freedombone/src/freedombone-restore-remote

#!/bin/bash
#
# .---.                  .              .
# |                      |              |
# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
#
#                    Freedom in the Cloud
#
# Restore from a given remote server

# License
# =======
#
# Copyright (C) 2015-2016 Bob Mottram <bob@robotics.uk.to>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

PROJECT_NAME='freedombone'
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv

export TEXTDOMAIN=${PROJECT_NAME}-restore-remote
export TEXTDOMAINDIR="/usr/share/locale"

source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-validation

SERVER_NAME=$1

# whether to restore everything or just a specific application
RESTORE_APP='all'

if [ ${2} ]; then
    RESTORE_APP=${2}
fi

ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | -nawk -F ':' '{print $2}')
ADMIN_EMAIL_ADDRESS=${ADMIN_USERNAME}@${HOSTNAME}

# Temporary location for data to be backed up to other servers
SERVER_DIRECTORY=/root/remoterestore

BACKUP_LIST=/home/${ADMIN_USERNAME}/backup.list

if [ ! $SERVER_NAME ]; then
    echo $'restorefromfriend [server]'
    exit 1
fi

if [ ! -f $BACKUP_LIST ]; then
    echo $"No friends list found at $BACKUP_LIST"
    exit 2
fi

if ! grep -q "$SERVER_NAME" $BACKUP_LIST; then
    echo $"Server not found within the friends list"
    exit 3
fi

REMOTE_SERVER=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $1}')
REMOTE_SSH_PORT=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $2}')
REMOTE_DIRECTORY=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $3}')
REMOTE_PASSWORD=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $4}')
REMOTE_SERVER=$REMOTE_SERVER:$REMOTE_DIRECTORY

NOW=$(date +"%Y-%m-%d %H:%M:%S")

echo "$NOW Starting restore from $REMOTE_SERVER" >> /var/log/remotebackups.log
rsync -ratlzv --rsh="/usr/bin/sshpass -p $REMOTE_PASSWORD ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" $REMOTE_SERVER/backup $SERVER_DIRECTORY
if [ ! "$?" = "0" ]; then
    echo "$NOW Restore from $REMOTE_SERVER failed" >> /var/log/remotebackups.log
    # Send a warning email
    echo "Restore from $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} restore from friend" $ADMIN_EMAIL_ADDRESS
    exit 790
else
    echo "$NOW Restored encrypted data from $REMOTE_SERVER" >> /var/log/remotebackups.log
fi

# MariaDB password
DATABASE_PASSWORD=$(cat /root/dbpass)

function restore_directory_from_friend {
    if [ ! -d ${1} ]; then
        mkdir ${1}
    fi
    obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1}
}

function copy_gpg_keys {
    echo $"Copying GPG keys from admin user to root"
    cp -r /home/$ADMIN_USERNAME/.gnupg /root
}

function restore_configuration {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'configuration' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/config ]; then
        echo $"Restoring configuration files"
        temp_restore_dir=/root/tempconfig
        restore_directory_from_friend $temp_restore_dir config

        cp -f $temp_restore_dir/root/${PROJECT_NAME}.cfg $CONFIGURATION_FILE
        if [ ! "$?" = "0" ]; then
            unmount_drive
            rm -rf $temp_restore_dir
            exit 5372
        fi
        if [ -f $CONFIGURATION_FILE ]; then
            # install according to the config file
            freedombone -c $CONFIGURATION_FILE
        fi

        cp -f $temp_restore_dir/root/${PROJECT_NAME}-completed.txt $COMPLETION_FILE
        if [ ! "$?" = "0" ]; then
            unmount_drive
            rm -rf $temp_restore_dir
            exit 7252
        fi

        if [ -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ]; then
            cp -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ${BACKUP_EXTRA_DIRECTORIES}
            if [ ! "$?" = "0" ]; then
                unmount_drive
                rm -rf $temp_restore_dir
                exit 62121
            fi
        fi

        # restore nginx password hashes
        if [ -f $temp_restore_dir/root/htpasswd ]; then
            cp -f $temp_restore_dir/root/htpasswd /etc/nginx/.htpasswd
        fi

        rm -rf $temp_restore_dir
    fi
}

function restore_mariadb {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'mariadb' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/mariadb ]; then
        echo $"Restoring MariaDB settings"
        temp_restore_dir=/root/tempmariadb
        restore_directory_from_friend $temp_restore_dir mariadb
        echo $"Get the MariaDB password from the backup"
        if [ ! -f ${temp_restore_dir}${temp_restore_dir}/db ]; then
            echo $"MariaDB password file not found"
            exit 495
        fi
        BACKUP_MARIADB_PASSWORD=$(cat ${temp_restore_dir}${temp_restore_dir}/db)
        if [[ "$BACKUP_MARIADB_PASSWORD" != "$DATABASE_PASSWORD" ]]; then
            echo $"Restore the MariaDB user table"
            mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" mysql -o < ${temp_restore_dir}${temp_restore_dir}/mysql.sql)
            if [ ! "$?" = "0" ]; then
                echo $"Try again using the password obtained from backup"
                mysqlsuccess=$(mysql -u root --password="$BACKUP_MARIADB_PASSWORD" mysql -o < ${temp_restore_dir}${temp_restore_dir}/mysql.sql)
            fi
            if [ ! "$?" = "0" ]; then
                echo "$mysqlsuccess"
                exit 962
            fi
            echo $"Restarting database"
            service mysql restart
            echo $"Change the MariaDB password to the backup version"
            DATABASE_PASSWORD=$BACKUP_MARIADB_PASSWORD
        fi
        shred -zu ${temp_restore_dir}${temp_restore_dir}/db
        rm -rf ${temp_restore_dir}

        # Change database password file
        echo "$DATABASE_PASSWORD" > /root/dbpass
        chmod 600 /root/dbpass
    fi
}

function restore_letsencrypt {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'letsencrypt' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/letsencrypt ]; then
        echo $"Restoring Lets Encrypt settings"
        restore_directory_from_friend / letsencrypt
    fi
}

function restore_tor {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'tor' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/tor ]; then
        echo $"Restoring Tor settings"
        restore_directory_from_friend / tor
    fi
}

function restore_mutt_settings {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'mutt' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/mutt/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/mutt/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring Mutt settings for $USERNAME"
                temp_restore_dir=/root/tempmutt
                restore_directory_from_friend ${temp_restore_dir} mutt/$USERNAME
                if [ -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc ]; then
                    cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc /home/$USERNAME/.muttrc
                fi
                if [ -f ${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc ]; then
                    cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc /etc/Muttrc
                fi
                if [ ! "$?" = "0" ]; then
                    rm -rf ${temp_restore_dir}
                    exit 276
                fi
                rm -rf ${temp_restore_dir}
            fi
        fi
    done
}

function restore_gpg {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'gpg' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/gnupg/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/gnupg/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring gnupg settings for $USERNAME"
                temp_restore_dir=/root/tempgnupg
                restore_directory_from_friend ${temp_restore_dir} gnupg/$USERNAME
                cp -r ${temp_restore_dir}/home/$USERNAME/.gnupg /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf ${temp_restore_dir}
                    exit 276
                fi
                rm -rf ${temp_restore_dir}
                if [[ "$USERNAME" == "$ADMIN_USERNAME" ]]; then
                    cp -r /home/$USERNAME/.gnupg /root
                    if [ ! "$?" = "0" ]; then
                        exit 283
                    fi
                fi
            fi
        fi
    done
}

function restore_procmail {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'procmail' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/procmail/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/procmail/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring procmail settings for $USERNAME"
                temp_restore_dir=/root/tempprocmail
                restore_directory_from_friend ${temp_restore_dir} procmail/$USERNAME
                cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.procmailrc /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf ${temp_restore_dir}
                    exit 276
                fi
                rm -rf ${temp_restore_dir}
            fi
        fi
    done
}

function restore_spamassassin {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'spamassassin' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/spamassassin/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/spamassassin/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring spamassassin settings for $USERNAME"
                temp_restore_dir=/root/tempspamassassin
                restore_directory_from_friend $temp_restore_dir spamassassin/$USERNAME
                cp -rf $temp_restore_dir/home/$USERNAME/.spamassassin /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 276
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function restore_admin_readme {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'readme' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/readme ]; then
        echo $"Restoring README"
        temp_restore_dir=/root/tempreadme
        restore_directory_from_friend $temp_restore_dir readme
        cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/README /home/$ADMIN_USERNAME/
        if [ ! "$?" = "0" ]; then
            rm -rf $temp_restore_dir
            exit 276
        fi
        rm -rf $temp_restore_dir
    fi
}

function restore_ssh_keys {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'ssh' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/ssh/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/ssh/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring ssh keys for $USERNAME"
                temp_restore_dir=/root/tempssh
                restore_directory_from_friend $temp_restore_dir ssh/$USERNAME
                cp -r $temp_restore_dir/home/$USERNAME/.ssh /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 664
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function restore_user_config {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'userconfig' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/config/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/config/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring config files for $USERNAME"
                temp_restore_dir=/root/tempconfig
                restore_directory_from_friend $temp_restore_dir config/$USERNAME
                cp -r $temp_restore_dir/home/$USERNAME/.config /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 664
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function gpg_pubkey_from_email {
    key_owner_username=$1
    key_email_address=$2
    key_id=
    if [[ $key_owner_username != "root" ]]; then
        key_id=$(su -c "gpg --list-keys $key_email_address | grep 'pub '" - $key_owner_username | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
    else
        key_id=$(gpg --list-keys $key_email_address | grep 'pub ' | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
    fi
    echo $key_id
}

function restore_user_monkeysphere {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'usermonkeysphere' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/monkeysphere/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/monkeysphere/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring monkeysphere ids for $USERNAME"
                temp_restore_dir=/root/tempmonkeysphere
                restore_directory_from_friend $temp_restore_dir monkeysphere/$USERNAME
                cp -r $temp_restore_dir/home/$USERNAME/.monkeysphere /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 664
                fi
                rm -rf $temp_restore_dir
            fi
        fi

        # The admin user is the identity certifier
        MY_EMAIL_ADDRESS="${ADMIN_USERNAME}@${HOSTNAME}"
        read_config_param MY_EMAIL_ADDRESS
        MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADMIN_USERNAME" "$MY_EMAIL_ADDRESS")
        fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
        monkeysphere-authentication add-identity-certifier $fpr
        monkeysphere-authentication update-users
    done
}

function restore_user_fin {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'userfin' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/fin/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/fin/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring fin files for $USERNAME"
                temp_restore_dir=/root/tempfin
                restore_directory_from_friend $temp_restore_dir fin/$USERNAME
                cp -r $temp_restore_dir/home/$USERNAME/.fin /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 664
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function restore_user_local {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'userlocal' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/local/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/local/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring local files for $USERNAME"
                temp_restore_dir=/root/templocal
                restore_directory_from_friend $temp_restore_dir local/$USERNAME
                cp -r $temp_restore_dir/home/$USERNAME/.local /home/$USERNAME/
                if [ ! "$?" = "0" ]; then
                    rm -rf $temp_restore_dir
                    exit 664
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function restore_certs {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'certs' ]]; then
            return
        fi
    fi
    if [ -d $SERVER_DIRECTORY/backup/ssl ]; then
        echo $"Restoring certificates"
        restore_directory_from_friend /root/tempssl ssl
        cp -r /root/tempssl/etc/ssl/* /etc/ssl
        if [ ! "$?" = "0" ]; then
            exit 276
        fi
        rm -rf /root/tempssl

        # restore ownership
        if [ -f /etc/ssl/private/xmpp.key ]; then
            chown prosody:prosody /etc/ssl/private/xmpp.key
            chown prosody:prosody /etc/ssl/certs/xmpp.*
        fi
        if [ -d /etc/dovecot ]; then
            chown root:dovecot /etc/ssl/private/dovecot.*
            chown root:dovecot /etc/ssl/certs/dovecot.*
        fi
        if [ -f /etc/ssl/private/exim.key ]; then
            cp /etc/ssl/private/exim.key /etc/exim4
            cp /etc/ssl/certs/exim.crt /etc/exim4
            cp /etc/ssl/certs/exim.dhparam /etc/exim4
            chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
            chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
        fi
        if [ -f /etc/ssl/private/mumble.key ]; then
            if [ -d /var/lib/mumble-server ]; then
                cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
                cp /etc/ssl/private/mumble.key /var/lib/mumble-server
                chown -R mumble-server:mumble-server /var/lib/mumble-server
            fi
        fi
    fi
}

function restore_personal_settings {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'personal' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/personal/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/personal/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring personal settings for $USERNAME"
                temp_restore_dir=/root/temppersonal
                restore_directory_from_friend $temp_restore_dir personal/$USERNAME
                if [ -d /home/$USERNAME/personal ]; then
                    rm -rf /home/$USERNAME/personal
                fi
                mv $temp_restore_dir/home/$USERNAME/personal /home/$USERNAME
                if [ ! "$?" = "0" ]; then
                    exit 184
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

function restore_mailing_list {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'mailinglist' ]]; then
            return
        fi
    fi
    if [ -d /var/spool/mlmmj ]; then
        echo $"Restoring public mailing list"
        temp_restore_dir=/root/tempmailinglist
        restore_directory_from_friend $temp_restore_dir mailinglist
        cp -r $temp_restore_dir/root/spool/mlmmj/* /var/spool/mlmmj
        if [ ! "$?" = "0" ]; then
            exit 526
        fi
        rm -rf $temp_restore_dir
    fi
}

function restore_email {
    if [[ $RESTORE_APP != 'all' ]]; then
        if [[ $RESTORE_APP != 'email' ]]; then
            return
        fi
    fi
    for d in $SERVER_DIRECTORY/backup/mail/*/ ; do
        USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
            if [ -d $SERVER_DIRECTORY/backup/mail/$USERNAME ]; then
                if [ ! -d /home/$USERNAME ]; then
                    ${PROJECT_NAME}-adduser $USERNAME
                fi
                echo $"Restoring emails for $USERNAME"
                temp_restore_dir=/root/tempmail
                restore_directory_from_friend $temp_restore_dir mail/$USERNAME
                if [ ! -d /home/$USERNAME/Maildir ]; then
                    mkdir /home/$USERNAME/Maildir
                fi
                tar -xzvf $temp_restore_dir/root/tempbackupemail/$USERNAME/maildir.tar.gz -C /
                if [ ! "$?" = "0" ]; then
                    exit 927
                fi
                rm -rf $temp_restore_dir
            fi
        fi
    done
}

# Social key management
# Recover any key fragments and reconstruct the gpg key
${PROJECT_NAME}-recoverkey -u ${ADMIN_USERNAME} -l $BACKUP_LIST

copy_gpg_keys
restore_configuration
restore_mariadb
restore_letsencrypt
restore_mutt_settings
restore_gpg
restore_procmail
restore_spamassassin
restore_admin_readme
restore_ssh_keys
restore_user_config
restore_user_monkeysphere
restore_user_fin
restore_user_local
restore_certs
restore_personal_settings
restore_mailing_list
restore_email
restore_apps remote
set_user_permissions

# ensure that all TLS certificates are pinned
#${PROJECT_NAME}-pin-cert all

echo $"*** Remote restore was successful ***"

exit 0