JetBackup version 4+ introduced a fancy new filtering system. You can filter your backup job to do almost anything letting you squeeze the most out of your backup job.
While having so many filter options can be powerful, sometimes you don’t always take everything under consideration and things could get slipped through the cracks.
Let’s take a very common backup job scenario –
- A daily job with 14 retention
- Filter: Do not backup suspended accounts (we wanted to keep the job fast & efficient so we skip suspended accounts)
Furthermore, orphan backups are set to be saved to 12 months (better safe than sorry !)
This should keep us safe for at least 1 year with the clients that left us (and became orphan accounts inside JetBackup’s system – Orphan backups are account backup files that are not associated with an active account).
Most of us also using WHMCS for billing automation, so let’s review the automation settings over there –
Enable Suspension – Yes
Suspend Days – 45
Termination Days – 180
These are very generous settings, we will suspend accounts only after 45 days of overdue payments, and will terminate the accounts after 180 (!) of days.
CALL TO ACTION: Invoice is overdue, Account is suspended – what happens behind the scenes?
Our “Do not backup suspended accounts” filter will take action, and since the account is excluded – the system will start cleaning up any created snapshot for this account – After 14 days we will lose all of our daily snaps!
REMINDER: Account has not been terminated yet, as we are giving 180 days before termination.
By the time WHMCS will terminate the account, all the snaps are cleared, so no more usable snaps to keep as “orphan backups”.
cPanel’s hooks system to the rescue!
To solve this very unique scenario, we decided that we want to keep at least one full backup for an account that was suspended.
To do so, we will use cPanel’s internal hook system to notify JetBackup whenever an account is suspended / unsuspended.
Once an account is suspended, we will try to find the latest full backup of that account and will lock it for 360 days using the “manageBackup” API Call
Using the same concept, once an account is unsuspended – we will release our lock.
This will allow keeping at least one full backup for an account that was either suspended or terminated, and also if & when a user decides to come back – our next backup job for this user will be incremental to the snap we saved.
LET’S DO IT
The following is not officially supported by JetBackup, and there is no “out of the box” solution. Your actual implementation and use will likely vary from the example provided. Since we do not know your specific server setup, proceed at your own risk. We assume that you are using cPanel/WHM v76 and JetBackup 4+
The first step will be to create bash script that cPanel’s hooks will call to. The bash script will take action against JetBackup’s hooks.
Create bash file, and give executable permissions –
touch /root/lock_unlock_acct.sh chmod +x /root/lock_unlock_acct.sh
Paste the following code inside –
#!/bin/bash STAGE=$1 LOCK_PERIOD=360 LOCK_REASON="locked-by-hook" ACCT=$( cat /dev/stdin | grep -oE '"args":{[^}]*"user":"[^"]+"' | sed "s#^.*\"user\":\"\([^\"]\+\)\"#\1#g" ) #ACCT=$( cat /dev/stdin ) if [ -z "$ACCT" ]; then exit 1 fi if [ $STAGE = "suspend" ]; then #GET LATEST SNAP ID ID=$( /usr/bin/jetapi backup -F listBackups -D "accounts[]=$ACCT&type=127&limit=1&sort[created]=-1" | grep -E '^\s*_id' | awk '{print $2}' ) if [ -n "$ID" ]; then #LOCK SNAP BY ID /usr/bin/jetapi backup -F manageBackup -D "_id=$ID¬es=$LOCK_REASON&locked=1&lock_ttl=$LOCK_PERIOD" fi fi if [ $STAGE = "unsuspend" ]; then #GET LOCKED SNAPE BY THE LOCK REASON AND THE ACCOUNT NAME ID=$( /usr/bin/jetapi backup -F listBackups -D "type=127&accounts[]=$ACCT" | grep "notes: $LOCK_REASON" -B 15 | grep -E '^\s*_id' | awk '{print $2}' ) if [ -n "$ID" ]; then #UNLOCK SNAP /usr/bin/jetapi backup -F manageBackup -D "_id=$ID¬es=&locked=0" fi fi
NOTE: You can change the amount of days at the 3rd line under (LOCK_PERIOD), the default is 360
Next, we just need to register our bash script inside cPanel’s hook system. Note that there are two registrations – one for suspending action, and one for unsuspend action.
/usr/local/cpanel/bin/manage_hooks add script "/root/lock_unlock_acct.sh suspend" --manual 1 --category Whostmgr --event Accounts::suspendacct --stage post /usr/local/cpanel/bin/manage_hooks add script "/root/lock_unlock_acct.sh unsuspend" --manual 1 --category Whostmgr --event Accounts::unsuspendacct --stage post
Let’s try our hook with suspended account –
[root@server01 ~]# /scripts/suspendacct virtuema Changing Shell to /bin/false...Done [ ... ] info [suspendacct] script: /root/lock_unlock_acct.sh suspend info [suspendacct] response: success: 1 message: Backup updated successfully system: version: 4.0.9 tier: EDGE drMode: agreement: licenseIssue: data: _id: 5c427cb68620a84c595109d8 snap_id: 5a372d978620a874a93dba53 name: virtuema type: 127 params: path: jetbackup_1_1_59afa6518620a809052620f3/virtuema/snap.2019-01-19.012614 size: 0 notes: locked-by-hook flag: 1 flag_name: Incremental created: 2019-01-19T01:26:14+00:00 engine: JetBackup engine_val: 1 locked: 1 lock_ttl: 2020-01-15T13:51:37+00:00 hidden: encrypted: require_encryption_key: snapshot: safety: destination: rsync03 location: Remote queue: restore: download: download: account: virtuema
To verify, we can list this account’s backups from JetBackup’s WHM GUI and see that the backup is locked with our note (“locked-by-hook”)
unsuspending the account will reverse the action –
[root@israel01 ~]# /scripts/unsuspendacct virtuema Unsuspending outgoing email....Done [ ... ] info [unsuspendacct] script: /root/lock_unlock_acct.sh unsuspend info [unsuspendacct] response: success: 1 message: Backup updated successfully system: version: 4.0.9 tier: EDGE drMode: agreement: licenseIssue: data: _id: 5c427cb68620a84c595109d8 snap_id: 5a372d978620a874a93dba53 name: virtuema type: 127 params: path: jetbackup_1_1_59afa6518620a809052620f3/virtuema/snap.2019-01-19.012614 size: 0 notes: flag: 1 flag_name: Incremental created: 2019-01-19T01:26:14+00:00 engine: JetBackup engine_val: 1 locked: lock_ttl: hidden: encrypted: require_encryption_key: snapshot: safety: destination: rsync03 location: Remote queue: restore: download: download: account: virtuema
Thank you for reading ! 
For more information about JetBackup API, please see https://docs.jetbackup.com
Tags: backup, cPanel, JetBackup
Leave a Reply