|
|
@@ -32,528 +32,481 @@
|
|
32
|
32
|
SUSPENDED_SITE=
|
|
33
|
33
|
|
|
34
|
34
|
function suspend_site {
|
|
35
|
|
- # suspends a given website
|
|
36
|
|
- SUSPENDED_SITE="$1"
|
|
37
|
|
- nginx_dissite $SUSPENDED_SITE
|
|
38
|
|
- service nginx reload
|
|
|
35
|
+ # suspends a given website
|
|
|
36
|
+ SUSPENDED_SITE="$1"
|
|
|
37
|
+ nginx_dissite $SUSPENDED_SITE
|
|
|
38
|
+ service nginx reload
|
|
39
|
39
|
}
|
|
40
|
40
|
|
|
41
|
41
|
function restart_site {
|
|
42
|
|
- # restarts a given website
|
|
43
|
|
- if [ ! $SUSPENDED_SITE ]; then
|
|
44
|
|
- return
|
|
45
|
|
- fi
|
|
46
|
|
- nginx_ensite $SUSPENDED_SITE
|
|
47
|
|
- service nginx reload
|
|
48
|
|
- SUSPENDED_SITE=
|
|
|
42
|
+ # restarts a given website
|
|
|
43
|
+ if [ ! $SUSPENDED_SITE ]; then
|
|
|
44
|
+ return
|
|
|
45
|
+ fi
|
|
|
46
|
+ nginx_ensite $SUSPENDED_SITE
|
|
|
47
|
+ service nginx reload
|
|
|
48
|
+ SUSPENDED_SITE=
|
|
49
|
49
|
}
|
|
50
|
50
|
|
|
51
|
51
|
function configure_backup_key {
|
|
52
|
|
- if grep -Fxq "configure_backup_key" $COMPLETION_FILE; then
|
|
53
|
|
- return
|
|
54
|
|
- fi
|
|
55
|
|
- apt-get -y install gnupg
|
|
56
|
|
-
|
|
57
|
|
- BACKUP_KEY_EXISTS=$(gpg_key_exists "root" "$MY_NAME (backup key)")
|
|
58
|
|
- if [[ $BACKUP_KEY_EXISTS == "yes" ]]; then
|
|
59
|
|
- return
|
|
60
|
|
- fi
|
|
61
|
|
-
|
|
62
|
|
- # Generate a GPG key for backups
|
|
63
|
|
- BACKUP_KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_NAME (backup key)")
|
|
64
|
|
- if [[ $BACKUP_KEY_EXISTS == "no" ]]; then
|
|
65
|
|
- echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
|
|
66
|
|
- echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
67
|
|
- echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
68
|
|
- echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
69
|
|
- echo "Name-Real: $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
70
|
|
- echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
71
|
|
- echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
72
|
|
- echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
73
|
|
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
|
|
74
|
|
- echo $'Backup key does not exist. Creating it.'
|
|
75
|
|
- su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
|
|
76
|
|
- shred -zu /home/$MY_USERNAME/gpg-genkey.conf
|
|
77
|
|
- echo $'Checking that the Backup key was created'
|
|
78
|
|
- BACKUP_KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_NAME (backup key)")
|
|
79
|
|
- if [[ $BACKUP_KEY_EXISTS == "no" ]]; then
|
|
80
|
|
- echo $'Backup key could not be created'
|
|
81
|
|
- exit 43382
|
|
82
|
|
- fi
|
|
83
|
|
- fi
|
|
84
|
|
- MY_BACKUP_KEY_ID=$(su -c "gpg --list-keys \"$MY_NAME (backup key)\" | grep 'pub '" - $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
85
|
|
- echo "Backup key: $MY_BACKUP_KEY_ID"
|
|
86
|
|
- MY_BACKUP_KEY=/home/$MY_USERNAME/backup_key
|
|
87
|
|
- su -c "gpg --output ${MY_BACKUP_KEY}_public.asc --armor --export $MY_BACKUP_KEY_ID" - $MY_USERNAME
|
|
88
|
|
- su -c "gpg --output ${MY_BACKUP_KEY}_private.asc --armor --export-secret-key $MY_BACKUP_KEY_ID" - $MY_USERNAME
|
|
89
|
|
- if [ ! -f ${MY_BACKUP_KEY}_public.asc ]; then
|
|
90
|
|
- echo 'Public backup key could not be exported'
|
|
91
|
|
- exit 36829
|
|
92
|
|
- fi
|
|
93
|
|
- if [ ! -f ${MY_BACKUP_KEY}_private.asc ]; then
|
|
94
|
|
- echo 'Private backup key could not be exported'
|
|
95
|
|
- exit 29235
|
|
96
|
|
- fi
|
|
97
|
|
-
|
|
98
|
|
- # import backup key to root user
|
|
99
|
|
- gpg --import --import ${MY_BACKUP_KEY}_public.asc
|
|
100
|
|
- gpg --allow-secret-key-import --import ${MY_BACKUP_KEY}_private.asc
|
|
101
|
|
-
|
|
102
|
|
- shred -zu ${MY_BACKUP_KEY}_public.asc
|
|
103
|
|
- shred -zu ${MY_BACKUP_KEY}_private.asc
|
|
104
|
|
-
|
|
105
|
|
- echo 'configure_backup_key' >> $COMPLETION_FILE
|
|
|
52
|
+ if grep -Fxq "configure_backup_key" $COMPLETION_FILE; then
|
|
|
53
|
+ return
|
|
|
54
|
+ fi
|
|
|
55
|
+ apt-get -y install gnupg
|
|
|
56
|
+
|
|
|
57
|
+ BACKUP_KEY_EXISTS=$(gpg_key_exists "root" "$MY_NAME (backup key)")
|
|
|
58
|
+ if [[ $BACKUP_KEY_EXISTS == "yes" ]]; then
|
|
|
59
|
+ return
|
|
|
60
|
+ fi
|
|
|
61
|
+
|
|
|
62
|
+ # Generate a GPG key for backups
|
|
|
63
|
+ BACKUP_KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_NAME (backup key)")
|
|
|
64
|
+ if [[ $BACKUP_KEY_EXISTS == "no" ]]; then
|
|
|
65
|
+ echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
66
|
+ echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
67
|
+ echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
68
|
+ echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
69
|
+ echo "Name-Real: $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
70
|
+ echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
71
|
+ echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
72
|
+ echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
73
|
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
74
|
+ echo $'Backup key does not exist. Creating it.'
|
|
|
75
|
+ su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
|
|
|
76
|
+ shred -zu /home/$MY_USERNAME/gpg-genkey.conf
|
|
|
77
|
+ echo $'Checking that the Backup key was created'
|
|
|
78
|
+ BACKUP_KEY_EXISTS=$(gpg_key_exists "$MY_USERNAME" "$MY_NAME (backup key)")
|
|
|
79
|
+ if [[ $BACKUP_KEY_EXISTS == "no" ]]; then
|
|
|
80
|
+ echo $'Backup key could not be created'
|
|
|
81
|
+ exit 43382
|
|
|
82
|
+ fi
|
|
|
83
|
+ fi
|
|
|
84
|
+ MY_BACKUP_KEY_ID=$(su -c "gpg --list-keys \"$MY_NAME (backup key)\" | grep 'pub '" - $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
|
85
|
+ echo "Backup key: $MY_BACKUP_KEY_ID"
|
|
|
86
|
+ MY_BACKUP_KEY=/home/$MY_USERNAME/backup_key
|
|
|
87
|
+ su -c "gpg --output ${MY_BACKUP_KEY}_public.asc --armor --export $MY_BACKUP_KEY_ID" - $MY_USERNAME
|
|
|
88
|
+ su -c "gpg --output ${MY_BACKUP_KEY}_private.asc --armor --export-secret-key $MY_BACKUP_KEY_ID" - $MY_USERNAME
|
|
|
89
|
+ if [ ! -f ${MY_BACKUP_KEY}_public.asc ]; then
|
|
|
90
|
+ echo 'Public backup key could not be exported'
|
|
|
91
|
+ exit 36829
|
|
|
92
|
+ fi
|
|
|
93
|
+ if [ ! -f ${MY_BACKUP_KEY}_private.asc ]; then
|
|
|
94
|
+ echo 'Private backup key could not be exported'
|
|
|
95
|
+ exit 29235
|
|
|
96
|
+ fi
|
|
|
97
|
+
|
|
|
98
|
+ # import backup key to root user
|
|
|
99
|
+ gpg --import --import ${MY_BACKUP_KEY}_public.asc
|
|
|
100
|
+ gpg --allow-secret-key-import --import ${MY_BACKUP_KEY}_private.asc
|
|
|
101
|
+
|
|
|
102
|
+ shred -zu ${MY_BACKUP_KEY}_public.asc
|
|
|
103
|
+ shred -zu ${MY_BACKUP_KEY}_private.asc
|
|
|
104
|
+
|
|
|
105
|
+ echo 'configure_backup_key' >> $COMPLETION_FILE
|
|
106
|
106
|
}
|
|
107
|
107
|
|
|
108
|
108
|
function backup_to_friends_servers {
|
|
109
|
|
- # update crontab
|
|
110
|
|
- echo '#!/bin/bash' > /etc/cron.daily/backuptofriends
|
|
111
|
|
- echo "if [ -f /usr/local/bin/${PROJECT_NAME}-backup-remote ]; then" >> /etc/cron.daily/backuptofriends
|
|
112
|
|
- echo " /usr/local/bin/${PROJECT_NAME}-backup-remote" >> /etc/cron.daily/backuptofriends
|
|
113
|
|
- echo 'else' >> /etc/cron.daily/backuptofriends
|
|
114
|
|
- echo " /usr/bin/${PROJECT_NAME}-backup-remote" >> /etc/cron.daily/backuptofriends
|
|
115
|
|
- echo 'fi' >> /etc/cron.daily/backuptofriends
|
|
116
|
|
- chmod +x /etc/cron.daily/backuptofriends
|
|
|
109
|
+ # update crontab
|
|
|
110
|
+ echo '#!/bin/bash' > /etc/cron.daily/backuptofriends
|
|
|
111
|
+ echo "if [ -f /usr/local/bin/${PROJECT_NAME}-backup-remote ]; then" >> /etc/cron.daily/backuptofriends
|
|
|
112
|
+ echo " /usr/local/bin/${PROJECT_NAME}-backup-remote" >> /etc/cron.daily/backuptofriends
|
|
|
113
|
+ echo 'else' >> /etc/cron.daily/backuptofriends
|
|
|
114
|
+ echo " /usr/bin/${PROJECT_NAME}-backup-remote" >> /etc/cron.daily/backuptofriends
|
|
|
115
|
+ echo 'fi' >> /etc/cron.daily/backuptofriends
|
|
|
116
|
+ chmod +x /etc/cron.daily/backuptofriends
|
|
117
|
117
|
}
|
|
118
|
118
|
|
|
119
|
119
|
function backup_mount_drive {
|
|
120
|
|
- if [ $1 ]; then
|
|
121
|
|
- USB_DRIVE=/dev/${1}1
|
|
122
|
|
- fi
|
|
123
|
|
-
|
|
124
|
|
- # get the admin user
|
|
125
|
|
- ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
|
|
126
|
|
- if [ $2 ]; then
|
|
127
|
|
- ADMIN_USERNAME=$2
|
|
128
|
|
- fi
|
|
129
|
|
- ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1)
|
|
130
|
|
-
|
|
131
|
|
- if [ $3 ]; then
|
|
132
|
|
- RESTORE_APP=$3
|
|
133
|
|
- fi
|
|
134
|
|
-
|
|
135
|
|
- # check that the backup destination is available
|
|
136
|
|
- if [ ! -b $USB_DRIVE ]; then
|
|
137
|
|
- echo $"Please attach a USB drive"
|
|
138
|
|
- exit 1
|
|
139
|
|
- fi
|
|
140
|
|
-
|
|
141
|
|
- # unmount if already mounted
|
|
142
|
|
- umount -f $USB_MOUNT
|
|
143
|
|
- if [ ! -d $USB_MOUNT ]; then
|
|
144
|
|
- mkdir $USB_MOUNT
|
|
145
|
|
- fi
|
|
146
|
|
- if [ -f /dev/mapper/encrypted_usb ]; then
|
|
147
|
|
- rm -rf /dev/mapper/encrypted_usb
|
|
148
|
|
- fi
|
|
149
|
|
- cryptsetup luksClose encrypted_usb
|
|
150
|
|
-
|
|
151
|
|
- # mount the encrypted backup drive
|
|
152
|
|
- cryptsetup luksOpen $USB_DRIVE encrypted_usb
|
|
153
|
|
- if [ "$?" = "0" ]; then
|
|
154
|
|
- USB_DRIVE=/dev/mapper/encrypted_usb
|
|
155
|
|
- fi
|
|
156
|
|
- mount $USB_DRIVE $USB_MOUNT
|
|
157
|
|
- if [ ! "$?" = "0" ]; then
|
|
158
|
|
- echo $"There was a problem mounting the USB drive to $USB_MOUNT"
|
|
159
|
|
- rm -rf $USB_MOUNT
|
|
160
|
|
- exit 783452
|
|
161
|
|
- fi
|
|
|
120
|
+ if [ $1 ]; then
|
|
|
121
|
+ USB_DRIVE=/dev/${1}1
|
|
|
122
|
+ fi
|
|
|
123
|
+
|
|
|
124
|
+ # get the admin user
|
|
|
125
|
+ ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
|
|
|
126
|
+ if [ $2 ]; then
|
|
|
127
|
+ ADMIN_USERNAME=$2
|
|
|
128
|
+ fi
|
|
|
129
|
+ ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1)
|
|
|
130
|
+
|
|
|
131
|
+ if [ $3 ]; then
|
|
|
132
|
+ RESTORE_APP=$3
|
|
|
133
|
+ fi
|
|
|
134
|
+
|
|
|
135
|
+ # check that the backup destination is available
|
|
|
136
|
+ if [ ! -b $USB_DRIVE ]; then
|
|
|
137
|
+ echo $"Please attach a USB drive"
|
|
|
138
|
+ exit 1
|
|
|
139
|
+ fi
|
|
|
140
|
+
|
|
|
141
|
+ # unmount if already mounted
|
|
|
142
|
+ umount -f $USB_MOUNT
|
|
|
143
|
+ if [ ! -d $USB_MOUNT ]; then
|
|
|
144
|
+ mkdir $USB_MOUNT
|
|
|
145
|
+ fi
|
|
|
146
|
+ if [ -f /dev/mapper/encrypted_usb ]; then
|
|
|
147
|
+ rm -rf /dev/mapper/encrypted_usb
|
|
|
148
|
+ fi
|
|
|
149
|
+ cryptsetup luksClose encrypted_usb
|
|
|
150
|
+
|
|
|
151
|
+ # mount the encrypted backup drive
|
|
|
152
|
+ cryptsetup luksOpen $USB_DRIVE encrypted_usb
|
|
|
153
|
+ if [ "$?" = "0" ]; then
|
|
|
154
|
+ USB_DRIVE=/dev/mapper/encrypted_usb
|
|
|
155
|
+ fi
|
|
|
156
|
+ mount $USB_DRIVE $USB_MOUNT
|
|
|
157
|
+ if [ ! "$?" = "0" ]; then
|
|
|
158
|
+ echo $"There was a problem mounting the USB drive to $USB_MOUNT"
|
|
|
159
|
+ rm -rf $USB_MOUNT
|
|
|
160
|
+ exit 783452
|
|
|
161
|
+ fi
|
|
162
|
162
|
}
|
|
163
|
163
|
|
|
164
|
164
|
function backup_unmount_drive {
|
|
165
|
|
- if [ $1 ]; then
|
|
166
|
|
- USB_DRIVE=${1}
|
|
167
|
|
- if [ $2 ]; then
|
|
168
|
|
- USB_MOUNT=${2}
|
|
169
|
|
- fi
|
|
170
|
|
- fi
|
|
171
|
|
- sync
|
|
172
|
|
- umount $USB_MOUNT
|
|
173
|
|
- if [ ! "$?" = "0" ]; then
|
|
174
|
|
- echo $"Unable to unmount the drive."
|
|
175
|
|
- rm -rf $USB_MOUNT
|
|
176
|
|
- exit 9
|
|
177
|
|
- fi
|
|
178
|
|
- rm -rf $USB_MOUNT
|
|
179
|
|
- if [[ $USB_DRIVE == /dev/mapper/encrypted_usb ]]; then
|
|
180
|
|
- echo $"Unmount encrypted USB"
|
|
181
|
|
- cryptsetup luksClose encrypted_usb
|
|
182
|
|
- fi
|
|
183
|
|
- if [ -f /dev/mapper/encrypted_usb ]; then
|
|
184
|
|
- rm -rf /dev/mapper/encrypted_usb
|
|
185
|
|
- fi
|
|
|
165
|
+ if [ $1 ]; then
|
|
|
166
|
+ USB_DRIVE=${1}
|
|
|
167
|
+ if [ $2 ]; then
|
|
|
168
|
+ USB_MOUNT=${2}
|
|
|
169
|
+ fi
|
|
|
170
|
+ fi
|
|
|
171
|
+ sync
|
|
|
172
|
+ umount $USB_MOUNT
|
|
|
173
|
+ if [ ! "$?" = "0" ]; then
|
|
|
174
|
+ echo $"Unable to unmount the drive."
|
|
|
175
|
+ rm -rf $USB_MOUNT
|
|
|
176
|
+ exit 9
|
|
|
177
|
+ fi
|
|
|
178
|
+ rm -rf $USB_MOUNT
|
|
|
179
|
+ if [[ $USB_DRIVE == /dev/mapper/encrypted_usb ]]; then
|
|
|
180
|
+ echo $"Unmount encrypted USB"
|
|
|
181
|
+ cryptsetup luksClose encrypted_usb
|
|
|
182
|
+ fi
|
|
|
183
|
+ if [ -f /dev/mapper/encrypted_usb ]; then
|
|
|
184
|
+ rm -rf /dev/mapper/encrypted_usb
|
|
|
185
|
+ fi
|
|
186
|
186
|
}
|
|
187
|
187
|
|
|
188
|
188
|
function backup_database_local {
|
|
189
|
|
- if [ ${#DATABASE_PASSWORD} -lt 2 ]; then
|
|
190
|
|
- echo $"No MariaDB password was given"
|
|
191
|
|
- function_check restart_site
|
|
192
|
|
- restart_site
|
|
193
|
|
- exit 10
|
|
194
|
|
- fi
|
|
195
|
|
- if [ ! -d $USB_MOUNT/backup/${1} ]; then
|
|
196
|
|
- mkdir -p $USB_MOUNT/backup/${1}
|
|
197
|
|
- fi
|
|
198
|
|
- if [ ! -d $USB_MOUNT/backup/${1}data ]; then
|
|
199
|
|
- mkdir -p $USB_MOUNT/backup/${1}data
|
|
200
|
|
- fi
|
|
201
|
|
- if [ ! -d /root/temp${1}data ]; then
|
|
202
|
|
- mkdir -p /root/temp${1}data
|
|
203
|
|
- fi
|
|
204
|
|
- echo $"Obtaining ${1} database backup"
|
|
205
|
|
- mysqldump --lock-tables --password="$DATABASE_PASSWORD" ${1} > /root/temp${1}data/${1}.sql
|
|
206
|
|
- if [ ! -s /root/temp${1}data/${1}.sql ]; then
|
|
207
|
|
- echo $"${1} database could not be saved"
|
|
208
|
|
- shred -zu /root/temp${1}data/*
|
|
209
|
|
- rm -rf /root/temp${1}data
|
|
210
|
|
- umount $USB_MOUNT
|
|
211
|
|
- rm -rf $USB_MOUNT
|
|
212
|
|
- restart_site
|
|
213
|
|
- exit 6835872
|
|
214
|
|
- fi
|
|
|
189
|
+ if [ ${#DATABASE_PASSWORD} -lt 2 ]; then
|
|
|
190
|
+ echo $"No MariaDB password was given"
|
|
|
191
|
+ function_check restart_site
|
|
|
192
|
+ restart_site
|
|
|
193
|
+ exit 10
|
|
|
194
|
+ fi
|
|
|
195
|
+ if [ ! -d $USB_MOUNT/backup/${1} ]; then
|
|
|
196
|
+ mkdir -p $USB_MOUNT/backup/${1}
|
|
|
197
|
+ fi
|
|
|
198
|
+ if [ ! -d $USB_MOUNT/backup/${1}data ]; then
|
|
|
199
|
+ mkdir -p $USB_MOUNT/backup/${1}data
|
|
|
200
|
+ fi
|
|
|
201
|
+ if [ ! -d /root/temp${1}data ]; then
|
|
|
202
|
+ mkdir -p /root/temp${1}data
|
|
|
203
|
+ fi
|
|
|
204
|
+ echo $"Obtaining ${1} database backup"
|
|
|
205
|
+ mysqldump --lock-tables --password="$DATABASE_PASSWORD" ${1} > /root/temp${1}data/${1}.sql
|
|
|
206
|
+ if [ ! -s /root/temp${1}data/${1}.sql ]; then
|
|
|
207
|
+ echo $"${1} database could not be saved"
|
|
|
208
|
+ shred -zu /root/temp${1}data/*
|
|
|
209
|
+ rm -rf /root/temp${1}data
|
|
|
210
|
+ umount $USB_MOUNT
|
|
|
211
|
+ rm -rf $USB_MOUNT
|
|
|
212
|
+ restart_site
|
|
|
213
|
+ exit 6835872
|
|
|
214
|
+ fi
|
|
215
|
215
|
}
|
|
216
|
216
|
|
|
217
|
217
|
function backup_directory_to_usb {
|
|
218
|
|
- if [ ! -d ${1} ]; then
|
|
219
|
|
- echo $"WARNING: directory does not exist: ${1}"
|
|
220
|
|
- else
|
|
221
|
|
- BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)")
|
|
222
|
|
- if [ ! "$?" = "0" ]; then
|
|
223
|
|
- echo $"Backup key could not be found"
|
|
224
|
|
- function_check restart_site
|
|
225
|
|
- restart_site
|
|
226
|
|
- exit 6
|
|
227
|
|
- fi
|
|
228
|
|
- MY_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | grep 'pub ' | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
229
|
|
- if [ ! -d $USB_MOUNT/backup/${2} ]; then
|
|
230
|
|
- mkdir -p $USB_MOUNT/backup/${2}
|
|
231
|
|
- fi
|
|
232
|
|
- obnam force-lock -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
233
|
|
- obnam backup -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
234
|
|
- if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then
|
|
235
|
|
- obnam verify -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
236
|
|
- if [ ! "$?" = "0" ]; then
|
|
237
|
|
- umount $USB_MOUNT
|
|
238
|
|
- rm -rf $USB_MOUNT
|
|
239
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
240
|
|
- shred -zu ${1}/*
|
|
241
|
|
- rm -rf ${1}
|
|
242
|
|
- fi
|
|
243
|
|
- function_check restart_site
|
|
244
|
|
- restart_site
|
|
245
|
|
- exit 683252
|
|
246
|
|
- fi
|
|
247
|
|
- fi
|
|
248
|
|
- obnam forget --keep=30d -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID
|
|
249
|
|
- if [ ! "$?" = "0" ]; then
|
|
250
|
|
- umount $USB_MOUNT
|
|
251
|
|
- rm -rf $USB_MOUNT
|
|
252
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
253
|
|
- shred -zu ${1}/*
|
|
254
|
|
- rm -rf ${1}
|
|
255
|
|
- fi
|
|
256
|
|
- function_check restart_site
|
|
257
|
|
- restart_site
|
|
258
|
|
- exit 7
|
|
259
|
|
- fi
|
|
260
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
261
|
|
- shred -zu ${1}/*
|
|
262
|
|
- rm -rf ${1}
|
|
263
|
|
- fi
|
|
264
|
|
- fi
|
|
|
218
|
+ if [ ! -d ${1} ]; then
|
|
|
219
|
+ echo $"WARNING: directory does not exist: ${1}"
|
|
|
220
|
+ else
|
|
|
221
|
+ BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)")
|
|
|
222
|
+ if [ ! "$?" = "0" ]; then
|
|
|
223
|
+ echo $"Backup key could not be found"
|
|
|
224
|
+ function_check restart_site
|
|
|
225
|
+ restart_site
|
|
|
226
|
+ exit 6
|
|
|
227
|
+ fi
|
|
|
228
|
+ MY_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | grep 'pub ' | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
|
229
|
+ if [ ! -d $USB_MOUNT/backup/${2} ]; then
|
|
|
230
|
+ mkdir -p $USB_MOUNT/backup/${2}
|
|
|
231
|
+ fi
|
|
|
232
|
+ obnam force-lock -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
|
233
|
+ obnam backup -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
|
234
|
+ if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then
|
|
|
235
|
+ obnam verify -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
|
|
|
236
|
+ if [ ! "$?" = "0" ]; then
|
|
|
237
|
+ umount $USB_MOUNT
|
|
|
238
|
+ rm -rf $USB_MOUNT
|
|
|
239
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
240
|
+ shred -zu ${1}/*
|
|
|
241
|
+ rm -rf ${1}
|
|
|
242
|
+ fi
|
|
|
243
|
+ function_check restart_site
|
|
|
244
|
+ restart_site
|
|
|
245
|
+ exit 683252
|
|
|
246
|
+ fi
|
|
|
247
|
+ fi
|
|
|
248
|
+ obnam forget --keep=30d -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID
|
|
|
249
|
+ if [ ! "$?" = "0" ]; then
|
|
|
250
|
+ umount $USB_MOUNT
|
|
|
251
|
+ rm -rf $USB_MOUNT
|
|
|
252
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
253
|
+ shred -zu ${1}/*
|
|
|
254
|
+ rm -rf ${1}
|
|
|
255
|
+ fi
|
|
|
256
|
+ function_check restart_site
|
|
|
257
|
+ restart_site
|
|
|
258
|
+ exit 7
|
|
|
259
|
+ fi
|
|
|
260
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
261
|
+ shred -zu ${1}/*
|
|
|
262
|
+ rm -rf ${1}
|
|
|
263
|
+ fi
|
|
|
264
|
+ fi
|
|
265
|
265
|
}
|
|
266
|
266
|
|
|
267
|
267
|
function backup_database_to_usb {
|
|
268
|
|
- database_name=$1
|
|
269
|
|
- backup_database_local $database_name
|
|
270
|
|
- backup_directory_to_usb /root/temp${database_name}data ${database_name}data
|
|
|
268
|
+ database_name=$1
|
|
|
269
|
+ backup_database_local $database_name
|
|
|
270
|
+ backup_directory_to_usb /root/temp${database_name}data ${database_name}data
|
|
271
|
271
|
}
|
|
272
|
272
|
|
|
273
|
273
|
# after user files have been restored permissions may need to be set
|
|
274
|
274
|
function set_user_permissions {
|
|
275
|
|
- echo $"Setting permissions"
|
|
276
|
|
- for d in /home/*/ ; do
|
|
277
|
|
- USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
|
|
278
|
|
- if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
|
|
279
|
|
- chown -R $USERNAME:$USERNAME /home/$USERNAME
|
|
280
|
|
- fi
|
|
281
|
|
- done
|
|
|
275
|
+ echo $"Setting permissions"
|
|
|
276
|
+ for d in /home/*/ ; do
|
|
|
277
|
+ USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
|
|
|
278
|
+ if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
|
|
|
279
|
+ chown -R $USERNAME:$USERNAME /home/$USERNAME
|
|
|
280
|
+ fi
|
|
|
281
|
+ done
|
|
282
|
282
|
}
|
|
283
|
283
|
|
|
284
|
284
|
function backup_directory_to_friend {
|
|
285
|
|
- BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)")
|
|
286
|
|
- if [ ! "$?" = "0" ]; then
|
|
287
|
|
- echo $"Backup key could not be found"
|
|
288
|
|
- function_check restart_site
|
|
289
|
|
- restart_site
|
|
290
|
|
- exit 43382
|
|
291
|
|
- fi
|
|
292
|
|
- ADMIN_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | grep 'pub ' | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
293
|
|
- if [ ! -d $SERVER_DIRECTORY/backup/${2} ]; then
|
|
294
|
|
- mkdir -p $SERVER_DIRECTORY/backup/${2}
|
|
295
|
|
- fi
|
|
296
|
|
- obnam force-lock -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
297
|
|
- obnam backup -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
298
|
|
- if [[ $ENABLE_VERIFICATION == "yes" ]]; then
|
|
299
|
|
- obnam verify -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
300
|
|
- if [ ! "$?" = "0" ]; then
|
|
301
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
302
|
|
- shred -zu /root/temp${2}/*
|
|
303
|
|
- rm -rf /root/temp${2}
|
|
304
|
|
- fi
|
|
305
|
|
- # Send a warning email
|
|
306
|
|
- echo "Unable to verify ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
|
|
307
|
|
- function_check restart_site
|
|
308
|
|
- restart_site
|
|
309
|
|
- exit 953
|
|
310
|
|
- fi
|
|
311
|
|
- fi
|
|
312
|
|
- obnam forget --keep=30d -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID}
|
|
313
|
|
- if [ ! "$?" = "0" ]; then
|
|
314
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
315
|
|
- shred -zu /root/temp${2}/*
|
|
316
|
|
- rm -rf /root/temp${2}
|
|
317
|
|
- fi
|
|
318
|
|
- # Send a warning email
|
|
319
|
|
- echo "Unable to backup ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
|
|
320
|
|
- function_check restart_site
|
|
321
|
|
- restart_site
|
|
322
|
|
- exit 853
|
|
323
|
|
- fi
|
|
324
|
|
- if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
325
|
|
- shred -zu /root/temp${2}/*
|
|
326
|
|
- rm -rf /root/temp${2}
|
|
327
|
|
- fi
|
|
|
285
|
+ BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)")
|
|
|
286
|
+ if [ ! "$?" = "0" ]; then
|
|
|
287
|
+ echo $"Backup key could not be found"
|
|
|
288
|
+ function_check restart_site
|
|
|
289
|
+ restart_site
|
|
|
290
|
+ exit 43382
|
|
|
291
|
+ fi
|
|
|
292
|
+ ADMIN_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | grep 'pub ' | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
|
293
|
+ if [ ! -d $SERVER_DIRECTORY/backup/${2} ]; then
|
|
|
294
|
+ mkdir -p $SERVER_DIRECTORY/backup/${2}
|
|
|
295
|
+ fi
|
|
|
296
|
+ obnam force-lock -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
|
297
|
+ obnam backup -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
|
298
|
+ if [[ $ENABLE_VERIFICATION == "yes" ]]; then
|
|
|
299
|
+ obnam verify -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
|
|
|
300
|
+ if [ ! "$?" = "0" ]; then
|
|
|
301
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
302
|
+ shred -zu /root/temp${2}/*
|
|
|
303
|
+ rm -rf /root/temp${2}
|
|
|
304
|
+ fi
|
|
|
305
|
+ # Send a warning email
|
|
|
306
|
+ echo "Unable to verify ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
|
|
|
307
|
+ function_check restart_site
|
|
|
308
|
+ restart_site
|
|
|
309
|
+ exit 953
|
|
|
310
|
+ fi
|
|
|
311
|
+ fi
|
|
|
312
|
+ obnam forget --keep=30d -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID}
|
|
|
313
|
+ if [ ! "$?" = "0" ]; then
|
|
|
314
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
315
|
+ shred -zu /root/temp${2}/*
|
|
|
316
|
+ rm -rf /root/temp${2}
|
|
|
317
|
+ fi
|
|
|
318
|
+ # Send a warning email
|
|
|
319
|
+ echo "Unable to backup ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
|
|
|
320
|
+ function_check restart_site
|
|
|
321
|
+ restart_site
|
|
|
322
|
+ exit 853
|
|
|
323
|
+ fi
|
|
|
324
|
+ if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
|
|
|
325
|
+ shred -zu /root/temp${2}/*
|
|
|
326
|
+ rm -rf /root/temp${2}
|
|
|
327
|
+ fi
|
|
328
|
328
|
}
|
|
329
|
329
|
|
|
330
|
330
|
function backup_database_remote {
|
|
331
|
|
- if [ ${#DATABASE_PASSWORD} -lt 2 ]; then
|
|
332
|
|
- echo $"No MariaDB password was given"
|
|
333
|
|
- function_check restart_site
|
|
334
|
|
- restart_site
|
|
335
|
|
- exit 5783
|
|
336
|
|
- fi
|
|
337
|
|
- if [ ! -d $SERVER_DIRECTORY/backup/${1} ]; then
|
|
338
|
|
- mkdir -p $SERVER_DIRECTORY/backup/${1}
|
|
339
|
|
- fi
|
|
340
|
|
- if [ ! -d $SERVER_DIRECTORY/backup/${1}data ]; then
|
|
341
|
|
- mkdir -p $SERVER_DIRECTORY/backup/${1}data
|
|
342
|
|
- fi
|
|
343
|
|
- if [ ! -d /root/temp${1}data ]; then
|
|
344
|
|
- mkdir -p /root/temp${1}data
|
|
345
|
|
- fi
|
|
346
|
|
- echo "Obtaining ${1} database backup"
|
|
347
|
|
- mysqldump --password=$DATABASE_PASSWORD ${1} > /root/temp${1}data/${1}.sql
|
|
348
|
|
- if [ ! -s /root/temp${1}data/${1}.sql ]; then
|
|
349
|
|
- echo $"${1} database could not be saved"
|
|
350
|
|
- shred -zu /root/temp${1}data/*
|
|
351
|
|
- rm -rf /root/temp${1}data
|
|
352
|
|
- # Send a warning email
|
|
353
|
|
- echo $"Unable to export ${1} database" | mail -s $"${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS
|
|
354
|
|
- function_check restart_site
|
|
355
|
|
- restart_site
|
|
356
|
|
- exit 5738
|
|
357
|
|
- fi
|
|
|
331
|
+ if [ ${#DATABASE_PASSWORD} -lt 2 ]; then
|
|
|
332
|
+ echo $"No MariaDB password was given"
|
|
|
333
|
+ function_check restart_site
|
|
|
334
|
+ restart_site
|
|
|
335
|
+ exit 5783
|
|
|
336
|
+ fi
|
|
|
337
|
+ if [ ! -d $SERVER_DIRECTORY/backup/${1} ]; then
|
|
|
338
|
+ mkdir -p $SERVER_DIRECTORY/backup/${1}
|
|
|
339
|
+ fi
|
|
|
340
|
+ if [ ! -d $SERVER_DIRECTORY/backup/${1}data ]; then
|
|
|
341
|
+ mkdir -p $SERVER_DIRECTORY/backup/${1}data
|
|
|
342
|
+ fi
|
|
|
343
|
+ if [ ! -d /root/temp${1}data ]; then
|
|
|
344
|
+ mkdir -p /root/temp${1}data
|
|
|
345
|
+ fi
|
|
|
346
|
+ echo "Obtaining ${1} database backup"
|
|
|
347
|
+ mysqldump --password=$DATABASE_PASSWORD ${1} > /root/temp${1}data/${1}.sql
|
|
|
348
|
+ if [ ! -s /root/temp${1}data/${1}.sql ]; then
|
|
|
349
|
+ echo $"${1} database could not be saved"
|
|
|
350
|
+ shred -zu /root/temp${1}data/*
|
|
|
351
|
+ rm -rf /root/temp${1}data
|
|
|
352
|
+ # Send a warning email
|
|
|
353
|
+ echo $"Unable to export ${1} database" | mail -s $"${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS
|
|
|
354
|
+ function_check restart_site
|
|
|
355
|
+ restart_site
|
|
|
356
|
+ exit 5738
|
|
|
357
|
+ fi
|
|
358
|
358
|
}
|
|
359
|
359
|
|
|
360
|
360
|
function backup_database_to_friend {
|
|
361
|
|
- database_name=$1
|
|
362
|
|
- backup_database_remote $database_name
|
|
363
|
|
- backup_directory_to_friend /root/temp${database_name}data ${database_name}data
|
|
|
361
|
+ database_name=$1
|
|
|
362
|
+ backup_database_remote $database_name
|
|
|
363
|
+ backup_directory_to_friend /root/temp${database_name}data ${database_name}data
|
|
364
|
364
|
}
|
|
365
|
365
|
|
|
366
|
366
|
function backup_apps {
|
|
367
|
|
- localremote=$1
|
|
368
|
|
- FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
|
|
369
|
|
-
|
|
370
|
|
- BACKUP_APPS_COMPLETED=()
|
|
371
|
|
-
|
|
372
|
|
- # for all the app scripts
|
|
373
|
|
- for filename in $FILES
|
|
374
|
|
- do
|
|
375
|
|
- app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
|
|
376
|
|
- if [[ $(item_in_array ${app_name} ${BACKUP_APPS_COMPLETED[@]}) != 0 ]]; then
|
|
377
|
|
- if [[ "$(app_is_installed $a)" == "1" ]]; then
|
|
378
|
|
- BACKUP_APPS_COMPLETED+=("${app_name}")
|
|
379
|
|
- backup_${localremote}_${app_name}
|
|
380
|
|
- fi
|
|
381
|
|
- fi
|
|
382
|
|
- done
|
|
|
367
|
+ localremote=$1
|
|
|
368
|
+ FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
|
|
|
369
|
+
|
|
|
370
|
+ BACKUP_APPS_COMPLETED=()
|
|
|
371
|
+
|
|
|
372
|
+ # for all the app scripts
|
|
|
373
|
+ for filename in $FILES
|
|
|
374
|
+ do
|
|
|
375
|
+ app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
|
|
|
376
|
+ if [[ $(item_in_array ${app_name} ${BACKUP_APPS_COMPLETED[@]}) != 0 ]]; then
|
|
|
377
|
+ if [[ "$(app_is_installed $a)" == "1" ]]; then
|
|
|
378
|
+ BACKUP_APPS_COMPLETED+=("${app_name}")
|
|
|
379
|
+ backup_${localremote}_${app_name}
|
|
|
380
|
+ fi
|
|
|
381
|
+ fi
|
|
|
382
|
+ done
|
|
383
|
383
|
}
|
|
384
|
384
|
|
|
385
|
385
|
function restore_apps {
|
|
386
|
|
- localremote=$1
|
|
387
|
|
- FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
|
|
388
|
|
-
|
|
389
|
|
- RESTORE_APPS_COMPLETED=()
|
|
390
|
|
-
|
|
391
|
|
- # for all the app scripts
|
|
392
|
|
- for filename in $FILES
|
|
393
|
|
- do
|
|
394
|
|
- app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
|
|
395
|
|
- if [[ $RESTORE_APP == 'all' || $RESTORE_APP == "${app_name}" ]]; then
|
|
396
|
|
- if [[ $(item_in_array ${app_name} ${RESTORE_APPS_COMPLETED[@]}) != 0 ]]; then
|
|
397
|
|
- function_check app_is_installed
|
|
398
|
|
- if [[ "$(app_is_installed $a)" == "1" ]]; then
|
|
399
|
|
- RESTORE_APPS_COMPLETED+=("${app_name}")
|
|
400
|
|
- function_check restore_${localremote}_${app_name}
|
|
401
|
|
- restore_${localremote}_${app_name}
|
|
402
|
|
- fi
|
|
403
|
|
- fi
|
|
404
|
|
- fi
|
|
405
|
|
- done
|
|
|
386
|
+ localremote=$1
|
|
|
387
|
+ FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
|
|
|
388
|
+
|
|
|
389
|
+ RESTORE_APPS_COMPLETED=()
|
|
|
390
|
+
|
|
|
391
|
+ # for all the app scripts
|
|
|
392
|
+ for filename in $FILES
|
|
|
393
|
+ do
|
|
|
394
|
+ app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
|
|
|
395
|
+ if [[ $RESTORE_APP == 'all' || $RESTORE_APP == "${app_name}" ]]; then
|
|
|
396
|
+ if [[ $(item_in_array ${app_name} ${RESTORE_APPS_COMPLETED[@]}) != 0 ]]; then
|
|
|
397
|
+ function_check app_is_installed
|
|
|
398
|
+ if [[ "$(app_is_installed $a)" == "1" ]]; then
|
|
|
399
|
+ RESTORE_APPS_COMPLETED+=("${app_name}")
|
|
|
400
|
+ function_check restore_${localremote}_${app_name}
|
|
|
401
|
+ restore_${localremote}_${app_name}
|
|
|
402
|
+ fi
|
|
|
403
|
+ fi
|
|
|
404
|
+ fi
|
|
|
405
|
+ done
|
|
406
|
406
|
}
|
|
407
|
407
|
|
|
408
|
408
|
function restore_database_from_friend {
|
|
409
|
|
- DATABASE_PASSWORD=
|
|
410
|
|
- RESTORE_SUBDIR="root"
|
|
411
|
|
-
|
|
412
|
|
- if [ -d $SERVER_DIRECTORY/backup/${1} ]; then
|
|
413
|
|
- echo $"Restoring ${1} database"
|
|
414
|
|
- restore_directory_from_friend /root/temp${1}data ${1}data
|
|
415
|
|
- if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then
|
|
416
|
|
- echo $"Unable to restore ${1} database"
|
|
417
|
|
- rm -rf /root/temp${1}data
|
|
418
|
|
- exit 503
|
|
419
|
|
- fi
|
|
420
|
|
- mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql)
|
|
421
|
|
- if [ ! "$?" = "0" ]; then
|
|
422
|
|
- echo "$mysqlsuccess"
|
|
423
|
|
- exit 964
|
|
424
|
|
- fi
|
|
425
|
|
- shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/*
|
|
426
|
|
- rm -rf /root/temp${1}data
|
|
427
|
|
- echo $"Restoring ${1} installation"
|
|
428
|
|
- restore_directory_from_friend /root/temp${1} ${1}
|
|
429
|
|
- RESTORE_SUBDIR="var"
|
|
430
|
|
- if [ ${1} ]; then
|
|
431
|
|
-
|
|
432
|
|
- # special handling of ttrss
|
|
433
|
|
- if [[ ${2} == "ttrss" ]]; then
|
|
434
|
|
- if [ -d /etc/share/tt-rss ]; then
|
|
435
|
|
- rm -rf /etc/share/tt-rss
|
|
436
|
|
- mv /root/temp${1}/etc/share/tt-rss /etc/share/
|
|
437
|
|
- if [ ! "$?" = "0" ]; then
|
|
438
|
|
- exit 639
|
|
439
|
|
- fi
|
|
440
|
|
- if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
441
|
|
- ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
442
|
|
- ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
443
|
|
- else
|
|
444
|
|
- # Ensure that the bundled SSL cert is being used
|
|
445
|
|
- if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
446
|
|
- sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
447
|
|
- fi
|
|
448
|
|
- fi
|
|
449
|
|
- fi
|
|
450
|
|
- fi
|
|
451
|
|
-
|
|
452
|
|
- if [ -d /var/www/${2}/htdocs ]; then
|
|
453
|
|
- if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then
|
|
454
|
|
- rm -rf /var/www/${2}/htdocs
|
|
455
|
|
- mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/
|
|
456
|
|
- if [ ! "$?" = "0" ]; then
|
|
457
|
|
- exit 683
|
|
458
|
|
- fi
|
|
459
|
|
- if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
460
|
|
- ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
461
|
|
- ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
462
|
|
- else
|
|
463
|
|
- # Ensure that the bundled SSL cert is being used
|
|
464
|
|
- if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
465
|
|
- sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
466
|
|
- fi
|
|
467
|
|
- fi
|
|
468
|
|
- fi
|
|
469
|
|
- fi
|
|
470
|
|
- fi
|
|
471
|
|
- fi
|
|
|
409
|
+ DATABASE_PASSWORD=
|
|
|
410
|
+ RESTORE_SUBDIR="root"
|
|
|
411
|
+
|
|
|
412
|
+ if [ -d $SERVER_DIRECTORY/backup/${1} ]; then
|
|
|
413
|
+ echo $"Restoring ${1} database"
|
|
|
414
|
+ restore_directory_from_friend /root/temp${1}data ${1}data
|
|
|
415
|
+ if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then
|
|
|
416
|
+ echo $"Unable to restore ${1} database"
|
|
|
417
|
+ rm -rf /root/temp${1}data
|
|
|
418
|
+ exit 503
|
|
|
419
|
+ fi
|
|
|
420
|
+ mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql)
|
|
|
421
|
+ if [ ! "$?" = "0" ]; then
|
|
|
422
|
+ echo "$mysqlsuccess"
|
|
|
423
|
+ exit 964
|
|
|
424
|
+ fi
|
|
|
425
|
+ shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/*
|
|
|
426
|
+ rm -rf /root/temp${1}data
|
|
|
427
|
+ echo $"Restoring ${1} installation"
|
|
|
428
|
+ restore_directory_from_friend /root/temp${1} ${1}
|
|
|
429
|
+ RESTORE_SUBDIR="var"
|
|
|
430
|
+ if [ ${1} ]; then
|
|
|
431
|
+ if [ -d /var/www/${2}/htdocs ]; then
|
|
|
432
|
+ if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then
|
|
|
433
|
+ rm -rf /var/www/${2}/htdocs
|
|
|
434
|
+ mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/
|
|
|
435
|
+ if [ ! "$?" = "0" ]; then
|
|
|
436
|
+ exit 683
|
|
|
437
|
+ fi
|
|
|
438
|
+ if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
|
439
|
+ ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
|
440
|
+ ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
|
441
|
+ else
|
|
|
442
|
+ # Ensure that the bundled SSL cert is being used
|
|
|
443
|
+ if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
|
444
|
+ sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
|
445
|
+ fi
|
|
|
446
|
+ fi
|
|
|
447
|
+ fi
|
|
|
448
|
+ fi
|
|
|
449
|
+ fi
|
|
|
450
|
+ fi
|
|
472
|
451
|
}
|
|
473
|
452
|
|
|
474
|
453
|
function restore_database {
|
|
475
|
|
- RESTORE_SUBDIR="root"
|
|
476
|
|
-
|
|
477
|
|
- if [ -d $USB_MOUNT/backup/${1} ]; then
|
|
478
|
|
- echo $"Restoring ${1} database"
|
|
479
|
|
- function_check restore_directory_from_usb
|
|
480
|
|
- restore_directory_from_usb "/root/temp${1}data" "${1}data"
|
|
481
|
|
- if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then
|
|
482
|
|
- echo $"Unable to restore ${1} database"
|
|
483
|
|
- rm -rf /root/temp${1}data
|
|
484
|
|
- function_check set_user_permissions
|
|
485
|
|
- set_user_permissions
|
|
486
|
|
- function_check backup_unmount_drive
|
|
487
|
|
- backup_unmount_drive
|
|
488
|
|
- exit 503
|
|
489
|
|
- fi
|
|
490
|
|
- mysqlsuccess=$(mysql -u root --password=$DATABASE_PASSWORD ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql)
|
|
491
|
|
- if [ ! "$?" = "0" ]; then
|
|
492
|
|
- echo "$mysqlsuccess"
|
|
493
|
|
- function_check set_user_permissions
|
|
494
|
|
- set_user_permissions
|
|
495
|
|
- function_check set_user_permissions
|
|
496
|
|
- backup_unmount_drive
|
|
497
|
|
- exit 964
|
|
498
|
|
- fi
|
|
499
|
|
- shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/*
|
|
500
|
|
- rm -rf /root/temp${1}data
|
|
501
|
|
- echo $"Restoring ${1} installation"
|
|
502
|
|
- if [ ! -d /root/temp${1} ]; then
|
|
503
|
|
- mkdir /root/temp${1}
|
|
504
|
|
- fi
|
|
505
|
|
- function_check restore_directory_from_usb
|
|
506
|
|
- restore_directory_from_usb "/root/temp${1}" "${1}"
|
|
507
|
|
- RESTORE_SUBDIR="var"
|
|
508
|
|
- if [ ${2} ]; then
|
|
509
|
|
- # special handline of ttrss
|
|
510
|
|
- if [[ ${2} == "ttrss" ]]; then
|
|
511
|
|
- if [ -d /etc/share/tt-rss ]; then
|
|
512
|
|
- if [ -d /root/temp${1}/etc/share/tt-rss ]; then
|
|
513
|
|
- rm -rf /etc/share/tt-rss
|
|
514
|
|
- mv /root/temp${1}/etc/share/tt-rss /etc/share/
|
|
515
|
|
- if [ ! "$?" = "0" ]; then
|
|
516
|
|
- function_check set_user_permissions
|
|
517
|
|
- set_user_permissions
|
|
518
|
|
- function_check backup_unmount_drive
|
|
519
|
|
- backup_unmount_drive
|
|
520
|
|
- exit 528
|
|
521
|
|
- fi
|
|
522
|
|
- if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
523
|
|
- ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
524
|
|
- ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
525
|
|
- else
|
|
526
|
|
- # Ensure that the bundled SSL cert is being used
|
|
527
|
|
- if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
528
|
|
- sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
529
|
|
- fi
|
|
530
|
|
- fi
|
|
531
|
|
- fi
|
|
532
|
|
- fi
|
|
533
|
|
- fi
|
|
534
|
|
-
|
|
535
|
|
- if [ -d /var/www/${2}/htdocs ]; then
|
|
536
|
|
- if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then
|
|
537
|
|
- rm -rf /var/www/${2}/htdocs
|
|
538
|
|
- mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/
|
|
539
|
|
- if [ ! "$?" = "0" ]; then
|
|
540
|
|
- set_user_permissions
|
|
541
|
|
- backup_unmount_drive
|
|
542
|
|
- exit 683
|
|
543
|
|
- fi
|
|
544
|
|
- if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
545
|
|
- ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
546
|
|
- ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
547
|
|
- else
|
|
548
|
|
- # Ensure that the bundled SSL cert is being used
|
|
549
|
|
- if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
550
|
|
- sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
551
|
|
- fi
|
|
552
|
|
- fi
|
|
553
|
|
- fi
|
|
554
|
|
- fi
|
|
555
|
|
- fi
|
|
556
|
|
- fi
|
|
|
454
|
+ RESTORE_SUBDIR="root"
|
|
|
455
|
+
|
|
|
456
|
+ if [ -d $USB_MOUNT/backup/${1} ]; then
|
|
|
457
|
+ echo $"Restoring ${1} database"
|
|
|
458
|
+ function_check restore_directory_from_usb
|
|
|
459
|
+ restore_directory_from_usb "/root/temp${1}data" "${1}data"
|
|
|
460
|
+ if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then
|
|
|
461
|
+ echo $"Unable to restore ${1} database"
|
|
|
462
|
+ rm -rf /root/temp${1}data
|
|
|
463
|
+ function_check set_user_permissions
|
|
|
464
|
+ set_user_permissions
|
|
|
465
|
+ function_check backup_unmount_drive
|
|
|
466
|
+ backup_unmount_drive
|
|
|
467
|
+ exit 503
|
|
|
468
|
+ fi
|
|
|
469
|
+ mysqlsuccess=$(mysql -u root --password=$DATABASE_PASSWORD ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql)
|
|
|
470
|
+ if [ ! "$?" = "0" ]; then
|
|
|
471
|
+ echo "$mysqlsuccess"
|
|
|
472
|
+ function_check set_user_permissions
|
|
|
473
|
+ set_user_permissions
|
|
|
474
|
+ function_check set_user_permissions
|
|
|
475
|
+ backup_unmount_drive
|
|
|
476
|
+ exit 964
|
|
|
477
|
+ fi
|
|
|
478
|
+ shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/*
|
|
|
479
|
+ rm -rf /root/temp${1}data
|
|
|
480
|
+ echo $"Restoring ${1} installation"
|
|
|
481
|
+ if [ ! -d /root/temp${1} ]; then
|
|
|
482
|
+ mkdir /root/temp${1}
|
|
|
483
|
+ fi
|
|
|
484
|
+ function_check restore_directory_from_usb
|
|
|
485
|
+ restore_directory_from_usb "/root/temp${1}" "${1}"
|
|
|
486
|
+ RESTORE_SUBDIR="var"
|
|
|
487
|
+ if [ ${2} ]; then
|
|
|
488
|
+ if [ -d /var/www/${2}/htdocs ]; then
|
|
|
489
|
+ if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then
|
|
|
490
|
+ rm -rf /var/www/${2}/htdocs
|
|
|
491
|
+ mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/
|
|
|
492
|
+ if [ ! "$?" = "0" ]; then
|
|
|
493
|
+ set_user_permissions
|
|
|
494
|
+ backup_unmount_drive
|
|
|
495
|
+ exit 683
|
|
|
496
|
+ fi
|
|
|
497
|
+ if [ -d /etc/letsencrypt/live/${2} ]; then
|
|
|
498
|
+ ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key
|
|
|
499
|
+ ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem
|
|
|
500
|
+ else
|
|
|
501
|
+ # Ensure that the bundled SSL cert is being used
|
|
|
502
|
+ if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then
|
|
|
503
|
+ sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}
|
|
|
504
|
+ fi
|
|
|
505
|
+ fi
|
|
|
506
|
+ fi
|
|
|
507
|
+ fi
|
|
|
508
|
+ fi
|
|
|
509
|
+ fi
|
|
557
|
510
|
}
|
|
558
|
511
|
|
|
559
|
512
|
# NOTE: deliberately no exit 0
|
Bob Mottram
8 년 전