free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
2596 提交
5 分支
目录树: d17f888363
freedombone/src/freedombone-restore-gogs

freedombone-restore-gogs 8.5KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # Restore gogs from local storage - typically a USB drive

  12. 

  13. # License

  14. # =======

  15. #

  16. # Copyright (C) 2015 Bob Mottram <bob@robotics.uk.to>

  17. #

  18. # This program is free software: you can redistribute it and/or modify

  19. # it under the terms of the GNU General Public License as published by

  20. # the Free Software Foundation, either version 3 of the License, or

  21. # (at your option) any later version.

  22. #

  23. # This program is distributed in the hope that it will be useful,

  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  26. # GNU General Public License for more details.

  27. #

  28. # You should have received a copy of the GNU General Public License

  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.

  30. 

  31. PROJECT_NAME='freedombone'

  32. COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt

  33. BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv

  34. 

  35. export TEXTDOMAIN=${PROJECT_NAME}-restore-gogs

  36. export TEXTDOMAINDIR="/usr/share/locale"

  37. 

  38. USB_DRIVE=/dev/sdb1

  39. USB_MOUNT=/mnt/usb

  40. 

  41. # get default USB from config file

  42. CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg

  43. if [ -f $CONFIG_FILE ]; then

  44.     if grep -q "USB_DRIVE=" $CONFIG_FILE; then

  45.         USB_DRIVE=$(cat $CONFIG_FILE | grep "USB_DRIVE=" | awk -F '=' '{print $2}')

  46.     fi

  47. fi

  48. 

  49. ADMIN_USERNAME=

  50. ADMIN_NAME=

  51. 

  52. # MariaDB password

  53. DATABASE_PASSWORD=$(cat /root/dbpass)

  54. 

  55. MICROBLOG_DOMAIN_NAME=

  56. HUBZILLA_DOMAIN_NAME=

  57. OWNCLOUD_DOMAIN_NAME=

  58. GIT_DOMAIN_NAME=

  59. WIKI_DOMAIN_NAME=

  60. FULLBLOG_DOMAIN_NAME=

  61. 

  62. function mount_drive {

  63.     if [ $1 ]; then

  64.         USB_DRIVE=/dev/${1}1

  65.     fi

  66. 

  67.     # get the admin user

  68.     ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')

  69.     if [ $2 ]; then

  70.         ADMIN_USERNAME=$2

  71.     fi

  72.     ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1)

  73. 

  74.     # check that the backup destination is available

  75.     if [ ! -b $USB_DRIVE ]; then

  76.         echo $"Please attach a USB drive"

  77.         exit 1

  78.     fi

  79. 

  80.     # unmount if already mounted

  81.     umount -f $USB_MOUNT

  82.     if [ ! -d $USB_MOUNT ]; then

  83.         mkdir $USB_MOUNT

  84.     fi

  85.     if [ -f /dev/mapper/encrypted_usb ]; then

  86.         rm -rf /dev/mapper/encrypted_usb

  87.     fi

  88.     cryptsetup luksClose encrypted_usb

  89. 

  90.     # mount the encrypted backup drive

  91.     cryptsetup luksOpen $USB_DRIVE encrypted_usb

  92.     if [ "$?" = "0" ]; then

  93.         USB_DRIVE=/dev/mapper/encrypted_usb

  94.     fi

  95.     mount $USB_DRIVE $USB_MOUNT

  96.     if [ ! "$?" = "0" ]; then

  97.         echo $"There was a problem mounting the USB drive to $USB_MOUNT"

  98.         rm -rf $USB_MOUNT

  99.         exit 2

  100.     fi

  101. }

  102. 

  103. function unmount_drive {

  104.     sync

  105.     umount $USB_MOUNT

  106.     if [ ! "$?" = "0" ]; then

  107.         echo $"Unable to unmount the drive. This means that the backup did not work"

  108.         rm -rf $USB_MOUNT

  109.         exit 9

  110.     fi

  111.     rm -rf $USB_MOUNT

  112. 

  113.     echo $"Setting permissions"

  114.     for d in /home/*/ ; do

  115.         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')

  116.         if [[ $USERNAME != "git" ]]; then

  117.             chown -R $USERNAME:$USERNAME /home/$USERNAME

  118.         fi

  119.     done

  120. 

  121.     if [[ $USB_DRIVE == /dev/mapper/encrypted_usb ]]; then

  122.         echo $"Unmount encrypted USB"

  123.         cryptsetup luksClose encrypted_usb

  124.     fi

  125.     if [ -f /dev/mapper/encrypted_usb ]; then

  126.         rm -rf /dev/mapper/encrypted_usb

  127.     fi

  128. }

  129. 

  130. function check_backup_exists {

  131.     if [ ! -d $USB_MOUNT/backup ]; then

  132.         echo $"No backup directory found on the USB drive."

  133.         unmount_drive

  134.         exit 2

  135.     fi

  136. }

  137. 

  138. function check_admin_user {

  139.     echo $"Checking that admin user exists"

  140.     if [ ! -d /home/$ADMIN_USERNAME ]; then

  141.         echo $"Username $ADMIN_USERNAME not found. Reinstall ${PROJECT_NAME} with this username."

  142.         unmount_drive

  143.         exit 295

  144.     fi

  145. }

  146. 

  147. function copy_gpg_keys {

  148.     echo $"Copying GPG keys from admin user to root"

  149.     cp -r /home/$ADMIN_USERNAME/.gnupg /root

  150. }

  151. 

  152. function restore_directory_from_usb {

  153.     if [ ! -d ${1} ]; then

  154.         mkdir ${1}

  155.     fi

  156.     obnam restore -r $USB_MOUNT/backup/${2} --to ${1}

  157. }

  158. 

  159. function restore_database {

  160.     RESTORE_SUBDIR="root"

  161. 

  162.     if [ -d $USB_MOUNT/backup/${1} ]; then

  163.         echo $"Restoring ${1} database"

  164.         restore_directory_from_usb "/root/temp${1}data" "${1}data"

  165.         if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then

  166.             echo $"Unable to restore ${1} database"

  167.             rm -rf /root/temp${1}data

  168.             unmount_drive

  169.             exit 503

  170.         fi

  171.         mysqlsuccess=$(mysql -u root --password=$DATABASE_PASSWORD ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql)

  172.         if [ ! "$?" = "0" ]; then

  173.             echo "$mysqlsuccess"

  174.             unmount_drive

  175.             exit 964

  176.         fi

  177.         shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/*

  178.         rm -rf /root/temp${1}data

  179.         echo $"Restoring ${1} installation"

  180.         if [ ! -d /root/temp${1} ]; then

  181.             mkdir /root/temp${1}

  182.         fi

  183.         restore_directory_from_usb "/root/temp${1}" "${1}"

  184.         RESTORE_SUBDIR="var"

  185.         if [ ${2} ]; then

  186.             if [ -d /var/www/${2}/htdocs ]; then

  187.                 if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then

  188.                     rm -rf /var/www/${2}/htdocs

  189.                     mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/

  190.                     if [ ! "$?" = "0" ]; then

  191.                         unmount_drive

  192.                         exit 683

  193.                     fi

  194.                     if [ -d /etc/letsencrypt/live/${2} ]; then

  195.                         ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key

  196.                         ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem

  197.                     else

  198.                         # Ensure that the bundled SSL cert is being used

  199.                         if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then

  200.                             sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2}

  201.                         fi

  202.                     fi

  203.                 fi

  204.             fi

  205.         fi

  206.     fi

  207. }

  208. 

  209. function update_domains {

  210.     if grep -q "Gogs domain" $COMPLETION_FILE; then

  211.         GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')

  212.     fi

  213. }

  214. 

  215. function same_admin_user {

  216.     PREV_ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')

  217.     if [[ "$PREV_ADMIN_USERNAME" != "$ADMIN_USERNAME" ]]; then

  218.         echo $"The admin username has changed from $PREV_ADMIN_USERNAME to $ADMIN_USERNAME. To restore you will first need to install a new ${PROJECT_NAME} system with an initial admin user named $PREV_ADMIN_USERNAME"

  219.         unmount_drive

  220.         exit 73265

  221.     fi

  222. }

  223. 

  224. function restore_gogs {

  225.     if [ $GIT_DOMAIN_NAME ]; then

  226.         restore_database gogs ${GIT_DOMAIN_NAME}

  227.         if [ -d $USB_MOUNT/backup/gogs ]; then

  228.             echo $"Restoring Gogs settings"

  229.             if [ ! -d /home/git/go/src/github.com/gogits/gogs/custom ]; then

  230.                 mkdir -p /home/git/go/src/github.com/gogits/gogs/custom

  231.             fi

  232.             cp -r /root/tempgogs/home/git/go/src/github.com/gogits/gogs/custom/* /home/git/go/src/github.com/gogits/gogs/custom

  233.             if [ ! "$?" = "0" ]; then

  234.                 unmount_drive

  235.                 exit 981

  236.             fi

  237.             echo $"Restoring Gogs repos"

  238.             restore_directory_from_usb /root/tempgogsrepos gogsrepos

  239.             cp -r /root/tempgogsrepos/home/git/gogs-repositories/* /home/git/gogs-repositories/

  240.             if [ ! "$?" = "0" ]; then

  241.                 unmount_drive

  242.                 exit 67574

  243.             fi

  244.             echo $"Restoring Gogs authorized_keys"

  245.             restore_directory_from_usb /root/tempgogsssh gogsssh

  246.             if [ ! -d /home/git/.ssh ]; then

  247.                 mkdir /home/git/.ssh

  248.             fi

  249.             cp -r /root/tempgogsssh/home/git/.ssh/* /home/git/.ssh/

  250.             if [ ! "$?" = "0" ]; then

  251.                 unmount_drive

  252.                 exit 8463

  253.             fi

  254.             rm -rf /root/tempgogs

  255.             rm -rf /root/tempgogsrepos

  256.             rm -rf /root/tempgogsssh

  257.             chown -R git:git /home/git

  258.         fi

  259.     fi

  260. }

  261. 

  262. mount_drive $1 $2

  263. check_backup_exists

  264. check_admin_user

  265. copy_gpg_keys

  266. same_admin_user

  267. update_domains

  268. restore_gogs

  269. unmount_drive

  270. 

  271. echo $"Restore Gogs from USB drive is complete. You can now unplug it."

  272. 

  273. exit 0