#!/bin/bash # # .---. . . # | | | # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-' # ' ' --' --' -' - -' ' ' -' -' -' ' - --' # # Freedom in the Cloud # # Restore gogs from local storage - typically a USB drive # License # ======= # # Copyright (C) 2015 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . PROJECT_NAME='freedombone' COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv export TEXTDOMAIN=${PROJECT_NAME}-restore-gogs export TEXTDOMAINDIR="/usr/share/locale" USB_DRIVE=/dev/sdb1 USB_MOUNT=/mnt/usb # get default USB from config file CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg if [ -f $CONFIG_FILE ]; then if grep -q "USB_DRIVE=" $CONFIG_FILE; then USB_DRIVE=$(cat $CONFIG_FILE | grep "USB_DRIVE=" | awk -F '=' '{print $2}') fi fi ADMIN_USERNAME= ADMIN_NAME= # MariaDB password DATABASE_PASSWORD=$(cat /root/dbpass) MICROBLOG_DOMAIN_NAME= HUBZILLA_DOMAIN_NAME= OWNCLOUD_DOMAIN_NAME= GIT_DOMAIN_NAME= WIKI_DOMAIN_NAME= FULLBLOG_DOMAIN_NAME= function mount_drive { if [ $1 ]; then USB_DRIVE=/dev/${1}1 fi # get the admin user ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') if [ $2 ]; then ADMIN_USERNAME=$2 fi ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1) # check that the backup destination is available if [ ! -b $USB_DRIVE ]; then echo $"Please attach a USB drive" exit 1 fi # unmount if already mounted umount -f $USB_MOUNT if [ ! -d $USB_MOUNT ]; then mkdir $USB_MOUNT fi if [ -f /dev/mapper/encrypted_usb ]; then rm -rf /dev/mapper/encrypted_usb fi cryptsetup luksClose encrypted_usb # mount the encrypted backup drive cryptsetup luksOpen $USB_DRIVE encrypted_usb if [ "$?" = "0" ]; then USB_DRIVE=/dev/mapper/encrypted_usb fi mount $USB_DRIVE $USB_MOUNT if [ ! "$?" = "0" ]; then echo $"There was a problem mounting the USB drive to $USB_MOUNT" rm -rf $USB_MOUNT exit 2 fi } function unmount_drive { sync umount $USB_MOUNT if [ ! "$?" = "0" ]; then echo $"Unable to unmount the drive. This means that the backup did not work" rm -rf $USB_MOUNT exit 9 fi rm -rf $USB_MOUNT echo $"Setting permissions" for d in /home/*/ ; do USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $USERNAME != "git" ]]; then chown -R $USERNAME:$USERNAME /home/$USERNAME fi done if [[ $USB_DRIVE == /dev/mapper/encrypted_usb ]]; then echo $"Unmount encrypted USB" cryptsetup luksClose encrypted_usb fi if [ -f /dev/mapper/encrypted_usb ]; then rm -rf /dev/mapper/encrypted_usb fi } function check_backup_exists { if [ ! -d $USB_MOUNT/backup ]; then echo $"No backup directory found on the USB drive." unmount_drive exit 2 fi } function check_admin_user { echo $"Checking that admin user exists" if [ ! -d /home/$ADMIN_USERNAME ]; then echo $"Username $ADMIN_USERNAME not found. Reinstall ${PROJECT_NAME} with this username." unmount_drive exit 295 fi } function copy_gpg_keys { echo $"Copying GPG keys from admin user to root" cp -r /home/$ADMIN_USERNAME/.gnupg /root } function restore_directory_from_usb { if [ ! -d ${1} ]; then mkdir ${1} fi obnam restore -r $USB_MOUNT/backup/${2} --to ${1} } function restore_database { RESTORE_SUBDIR="root" if [ -d $USB_MOUNT/backup/${1} ]; then echo $"Restoring ${1} database" restore_directory_from_usb "/root/temp${1}data" "${1}data" if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then echo $"Unable to restore ${1} database" rm -rf /root/temp${1}data unmount_drive exit 503 fi mysqlsuccess=$(mysql -u root --password=$DATABASE_PASSWORD ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql) if [ ! "$?" = "0" ]; then echo "$mysqlsuccess" unmount_drive exit 964 fi shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/* rm -rf /root/temp${1}data echo $"Restoring ${1} installation" if [ ! -d /root/temp${1} ]; then mkdir /root/temp${1} fi restore_directory_from_usb "/root/temp${1}" "${1}" RESTORE_SUBDIR="var" if [ ${2} ]; then if [ -d /var/www/${2}/htdocs ]; then if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then rm -rf /var/www/${2}/htdocs mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/ if [ ! "$?" = "0" ]; then unmount_drive exit 683 fi if [ -d /etc/letsencrypt/live/${2} ]; then ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem else # Ensure that the bundled SSL cert is being used if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2} fi fi fi fi fi fi } function update_domains { if grep -q "Gogs domain" $COMPLETION_FILE; then GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') fi } function same_admin_user { PREV_ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') if [[ "$PREV_ADMIN_USERNAME" != "$ADMIN_USERNAME" ]]; then echo $"The admin username has changed from $PREV_ADMIN_USERNAME to $ADMIN_USERNAME. To restore you will first need to install a new ${PROJECT_NAME} system with an initial admin user named $PREV_ADMIN_USERNAME" unmount_drive exit 73265 fi } function restore_gogs { if [ $GIT_DOMAIN_NAME ]; then restore_database gogs ${GIT_DOMAIN_NAME} if [ -d $USB_MOUNT/backup/gogs ]; then echo $"Restoring Gogs settings" if [ ! -d /home/git/go/src/github.com/gogits/gogs/custom ]; then mkdir -p /home/git/go/src/github.com/gogits/gogs/custom fi cp -r /root/tempgogs/home/git/go/src/github.com/gogits/gogs/custom/* /home/git/go/src/github.com/gogits/gogs/custom if [ ! "$?" = "0" ]; then unmount_drive exit 981 fi echo $"Restoring Gogs repos" restore_directory_from_usb /root/tempgogsrepos gogsrepos cp -r /root/tempgogsrepos/home/git/gogs-repositories/* /home/git/gogs-repositories/ if [ ! "$?" = "0" ]; then unmount_drive exit 67574 fi echo $"Restoring Gogs authorized_keys" restore_directory_from_usb /root/tempgogsssh gogsssh if [ ! -d /home/git/.ssh ]; then mkdir /home/git/.ssh fi cp -r /root/tempgogsssh/home/git/.ssh/* /home/git/.ssh/ if [ ! "$?" = "0" ]; then unmount_drive exit 8463 fi rm -rf /root/tempgogs rm -rf /root/tempgogsrepos rm -rf /root/tempgogsssh chown -R git:git /home/git fi fi } mount_drive $1 $2 check_backup_exists check_admin_user copy_gpg_keys same_admin_user update_domains restore_gogs unmount_drive echo $"Restore Gogs from USB drive is complete. You can now unplug it." exit 0