浏览代码

Optionally encrypt backups

Bob Mottram 11 年前
父节点
当前提交
ba258238f3
共有 1 个文件被更改,包括 27 次插入6 次删除
  1. 27
    6
      install-freedombone.sh

+ 27
- 6
install-freedombone.sh 查看文件

@@ -174,6 +174,9 @@ MAX_PHP_MEMORY=32
174 174
 # default MariaDB password
175 175
 MARIADB_PASSWORD=
176 176
 
177
+# Whether to encrypt backups to the USB drive
178
+ENCRYPT_BACKUPS="yes"
179
+
177 180
 #list of encryption protocols
178 181
 SSL_PROTOCOLS="TLSv1 TLSv1.1 TLSv1.2"
179 182
 
@@ -2990,11 +2993,21 @@ function install_mediagoblin {
2990 2993
   echo 'install_mediagoblin' >> $COMPLETION_FILE
2991 2994
 }
2992 2995
 
2996
+function decrypt_file {
2997
+	if [ ! $FILE_TO_DECRYPT ]; then
2998
+		return
2999
+	fi
3000
+	if [ ! -d $FILE_TO_DECRYPT ]; then
3001
+		return
3002
+	fi
3003
+    bcrypt $FILE_TO_DECRYPT
3004
+}
3005
+
2993 3006
 function create_backup_script {
2994 3007
   if grep -Fxq "create_backup_script" $COMPLETION_FILE; then
2995 3008
       return
2996 3009
   fi
2997
-  apt-get -y --force-yes install obnam
3010
+  apt-get -y --force-yes install obnam bcrypt
2998 3011
   echo '#!/bin/bash' > /usr/bin/$BACKUP_SCRIPT_NAME
2999 3012
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3000 3013
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
@@ -3066,7 +3079,6 @@ function create_backup_script {
3066 3079
           echo "  if [ ! -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3067 3080
           echo "    mkdir $USB_MOUNT/backup/gnusocial" >> /usr/bin/$BACKUP_SCRIPT_NAME
3068 3081
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3069
-          echo "  obnam -r $USB_MOUNT/backup/gnusocial /var/www/$MICROBLOG_DOMAIN_NAME" >> /usr/bin/$BACKUP_SCRIPT_NAME
3070 3082
           echo "  mysqldump --password=$MARIADB_PASSWORD gnusocial > $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
3071 3083
       fi
3072 3084
   fi
@@ -3076,7 +3088,6 @@ function create_backup_script {
3076 3088
           echo "  if [ ! -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3077 3089
           echo "    mkdir $USB_MOUNT/backup/redmatrix" >> /usr/bin/$BACKUP_SCRIPT_NAME
3078 3090
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3079
-          echo "  obnam -r $USB_MOUNT/backup/redmatrix /var/www/$REDMATRIX_DOMAIN_NAME" >> /usr/bin/$BACKUP_SCRIPT_NAME
3080 3091
           echo "  mysqldump --password=$MARIADB_PASSWORD redmatrix > $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
3081 3092
       fi
3082 3093
   fi
@@ -3089,6 +3100,13 @@ function create_backup_script {
3089 3100
   fi
3090 3101
   echo 'fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3091 3102
   echo 'Backup completed' >> /usr/bin/$BACKUP_SCRIPT_NAME
3103
+  if [[ $ENCRYPT_BACKUPS == "yes" ]]; then
3104
+      echo 'Archiving backup data' >> /usr/bin/$BACKUP_SCRIPT_NAME
3105
+	  echo "cd $USB_MOUNT" >> /usr/bin/$BACKUP_SCRIPT_NAME
3106
+	  echo "tar -czvf $USB_MOUNT/backup.tar.gz $USB_MOUNT/backup" >> /usr/bin/$BACKUP_SCRIPT_NAME
3107
+	  echo 'Encrypting backup data' >> /usr/bin/$BACKUP_SCRIPT_NAME
3108
+	  echo "bcrypt -c $USB_MOUNT/backup.tar.gz" >> /usr/bin/$BACKUP_SCRIPT_NAME
3109
+  fi
3092 3110
   echo 'exit 0' >> /usr/bin/$RESTORE_SCRIPT_NAME
3093 3111
   chmod 600 /usr/bin/$BACKUP_SCRIPT_NAME
3094 3112
   chmod +x /usr/bin/$BACKUP_SCRIPT_NAME
@@ -3100,13 +3118,18 @@ function create_restore_script {
3100 3118
   if grep -Fxq "create_restore_script" $COMPLETION_FILE; then
3101 3119
       return
3102 3120
   fi
3103
-  apt-get -y --force-yes install obnam
3121
+  apt-get -y --force-yes install obnam bcrypt
3104 3122
   echo '#!/bin/bash' > /usr/bin/$RESTORE_SCRIPT_NAME
3105 3123
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3106 3124
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3107 3125
   echo "    mkdir $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
3108 3126
   echo "    mount $USB_DRIVE $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
3109 3127
   echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3128
+  echo "  if [ -f $USB_MOUNT/backup.tar.gz.bfe ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3129
+  echo "    bcrypt $USB_MOUNT/backup.tar.gz.bfe" >> /usr/bin/$BACKUP_SCRIPT_NAME
3130
+  echo "    cd $USB_MOUNT" >> /usr/bin/$BACKUP_SCRIPT_NAME
3131
+  echo "    tar -xzvf $USB_MOUNT/backup.tar.gz" >> /usr/bin/$BACKUP_SCRIPT_NAME
3132
+  echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3110 3133
   echo "  if [ ! -d $USB_MOUNT/backup ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3111 3134
   echo '    echo "No backup directory was found on the USB drive"' >> /usr/bin/$RESTORE_SCRIPT_NAME
3112 3135
   echo "    exit 1" >> /usr/bin/$RESTORE_SCRIPT_NAME
@@ -3160,7 +3183,6 @@ function create_restore_script {
3160 3183
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
3161 3184
       if [ $MICROBLOG_DOMAIN_NAME ]; then
3162 3185
           echo "  if [ -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3163
-          echo "    obnam restore --to /var/www/$MICROBLOG_DOMAIN_NAME $USB_MOUNT/backup/gnusocial" >> /usr/bin/$RESTORE_SCRIPT_NAME
3164 3186
           echo "    mysql -u root --password=$MARIADB_PASSWORD gnusocial -o < $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
3165 3187
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3166 3188
 
@@ -3170,7 +3192,6 @@ function create_restore_script {
3170 3192
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
3171 3193
       if [ $REDMATRIX_DOMAIN_NAME ]; then
3172 3194
           echo "  if [ -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3173
-          echo "    obnam restore --to /var/www/$REDMATRIX_DOMAIN_NAME $USB_MOUNT/backup/redmatrix" >> /usr/bin/$RESTORE_SCRIPT_NAME
3174 3195
           echo "    mysql -u root --password=$MARIADB_PASSWORD redmatrix -o < $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
3175 3196
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3176 3197
 IPT_NAME