage Configuration
# ===================================
# S3 bucket name (must already exist with Object Lock enabled)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
S3_BUCKET="bcbak"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# S3 endpoint URL
# AWS S3: https://s3.amazonaws.com or https://s3.REGION.amazonaws.com
# MinIO: http://minio.example.com:9000 or https://minio.example.com
# Wasabi: https://s3.wasabisys.com or https://s3.REGION.wasabisys.com
# Backblaze: https://s3.REGION.backblazeb2.com
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
S3_ENDPOINT="https://s3.palmasolutions.net:9000"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# AWS Access Key ID (or compatible credentials)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AWS_ACCESS_KEY_ID="DFuYw5lpgvPX9qUxwbzB"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# AWS Secret Access Key (or compatible credentials)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AWS_SECRET_ACCESS_KEY="xrojt6w1RK8dCRIWJll7NZaqn6Ppy3uxficfpHak"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# S3 region (for AWS, required; for others, may be optional)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
AWS_DEFAULT_REGION="eu-south-1"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# S3 tool to use: "awscli" (recommended) or "s3cmd"
S3_TOOL="awscli"
# ===================================
# Backup Configuration
# ===================================
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
# Default backup mode when --mode is not specified on command line
# "incremental" = only export records changed since last run (fast, for cron)
# "full" = export everything (complete snapshot)
BACKUP_MODE_DEFAULT="incremental"
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
# Object lock retention period in days (must match or exceed bucket minimum)
feat: add incremental backups, S3 cleanup, and cron scheduling Incremental backups using BC API's lastModifiedDateTime filter to only export records changed since the last successful run. Runs every 15 minutes via cron, with a daily full backup for complete snapshots. bc-export.ps1: - Add -SinceDateTime parameter for incremental filtering - Append $filter=lastModifiedDateTime gt {timestamp} to all entity URLs - Exit code 2 when no records changed (skip archive/upload) - Record mode and sinceDateTime in export-metadata.json bc-backup.sh: - Accept --mode full|incremental flag (default: incremental) - State file (last-run-state.json) tracks last successful run timestamp - Auto-fallback to full when no state file exists - Skip archive/encrypt/upload when incremental finds 0 changes - Lock file (.backup.lock) prevents overlapping cron runs - S3 keys organized by mode: backups/full/ vs backups/incremental/ bc-cleanup.sh (new): - Lists all S3 objects under backups/ prefix - Deletes objects older than RETENTION_DAYS (default 30) - Handles pagination for large buckets - Gracefully handles COMPLIANCE-locked objects bc-backup.conf.template: - Add BACKUP_MODE_DEFAULT option cron-examples.txt: - Recommended setup: 15-min incremental + daily full + daily cleanup - Alternative schedules (30-min, hourly) - Systemd timer examples Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 10:22:08 +01:00
# Also used by bc-cleanup.sh to determine which S3 objects to delete
Initial commit: BC backup project
2026-02-09 18:57:39 +01:00
RETENTION_DAYS="30"
# Maximum retry attempts for failed operations
MAX_RETRIES="3"
# Clean up local files after successful upload? (true/false)
CLEANUP_LOCAL="true"
# ===================================
# Optional: Email Notifications
# ===================================
# Enable email notifications on failure? (true/false)
# ENABLE_EMAIL_NOTIFICATIONS="false"
# Email address to send notifications to
# NOTIFICATION_EMAIL=""
# ===================================
# Advanced Configuration
# ===================================
# Local temporary directory (default: ./temp)
# WORK_DIR="/var/tmp/bc-backup"
# Log directory (default: ./logs)
# LOG_DIR="/var/log/bc-backup"
Reference in New Issue Copy Permalink