free
/
freedombone
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
Przeglądaj źródła

Optionally encrypt backups

Bob Mottram 11 lat temu
rodzic
413ad08a4c
commit
ba258238f3
1 zmienionych plików z 27 dodań i 6 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 27
    6
      install-freedombone.sh

+ 27
- 6
install-freedombone.sh Wyświetl plik

174 
 # default MariaDB password
 174 
 # default MariaDB password
175 
 MARIADB_PASSWORD=
 175 
 MARIADB_PASSWORD=
176
176
177 
+# Whether to encrypt backups to the USB drive
178 
+ENCRYPT_BACKUPS="yes"
179 
+
177 
 #list of encryption protocols
 180 
 #list of encryption protocols
178 
 SSL_PROTOCOLS="TLSv1 TLSv1.1 TLSv1.2"
 181 
 SSL_PROTOCOLS="TLSv1 TLSv1.1 TLSv1.2"
179
182
2990 
   echo 'install_mediagoblin' >> $COMPLETION_FILE
 2993 
   echo 'install_mediagoblin' >> $COMPLETION_FILE
2991 
 }
 2994 
 }
2992
2995
2996 
+function decrypt_file {
2997 
+	if [ ! $FILE_TO_DECRYPT ]; then
2998 
+		return
2999 
+	fi
3000 
+	if [ ! -d $FILE_TO_DECRYPT ]; then
3001 
+		return
3002 
+	fi
3003 
+    bcrypt $FILE_TO_DECRYPT
3004 
+}
3005 
+
2993 
 function create_backup_script {
 3006 
 function create_backup_script {
2994 
   if grep -Fxq "create_backup_script" $COMPLETION_FILE; then
 3007 
   if grep -Fxq "create_backup_script" $COMPLETION_FILE; then
2995 
       return
 3008 
       return
2996 
   fi
 3009 
   fi
2997 
-  apt-get -y --force-yes install obnam
3010 
+  apt-get -y --force-yes install obnam bcrypt
2998 
   echo '#!/bin/bash' > /usr/bin/$BACKUP_SCRIPT_NAME
 3011 
   echo '#!/bin/bash' > /usr/bin/$BACKUP_SCRIPT_NAME
2999 
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3012 
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3000 
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3013 
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3066 
           echo "  if [ ! -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3079 
           echo "  if [ ! -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3067 
           echo "    mkdir $USB_MOUNT/backup/gnusocial" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3080 
           echo "    mkdir $USB_MOUNT/backup/gnusocial" >> /usr/bin/$BACKUP_SCRIPT_NAME
3068 
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
 3081 
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3069 
-          echo "  obnam -r $USB_MOUNT/backup/gnusocial /var/www/$MICROBLOG_DOMAIN_NAME" >> /usr/bin/$BACKUP_SCRIPT_NAME
3070 
           echo "  mysqldump --password=$MARIADB_PASSWORD gnusocial > $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3082 
           echo "  mysqldump --password=$MARIADB_PASSWORD gnusocial > $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
3071 
       fi
 3083 
       fi
3072 
   fi
 3084 
   fi
3076 
           echo "  if [ ! -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3088 
           echo "  if [ ! -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3077 
           echo "    mkdir $USB_MOUNT/backup/redmatrix" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3089 
           echo "    mkdir $USB_MOUNT/backup/redmatrix" >> /usr/bin/$BACKUP_SCRIPT_NAME
3078 
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
 3090 
           echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3079 
-          echo "  obnam -r $USB_MOUNT/backup/redmatrix /var/www/$REDMATRIX_DOMAIN_NAME" >> /usr/bin/$BACKUP_SCRIPT_NAME
3080 
           echo "  mysqldump --password=$MARIADB_PASSWORD redmatrix > $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
 3091 
           echo "  mysqldump --password=$MARIADB_PASSWORD redmatrix > $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$BACKUP_SCRIPT_NAME
3081 
       fi
 3092 
       fi
3082 
   fi
 3093 
   fi
3089 
   fi
 3100 
   fi
3090 
   echo 'fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
 3101 
   echo 'fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3091 
   echo 'Backup completed' >> /usr/bin/$BACKUP_SCRIPT_NAME
 3102 
   echo 'Backup completed' >> /usr/bin/$BACKUP_SCRIPT_NAME
3103 
+  if [[ $ENCRYPT_BACKUPS == "yes" ]]; then
3104 
+      echo 'Archiving backup data' >> /usr/bin/$BACKUP_SCRIPT_NAME
3105 
+	  echo "cd $USB_MOUNT" >> /usr/bin/$BACKUP_SCRIPT_NAME
3106 
+	  echo "tar -czvf $USB_MOUNT/backup.tar.gz $USB_MOUNT/backup" >> /usr/bin/$BACKUP_SCRIPT_NAME
3107 
+	  echo 'Encrypting backup data' >> /usr/bin/$BACKUP_SCRIPT_NAME
3108 
+	  echo "bcrypt -c $USB_MOUNT/backup.tar.gz" >> /usr/bin/$BACKUP_SCRIPT_NAME
3109 
+  fi
3092 
   echo 'exit 0' >> /usr/bin/$RESTORE_SCRIPT_NAME
 3110 
   echo 'exit 0' >> /usr/bin/$RESTORE_SCRIPT_NAME
3093 
   chmod 600 /usr/bin/$BACKUP_SCRIPT_NAME
 3111 
   chmod 600 /usr/bin/$BACKUP_SCRIPT_NAME
3094 
   chmod +x /usr/bin/$BACKUP_SCRIPT_NAME
 3112 
   chmod +x /usr/bin/$BACKUP_SCRIPT_NAME
3100 
   if grep -Fxq "create_restore_script" $COMPLETION_FILE; then
 3118 
   if grep -Fxq "create_restore_script" $COMPLETION_FILE; then
3101 
       return
 3119 
       return
3102 
   fi
 3120 
   fi
3103 
-  apt-get -y --force-yes install obnam
3121 
+  apt-get -y --force-yes install obnam bcrypt
3104 
   echo '#!/bin/bash' > /usr/bin/$RESTORE_SCRIPT_NAME
 3122 
   echo '#!/bin/bash' > /usr/bin/$RESTORE_SCRIPT_NAME
3105 
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3123 
   echo "if [ -b $USB_DRIVE ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3106 
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3124 
   echo "  if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3107 
   echo "    mkdir $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3125 
   echo "    mkdir $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
3108 
   echo "    mount $USB_DRIVE $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3126 
   echo "    mount $USB_DRIVE $USB_MOUNT" >> /usr/bin/$RESTORE_SCRIPT_NAME
3109 
   echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
 3127 
   echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3128 
+  echo "  if [ -f $USB_MOUNT/backup.tar.gz.bfe ]; then" >> /usr/bin/$BACKUP_SCRIPT_NAME
3129 
+  echo "    bcrypt $USB_MOUNT/backup.tar.gz.bfe" >> /usr/bin/$BACKUP_SCRIPT_NAME
3130 
+  echo "    cd $USB_MOUNT" >> /usr/bin/$BACKUP_SCRIPT_NAME
3131 
+  echo "    tar -xzvf $USB_MOUNT/backup.tar.gz" >> /usr/bin/$BACKUP_SCRIPT_NAME
3132 
+  echo '  fi' >> /usr/bin/$BACKUP_SCRIPT_NAME
3110 
   echo "  if [ ! -d $USB_MOUNT/backup ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3133 
   echo "  if [ ! -d $USB_MOUNT/backup ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3111 
   echo '    echo "No backup directory was found on the USB drive"' >> /usr/bin/$RESTORE_SCRIPT_NAME
 3134 
   echo '    echo "No backup directory was found on the USB drive"' >> /usr/bin/$RESTORE_SCRIPT_NAME
3112 
   echo "    exit 1" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3135 
   echo "    exit 1" >> /usr/bin/$RESTORE_SCRIPT_NAME
3160 
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
 3183 
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
3161 
       if [ $MICROBLOG_DOMAIN_NAME ]; then
 3184 
       if [ $MICROBLOG_DOMAIN_NAME ]; then
3162 
           echo "  if [ -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3185 
           echo "  if [ -d $USB_MOUNT/backup/gnusocial ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3163 
-          echo "    obnam restore --to /var/www/$MICROBLOG_DOMAIN_NAME $USB_MOUNT/backup/gnusocial" >> /usr/bin/$RESTORE_SCRIPT_NAME
3164 
           echo "    mysql -u root --password=$MARIADB_PASSWORD gnusocial -o < $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3186 
           echo "    mysql -u root --password=$MARIADB_PASSWORD gnusocial -o < $USB_MOUNT/backup/gnusocial/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
3165 
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
 3187 
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3166
3188
3170 
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
 3192 
   if ! [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
3171 
       if [ $REDMATRIX_DOMAIN_NAME ]; then
 3193 
       if [ $REDMATRIX_DOMAIN_NAME ]; then
3172 
           echo "  if [ -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3194 
           echo "  if [ -d $USB_MOUNT/backup/redmatrix ]; then" >> /usr/bin/$RESTORE_SCRIPT_NAME
3173 
-          echo "    obnam restore --to /var/www/$REDMATRIX_DOMAIN_NAME $USB_MOUNT/backup/redmatrix" >> /usr/bin/$RESTORE_SCRIPT_NAME
3174 
           echo "    mysql -u root --password=$MARIADB_PASSWORD redmatrix -o < $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
 3195 
           echo "    mysql -u root --password=$MARIADB_PASSWORD redmatrix -o < $USB_MOUNT/backup/redmatrix/database.sql" >> /usr/bin/$RESTORE_SCRIPT_NAME
3175 
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
 3196 
           echo '  fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
3176 
 IPT_NAME
 3197 
 IPT_NAME