cryptpad app

src/freedombone-app-cryptpad

@@ -0,0 +1,502 @@
+#!/bin/bash
+#
+# .---.                  .              .
+# |                      |              |
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
+#
+#                    Freedom in the Cloud
+#
+# cryptpad application
+#
+# License
+# =======
+#
+# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS='full full-vim writer'
+
+IN_DEFAULT_INSTALL=0
+SHOW_ON_ABOUT=1
+
+CRYPTPAD_DOMAIN_NAME=
+CRYPTPAD_CODE=
+CRYPTPAD_ONION_PORT=8119
+CRYPTPAD_PORT=9003
+CRYPTPAD_REPO=""
+CRYPTPAD_COMMIT=''
+CRYPTPAD_ADMIN_PASSWORD=
+CRYPTPAD_DIR=/etc/cryptpad
+
+cryptpad_variables=(ONION_ONLY
+                    CRYPTPAD_DOMAIN_NAME
+                    CRYPTPAD_CODE
+                    DDNS_PROVIDER
+                    MY_EMAIL_ADDRESS
+                    MY_USERNAME)
+
+function remove_user_cryptpad {
+    remove_username="$1"
+
+    ${PROJECT_NAME}-pass -u $remove_username --rmapp cryptpad
+}
+
+function add_user_cryptpad {
+    new_username="$1"
+    new_user_password="$2"
+
+    ${PROJECT_NAME}-pass -u $new_username -a cryptpad -p "$new_user_password"
+    echo '0'
+}
+
+function install_interactive_cryptpad {
+    if [ ! $ONION_ONLY ]; then
+        ONION_ONLY='no'
+    fi
+
+    if [[ $ONION_ONLY != "no" ]]; then
+        CRYPTPAD_DOMAIN_NAME='cryptpad.local'
+    else
+        CRYPTPAD_DETAILS_COMPLETE=
+        while [ ! $CRYPTPAD_DETAILS_COMPLETE ]
+        do
+            data=$(tempfile 2>/dev/null)
+            trap "rm -f $data" 0 1 2 5 15
+            if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
+                dialog --backtitle $"Freedombone Configuration" \
+                       --title $"Cryptpad Configuration" \
+                       --form $"\nPlease enter your Cryptpad details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 3 \
+                       $"Domain:" 1 1 "$(grep 'CRYPTPAD_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
+                       $"Code:" 2 1 "$(grep 'CRYPTPAD_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 25 33 255 \
+                       2> $data
+            else
+                dialog --backtitle $"Freedombone Configuration" \
+                       --title $"Cryptpad Configuration" \
+                       --form $"\nPlease enter your Cryptpad details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 3 \
+                       $"Domain:" 1 1 "$(grep 'CRYPTPAD_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
+                       2> $data
+            fi
+            sel=$?
+            case $sel in
+                1) exit 1;;
+                255) exit 1;;
+            esac
+            CRYPTPAD_DOMAIN_NAME=$(cat $data | sed -n 1p)
+            if [ $CRYPTPAD_DOMAIN_NAME ]; then
+                if [[ $CRYPTPAD_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then
+                    CRYPTPAD_DOMAIN_NAME=""
+                fi
+                TEST_DOMAIN_NAME=$CRYPTPAD_DOMAIN_NAME
+                validate_domain_name
+                if [[ $TEST_DOMAIN_NAME != $CRYPTPAD_DOMAIN_NAME ]]; then
+                    CRYPTPAD_DOMAIN_NAME=
+                    dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
+                else
+                    if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
+                        CRYPTPAD_CODE=$(cat $data | sed -n 2p)
+                        validate_freedns_code "$CRYPTPAD_CODE"
+                        if [ ! $VALID_CODE ]; then
+                            CRYPTPAD_DOMAIN_NAME=
+                        fi
+                    fi
+                fi
+            fi
+            if [ $CRYPTPAD_DOMAIN_NAME ]; then
+                CRYPTPAD_DETAILS_COMPLETE="yes"
+            fi
+        done
+
+        # save the results in the config file
+        write_config_param "CRYPTPAD_CODE" "$CRYPTPAD_CODE"
+    fi
+    write_config_param "CRYPTPAD_DOMAIN_NAME" "$CRYPTPAD_DOMAIN_NAME"
+    APP_INSTALLED=1
+}
+
+function change_password_cryptpad {
+    curr_username="$1"
+    new_user_password="$2"
+
+    read_config_param 'CRYPTPAD_DOMAIN_NAME'
+
+    ${PROJECT_NAME}-pass -u "$curr_username" -a cryptpad -p "$new_user_password"
+}
+
+function reconfigure_cryptpad {
+    if [ -d $CRYPTPAD_DIR/datastore ]; then
+        rm -rf $CRYPTPAD_DIR/datastore
+    fi
+}
+
+function upgrade_cryptpad {
+    if grep -q "cryptpad domain" $COMPLETION_FILE; then
+        CRYPTPAD_DOMAIN_NAME=$(get_completion_param "cryptpad domain")
+    fi
+
+    CURR_CRYPTPAD_COMMIT=$(get_completion_param "cryptpad commit")
+    if [[ "$CURR_CRYPTPAD_COMMIT" == "$CRYPTPAD_COMMIT" ]]; then
+        return
+    fi
+
+    systemctl stop cryptpad
+
+    # update to the next commit
+    function_check set_repo_commit
+    set_repo_commit $CRYPTPAD_DIR "cryptpad commit" "$CRYPTPAD_COMMIT" $CRYPTPAD_REPO
+
+    cd $CRYPTPAD_DIR
+    chown -R cryptpad:cryptpad *
+
+    systemctl start cryptpad
+}
+
+
+function backup_local_cryptpad {
+    CRYPTPAD_DOMAIN_NAME='cryptpad'
+    if grep -q "cryptpad domain" $COMPLETION_FILE; then
+        CRYPTPAD_DOMAIN_NAME=$(get_completion_param "cryptpad domain")
+    fi
+
+    source_directory=$CRYPTPAD_DIR/datastore
+    if [ -d $source_directory ]; then
+        systemctl stop cryptpad
+
+        dest_directory=cryptpad
+        function_check suspend_site
+        suspend_site ${CRYPTPAD_DOMAIN_NAME}
+
+        function_check backup_directory_to_usb
+        backup_directory_to_usb $source_directory $dest_directory
+
+        function_check restart_site
+        restart_site
+
+        systemctl start cryptpad
+    fi
+}
+
+function restore_local_cryptpad {
+    if [ -d $CRYPTPAD_DIR ]; then
+        systemctl stop cryptpad
+        temp_restore_dir=/root/tempcryptpad
+        function_check restore_directory_from_usb
+        restore_directory_from_usb $temp_restore_dir cryptpad
+        cp -r $temp_restore_dir$CRYPTPAD_DIR/datastore/* $CRYPTPAD_DIR/datastore/
+        systemctl start cryptpad
+    fi
+}
+
+function backup_remote_cryptpad {
+    if grep -q "cryptpad domain" $COMPLETION_FILE; then
+        CRYPTPAD_DOMAIN_NAME=$(get_completion_param "cryptpad domain")
+        temp_backup_dir=$CRYPTPAD_DIR/datastore
+        if [ -d $temp_backup_dir ]; then
+            systemctl stop cryptpad
+
+            function_check suspend_site
+            suspend_site ${CRYPTPAD_DOMAIN_NAME}
+
+            echo $"Backing up Cryptpad installation"
+
+            function_check backup_directory_to_friend
+            backup_directory_to_friend $temp_backup_dir cryptpad
+
+            function_check restart_site
+            restart_site
+
+            systemctl start cryptpad
+        else
+            echo $"cryptpad domain specified but not found in ${temp_backup_dir}"
+        fi
+    fi
+}
+
+function restore_remote_cryptpad {
+    if [ -d $CRYPTPAD_DIR ]; then
+        systemctl stop cryptpad
+        temp_restore_dir=/root/tempcryptpad
+        function_check restore_directory_from_usb
+        restore_directory_from_friend $temp_restore_dir cryptpad
+        cp -r $temp_restore_dir$CRYPTPAD_DIR/datastore/* $CRYPTPAD_DIR/datastore/
+        systemctl start cryptpad
+    fi
+}
+
+function remove_cryptpad {
+    if [ ${#CRYPTPAD_DOMAIN_NAME} -eq 0 ]; then
+        return
+    fi
+
+    systemctl stop cryptpad
+    systemctl disable cryptpad
+    if [ -f /etc/systemd/system/cryptpad.service ]; then
+        rm /etc/systemd/system/cryptpad.service
+    fi
+
+    function_check remove_nodejs
+    remove_nodejs cryptpad
+
+    read_config_param "CRYPTPAD_DOMAIN_NAME"
+    read_config_param "MY_USERNAME"
+    echo "Removing $CRYPTPAD_DOMAIN_NAME"
+    nginx_dissite $CRYPTPAD_DOMAIN_NAME
+    remove_certs $CRYPTPAD_DOMAIN_NAME
+
+    if [ -d $CRYPTPAD_DIR ]; then
+        rm -rf $CRYPTPAD_DIR
+    fi
+    if [ -f /etc/nginx/sites-available/$CRYPTPAD_DOMAIN_NAME ]; then
+        rm /etc/nginx/sites-available/$CRYPTPAD_DOMAIN_NAME
+    fi
+    function_check remove_onion_service
+    remove_onion_service cryptpad ${CRYPTPAD_ONION_PORT}
+    remove_app cryptpad
+    remove_completion_param install_cryptpad
+    sed -i '/cryptpad/d' $COMPLETION_FILE
+
+    userdel -r cryptpad
+
+    function_check remove_ddns_domain
+    remove_ddns_domain $CRYPTPAD_DOMAIN_NAME
+}
+
+function install_cryptpad_main {
+    if [ ! $CRYPTPAD_DOMAIN_NAME ]; then
+        echo $'No domain name was given for cryptpad'
+        exit 7359
+    fi
+
+    if [[ $(app_is_installed cryptpad_main) == "1" ]]; then
+        return
+    fi
+
+    if [ ! -d /var/www/$CRYPTPAD_DOMAIN_NAME ]; then
+        mkdir /var/www/$CRYPTPAD_DOMAIN_NAME
+    fi
+    if [ ! -d $CRYPTPAD_DIR ]; then
+        mkdir -p $CRYPTPAD_DIR
+
+        function_check git_clone
+        git_clone $CRYPTPAD_REPO $CRYPTPAD_DIR
+        if [ ! -d $CRYPTPAD_DIR ]; then
+            echo $'Unable to clone cryptpad repo'
+            exit 783251
+        fi
+    fi
+
+    # an unprivileged user to run as
+    useradd -d $CRYPTPAD_DIR/ cryptpad
+
+    cd $CRYPTPAD_DIR
+    git checkout $CRYPTPAD_COMMIT -b $CRYPTPAD_COMMIT
+    set_completion_param "cryptpad commit" "$CRYPTPAD_COMMIT"
+
+    chown -R cryptpad:cryptpad $CRYPTPAD_COMMIT
+
+    function_check add_ddns_domain
+    add_ddns_domain $CRYPTPAD_DOMAIN_NAME
+
+    CRYPTPAD_ONION_HOSTNAME=$(add_onion_service cryptpad 80 ${CRYPTPAD_ONION_PORT})
+
+    cryptpad_nginx_site=/etc/nginx/sites-available/$CRYPTPAD_DOMAIN_NAME
+    if [[ $ONION_ONLY == "no" ]]; then
+        function_check nginx_http_redirect
+        nginx_http_redirect $CRYPTPAD_DOMAIN_NAME "index index.html"
+        echo 'server {' >> $cryptpad_nginx_site
+        echo '  listen 443 ssl;' >> $cryptpad_nginx_site
+        echo '  listen [::]:443 ssl;' >> $cryptpad_nginx_site
+        echo "  server_name $CRYPTPAD_DOMAIN_NAME;" >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  # Security' >> $cryptpad_nginx_site
+        function_check nginx_ssl mobile
+        nginx_ssl $CRYPTPAD_DOMAIN_NAME
+
+        function_check nginx_disable_sniffing
+        nginx_disable_sniffing $CRYPTPAD_DOMAIN_NAME
+
+        echo '  add_header Strict-Transport-Security max-age=15768000;' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  # Logs' >> $cryptpad_nginx_site
+        echo '  access_log /dev/null;' >> $cryptpad_nginx_site
+        echo '  error_log /dev/null;' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  # Root' >> $cryptpad_nginx_site
+        echo "  root $CRYPTPAD_DIR;" >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  index index.html;' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  location = / {' >> $cryptpad_nginx_site
+        echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;" >> $cryptpad_nginx_site
+        echo '    proxy_set_header X-Real-IP $remote_addr;' >> $cryptpad_nginx_site
+        echo '    proxy_set_header Host $host;' >> $cryptpad_nginx_site
+        echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '    # WebSocket support (nginx 1.4)' >> $cryptpad_nginx_site
+        echo '    proxy_http_version 1.1;' >> $cryptpad_nginx_site
+        echo '    proxy_set_header Upgrade $http_upgrade;' >> $cryptpad_nginx_site
+        echo '    proxy_set_header Connection upgrade;' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+
+        echo '  location ^~ /customize.dist/ {' >> $cryptpad_nginx_site
+        echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '  location ^~ /customize/ {' >> $cryptpad_nginx_site
+        echo '    rewrite ^/customize/(.*)$ $1 break;' >> $cryptpad_nginx_site
+        echo '    try_files /customize/$uri /customize.dist/$uri;' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '  location = /api/config {' >> $cryptpad_nginx_site
+        echo '    default_type text/javascript;' >> $cryptpad_nginx_site
+        echo '    rewrite ^.*$ /customize/api/config break;' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  location ^~ /blob/ {' >> $cryptpad_nginx_site
+        echo '    try_files $uri =404;' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
+        echo '    rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
+        echo '  }' >> $cryptpad_nginx_site
+        echo '' >> $cryptpad_nginx_site
+        echo '  try_files $uri $uri/index.html /customize/$uri;' >> $cryptpad_nginx_site
+        echo '}' >> $cryptpad_nginx_site
+    else
+        echo -n '' > $cryptpad_nginx_site
+    fi
+    echo 'server {' >> $cryptpad_nginx_site
+    echo "    listen 127.0.0.1:$CRYPTPAD_ONION_PORT default_server;" >> $cryptpad_nginx_site
+    echo "    server_name $CRYPTPAD_ONION_HOSTNAME;" >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  # Logs' >> $cryptpad_nginx_site
+    echo '  access_log /dev/null;' >> $cryptpad_nginx_site
+    echo '  error_log /dev/null;' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  # Root' >> $cryptpad_nginx_site
+    echo "  root $CRYPTPAD_DIR;" >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  index index.html;' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  location = / {' >> $cryptpad_nginx_site
+    echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;" >> $cryptpad_nginx_site
+    echo '    proxy_set_header X-Real-IP $remote_addr;' >> $cryptpad_nginx_site
+    echo '    proxy_set_header Host $host;' >> $cryptpad_nginx_site
+    echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '    # WebSocket support (nginx 1.4)' >> $cryptpad_nginx_site
+    echo '    proxy_http_version 1.1;' >> $cryptpad_nginx_site
+    echo '    proxy_set_header Upgrade $http_upgrade;' >> $cryptpad_nginx_site
+    echo '    proxy_set_header Connection upgrade;' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+
+    echo '  location ^~ /customize.dist/ {' >> $cryptpad_nginx_site
+    echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '  location ^~ /customize/ {' >> $cryptpad_nginx_site
+    echo '    rewrite ^/customize/(.*)$ $1 break;' >> $cryptpad_nginx_site
+    echo '    try_files /customize/$uri /customize.dist/$uri;' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '  location = /api/config {' >> $cryptpad_nginx_site
+    echo '    default_type text/javascript;' >> $cryptpad_nginx_site
+    echo '    rewrite ^.*$ /customize/api/config break;' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  location ^~ /blob/ {' >> $cryptpad_nginx_site
+    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
+    echo '    rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
+    echo '  }' >> $cryptpad_nginx_site
+    echo '' >> $cryptpad_nginx_site
+    echo '  try_files $uri $uri/index.html /customize/$uri;' >> $cryptpad_nginx_site
+    echo '}' >> $cryptpad_nginx_site
+
+    sed -i 's|DENY;|SAMEORIGIN;|g' $cryptpad_nginx_site
+
+    function_check create_site_certificate
+    create_site_certificate $CRYPTPAD_DOMAIN_NAME 'yes'
+
+    function_check nginx_ensite
+    nginx_ensite $CRYPTPAD_DOMAIN_NAME
+
+    ${PROJECT_NAME}-pass -u $MY_USERNAME -a cryptpad -p "$CRYPTPAD_ADMIN_PASSWORD"
+
+    set_completion_param "cryptpad domain" "$CRYPTPAD_DOMAIN_NAME"
+
+    install_completed cryptpad_main
+}
+
+function install_cryptpad {
+    if [ ! $ONION_ONLY ]; then
+        ONION_ONLY='no'
+    fi
+
+    function_check install_nodejs
+    install_nodejs cryptpad
+
+    install_cryptpad_main
+
+    cd $CRYPTPAD_DIR
+
+    npm install
+    npm install -g bower
+    bower install
+    cp config.example.js config.js
+    if [ ! -f config.js ]; then
+        echo $'Cryptpad config file not found'
+        exit 628252
+    fi
+
+    sed -i "s|httpPort:.*|httpPort: $CRYPTPAD_PORT,|g" config.js
+    sed -i "s|websocketPath:.*|websocketPath: '/',|g" config.js
+    sed -i "s|// domain:|domain:|g" config.js
+    sed -i 's|openFileLimit:.*|openFileLimit: 1024,|g' config.js
+    if [[ $ONION_ONLY == 'no' ]]; then
+        sed -i "s|domain:.*|domain: 'https://$CRYPTPAD_DOMAIN_NAME',|g" config.js
+    else
+        sed -i "s|domain:.*|domain: 'https://$CRYPTPAD_ONION_HOSTNAME',|g" config.js
+    fi
+
+    chown -R cryptpad:cryptpad $CRYPTPAD_DIR
+
+    # daemon
+    echo '[Unit]' > /etc/systemd/system/cryptpad.service
+    echo 'Description=Cryptpad' >> /etc/systemd/system/cryptpad.service
+    echo 'After=syslog.target' >> /etc/systemd/system/cryptpad.service
+    echo 'After=network.target' >> /etc/systemd/system/cryptpad.service
+    echo '' >> /etc/systemd/system/cryptpad.service
+    echo '[Service]' >> /etc/systemd/system/cryptpad.service
+    echo 'Type=simple' >> /etc/systemd/system/cryptpad.service
+    echo 'User=cryptpad' >> /etc/systemd/system/cryptpad.service
+    echo 'Group=cryptpad' >> /etc/systemd/system/cryptpad.service
+    echo "WorkingDirectory=$CRYPTPAD_DIR" >> /etc/systemd/system/cryptpad.service
+    echo "ExecStart=/usr/local/bin/node ./server.js" >> /etc/systemd/system/cryptpad.service
+    echo 'Restart=on-failure' >> /etc/systemd/system/cryptpad.service
+    echo '' >> /etc/systemd/system/cryptpad.service
+    echo '[Install]' >> /etc/systemd/system/cryptpad.service
+    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/cryptpad.service
+    systemctl enable cryptpad.service
+    systemctl daemon-reload
+    systemctl start cryptpad.service
+
+    systemctl restart nginx
+
+    APP_INSTALLED=1
+}
+
+# NOTE: deliberately there is no "exit 0"

src/freedombone-app-koel

@@ -323,6 +323,8 @@ function backup_local_koel {
 
     source_directory=/var/www/${KOEL_DOMAIN_NAME}/htdocs
     if [ -d $source_directory ]; then
+        systemctl stop koal
+
         dest_directory=koel
         function_check suspend_site
         suspend_site ${KOEL_DOMAIN_NAME}
@@ -335,6 +337,8 @@ function backup_local_koel {
 
         function_check restart_site
         restart_site
+
+        systemctl start koal
     fi
 }
 
@@ -345,6 +349,8 @@ function restore_local_koel {
     KOEL_DOMAIN_NAME=$(get_completion_param "koel domain")
     if [ $KOEL_DOMAIN_NAME ]; then
         echo $"Restoring koel"
+        systemctl stop koal
+
         temp_restore_dir=/root/tempkoel
         koel_dir=/var/www/${KOEL_DOMAIN_NAME}/htdocs
 
@@ -355,6 +361,7 @@ function restore_local_koel {
         if [ -d $temp_restore_dir ]; then
             rm -rf $temp_restore_dir
         fi
+        systemctl start koal
     fi
 }
 
@@ -363,6 +370,8 @@ function backup_remote_koel {
         KOEL_DOMAIN_NAME=$(get_completion_param "koel domain")
         temp_backup_dir=/var/www/${KOEL_DOMAIN_NAME}/htdocs
         if [ -d $temp_backup_dir ]; then
+            systemctl stop koal
+
             function_check suspend_site
             suspend_site ${KOEL_DOMAIN_NAME}
 
@@ -376,6 +385,8 @@ function backup_remote_koel {
 
             function_check restart_site
             restart_site
+
+            systemctl start koal
         else
             echo $"koel domain specified but not found in ${temp_backup_dir}"
         fi
@@ -385,11 +396,10 @@ function backup_remote_koel {
 function restore_remote_koel {
     if grep -q "koel domain" $COMPLETION_FILE; then
         echo $"Restoring koel"
-        KOEL_DOMAIN_NAME=$(get_completion_param "koel domain")
 
-        # stop the daemons
-        cd /var/www/${KOEL_DOMAIN_NAME}/htdocs
-        su -c "sh scripts/stopdaemons.sh" -s /bin/sh www-data
+        systemctl stop koal
+
+        KOEL_DOMAIN_NAME=$(get_completion_param "koel domain")
 
         function_check koel_create_database
         koel_create_database
@@ -400,9 +410,8 @@ function restore_remote_koel {
             rm -rf /root/tempkoel
         fi
 
-        # start the daemons
-        cd /var/www/${KOEL_DOMAIN_NAME}/htdocs
-        su -c "sh scripts/startdaemons.sh" -s /bin/sh www-data
+        systemctl start koal
+
         echo $"Restore of koel complete"
     fi
 }