From 53ca037736a71c568b477e6d1a7789b069045e17 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 24 Aug 2017 13:56:00 +0100 Subject: [PATCH] Prepare for the return of duplicity --- src/freedombone-image-customise | 7 +- src/freedombone-utils-backup | 152 +++++++++++++++++++++++--------- src/freedombone-utils-guile | 3 +- src/freedombone-utils-setup | 2 +- 4 files changed, 115 insertions(+), 49 deletions(-) diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise index 57dd0371..9ec20758 100755 --- a/src/freedombone-image-customise +++ b/src/freedombone-image-customise @@ -1065,8 +1065,9 @@ function image_setup_utils { rm $rootdir/root/sysctl.conf # all the packages - chroot "$rootdir" apt-get -yq install cryptsetup libgfshare-bin obnam sshpass wget avahi-daemon - chroot "$rootdir" apt-get -yq install avahi-utils avahi-discover connect-proxy openssh-server + chroot "$rootdir" apt-get -yq install cryptsetup libgfshare-bin obnam duplicity sshpass wget + chroot "$rootdir" apt-get -yq install avahi-daemon avahi-utils avahi-discover + chroot "$rootdir" apt-get -yq install connect-proxy openssh-server chroot "$rootdir" apt-get -yq install sudo git dialog build-essential avahi-daemon avahi-utils chroot "$rootdir" apt-get -yq install avahi-discover avahi-autoipd iptables dnsutils net-tools chroot "$rootdir" apt-get -yq install network-manager iputils-ping libnss-mdns libnss-myhostname @@ -1166,7 +1167,7 @@ function image_setup_utils { chroot "$rootdir" apt-get -yq install dovecot-imapd #backup - chroot "$rootdir" apt-get -yq install obnam gnupg + chroot "$rootdir" apt-get -yq install obnam duplicity gnupg # monkeysphere #chroot "$rootdir" apt-get -yq install monkeysphere msva-perl diff --git a/src/freedombone-utils-backup b/src/freedombone-utils-backup index e0fd65fd..a85f2fd7 100755 --- a/src/freedombone-utils-backup +++ b/src/freedombone-utils-backup @@ -247,6 +247,56 @@ function set_obnam_client_name { echo "client-name = ${PROJECT_NAME}" >> /etc/obnam.conf } +function backup_directory_to_usb_duplicity { + echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} + if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then + echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2} + if [ ! "$?" = "0" ]; then + umount $USB_MOUNT + rm -rf $USB_MOUNT + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then + shred -zu ${1}/* + rm -rf ${1} + fi + function_check restart_site + restart_site + exit 683252 + fi + fi +} + +function backup_directory_to_usb_obnam { + set_obnam_client_name + echo "$BACKUP_DUMMY_PASSWORD" | obnam force-lock -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} + echo "$BACKUP_DUMMY_PASSWORD" | obnam backup -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} + if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then + echo "$BACKUP_DUMMY_PASSWORD" | obnam verify -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} + if [ ! "$?" = "0" ]; then + umount $USB_MOUNT + rm -rf $USB_MOUNT + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then + shred -zu ${1}/* + rm -rf ${1} + fi + function_check restart_site + restart_site + exit 683252 + fi + fi + echo "$BACKUP_DUMMY_PASSWORD" | obnam forget --keep=30d -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID + if [ ! "$?" = "0" ]; then + umount $USB_MOUNT + rm -rf $USB_MOUNT + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then + shred -zu ${1}/* + rm -rf ${1} + fi + function_check restart_site + restart_site + exit 7 + fi +} + function backup_directory_to_usb { if [ ! -d ${1} ]; then echo $"WARNING: directory does not exist: ${1}" @@ -263,35 +313,10 @@ function backup_directory_to_usb { if [ ! -d $USB_MOUNT/backup/${2} ]; then mkdir -p $USB_MOUNT/backup/${2} fi - set_obnam_client_name - echo "$BACKUP_DUMMY_PASSWORD" | obnam force-lock -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} - echo "$BACKUP_DUMMY_PASSWORD" | obnam backup -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} - if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then - echo "$BACKUP_DUMMY_PASSWORD" | obnam verify -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1} - if [ ! "$?" = "0" ]; then - umount $USB_MOUNT - rm -rf $USB_MOUNT - if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then - shred -zu ${1}/* - rm -rf ${1} - fi - function_check restart_site - restart_site - exit 683252 - fi - fi - echo "$BACKUP_DUMMY_PASSWORD" | obnam forget --keep=30d -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID - if [ ! "$?" = "0" ]; then - umount $USB_MOUNT - rm -rf $USB_MOUNT - if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then - shred -zu ${1}/* - rm -rf ${1} - fi - function_check restart_site - restart_site - exit 7 - fi + + #backup_directory_to_usb_duplicity ${1} ${2} + backup_directory_to_usb_obnam ${1} ${2} + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then shred -zu ${1}/* rm -rf ${1} @@ -299,6 +324,15 @@ function backup_directory_to_usb { fi } +function restore_directory_from_usb_obnam { + set_obnam_client_name + echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $USB_MOUNT/backup/${2} --to ${1} +} + +function restore_directory_from_usb_duplicity { + echo "$BACKUP_DUMMY_PASSWORD" | duplicity restore --force file://$USB_MOUNT/backup/${2} ${1} +} + function restore_directory_from_usb { if [ ! ${1} ]; then echo "obnam restore -r $USB_MOUNT/backup/${2} --to ${1}" @@ -313,8 +347,17 @@ function restore_directory_from_usb { if [ ! -d ${1} ]; then mkdir ${1} fi + #restore_directory_from_usb_duplicity ${1} ${2} + restore_directory_from_usb_obnam ${1} ${2} +} + +function restore_directory_from_friend_obnam { set_obnam_client_name - echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $USB_MOUNT/backup/${2} --to ${1} + echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1} +} + +function restore_directory_from_friend_duplicity { + echo "$BACKUP_DUMMY_PASSWORD" | duplicity restore --force file://$SERVER_DIRECTORY/backup/${2} ${1} } function restore_directory_from_friend { @@ -331,8 +374,8 @@ function restore_directory_from_friend { if [ ! -d ${1} ]; then mkdir ${1} fi - set_obnam_client_name - echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1} + #restore_directory_from_friend_duplicity ${1} ${2} + restore_directory_from_friend_obnam ${1} ${2} } function backup_database_to_usb { @@ -357,19 +400,23 @@ function set_user_permissions { done } -function backup_directory_to_friend { - BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)") - if [ ! "$?" = "0" ]; then - echo $"Backup key could not be found" - function_check restart_site - restart_site - exit 43382 +function backup_directory_to_friend_duplicity { + echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} + if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then + echo "$BACKUP_DUMMY_PASSWORD" | duplicity verify --ssh-askpass --encrypt-key ${ADMIN_BACKUP_KEY_ID} --full-if-older-than 4W --exclude-other-filesystems ${1} $SERVER_DIRECTORY/backup/${2} + if [ ! "$?" = "0" ]; then + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then + shred -zu ${1}/* + rm -rf ${1} + fi + function_check restart_site + restart_site + exit 683252 + fi fi +} - ADMIN_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | sed -n '2p' | sed 's/^[ \t]*//') - if [ ! -d $SERVER_DIRECTORY/backup/${2} ]; then - mkdir -p $SERVER_DIRECTORY/backup/${2} - fi +function backup_directory_to_friend_obnam { set_obnam_client_name echo "$BACKUP_DUMMY_PASSWORD" | obnam force-lock -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1} echo "$BACKUP_DUMMY_PASSWORD" | obnam backup -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1} @@ -399,6 +446,25 @@ function backup_directory_to_friend { restart_site exit 853 fi +} + +function backup_directory_to_friend { + BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)") + if [ ! "$?" = "0" ]; then + echo $"Backup key could not be found" + function_check restart_site + restart_site + exit 43382 + fi + + ADMIN_BACKUP_KEY_ID=$(gpg --list-keys "$ADMIN_NAME (backup key)" | sed -n '2p' | sed 's/^[ \t]*//') + if [ ! -d $SERVER_DIRECTORY/backup/${2} ]; then + mkdir -p $SERVER_DIRECTORY/backup/${2} + fi + + #backup_directory_to_friend_duplicity ${1} ${2} + backup_directory_to_friend_obnam ${1} ${2} + if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then shred -zu /root/temp${2}/* rm -rf /root/temp${2} diff --git a/src/freedombone-utils-guile b/src/freedombone-utils-guile index efda73c2..16e9756c 100755 --- a/src/freedombone-utils-guile +++ b/src/freedombone-utils-guile @@ -45,11 +45,10 @@ function install_8sync { git_clone $EIGHTSYNC_REPO $INSTALL_DIR/eightsync cd $INSTALL_DIR/eightsync git checkout ${EIGHTSYNC_COMMIT} -b ${EIGHTSYNC_COMMIT} - #GUILE_PATH=/opt/guile-${GUILE_VERSION} + export GUILE_BASE_PATH=/opt/guile-${GUILE_VERSION} export GUILE_CFLAGS="-I${GUILE_BASE_PATH}/include" export GUILE_LIBS="-L${GUILE_BASE_PATH}/lib -lguile -lqthreads -ldl -ltermcap -lsocket -lnsl -lm" - sed -i '/PKG_CHECK_MODULES/d' configure.ac ./bootstrap.sh configure make diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup index 07ab75cf..d5c23dbe 100755 --- a/src/freedombone-utils-setup +++ b/src/freedombone-utils-setup @@ -260,7 +260,7 @@ function initial_setup { apt-get -yq dist-upgrade apt-get -yq install ca-certificates apt-get -yq install apt-utils - apt-get -yq install cryptsetup libgfshare-bin obnam sshpass wget avahi-daemon + apt-get -yq install cryptsetup libgfshare-bin obnam duplicity sshpass wget avahi-daemon apt-get -yq install avahi-utils avahi-discover connect-proxy openssh-server apt-get -yq install sudo git dialog build-essential avahi-daemon avahi-utils apt-get -yq install avahi-discover avahi-autoipd iptables dnsutils net-tools