diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local index 4bbcf7b8..59e12d85 100755 --- a/src/freedombone-backup-local +++ b/src/freedombone-backup-local @@ -337,6 +337,28 @@ function backup_mariadb { fi } +function backup_postgresql { + if [ ! -d /etc/postgresql ]; then + return + fi + + temp_backup_dir=/root/temppostgresql + if [ ! -d $temp_backup_dir ]; then + mkdir $temp_backup_dir + fi + sudo -u postgres pg_dumpall --roles-only > $temp_backup_dir/postgresql.sql + if [ ! -s $temp_backup_dir/postgresql.sql ]; then + echo $"Unable to backup postgresql settings" + rm -rf $temp_backup_dir + umount $USB_MOUNT + rm -rf $USB_MOUNT + exit 684365 + fi + echo "$DATABASE_PASSWORD" > $temp_backup_dir/db + chmod 400 $temp_backup_dir/db + backup_directory_to_usb $temp_backup_dir postgresql +} + # has the remove option been set ? remove_option=$2 if [[ $1 == "remove" ]]; then @@ -355,6 +377,7 @@ backup_configfiles backup_blocklist backup_admin_readme backup_mariadb +backup_postgresql backup_extra_directories local backup_unmount_drive $USB_DRIVE $USB_MOUNT echo $"Backup to USB drive is complete. You can now unplug it." diff --git a/src/freedombone-backup-remote b/src/freedombone-backup-remote index e3fc870a..6b582549 100755 --- a/src/freedombone-backup-remote +++ b/src/freedombone-backup-remote @@ -336,6 +336,28 @@ function backup_mariadb { fi } +function backup_postgresql { + if [ ! -d /etc/postgresql ]; then + return + fi + + temp_backup_dir=/root/temppostgresql + if [ ! -d $temp_backup_dir ]; then + mkdir $temp_backup_dir + fi + sudo -u postgres pg_dumpall --roles-only > $temp_backup_dir/postgresql.sql + if [ ! -s $temp_backup_dir/postgresql.sql ]; then + echo $"Unable to backup postgresql settings" + rm -rf $temp_backup_dir + umount $USB_MOUNT + rm -rf $USB_MOUNT + exit 684365 + fi + echo "$DATABASE_PASSWORD" > $temp_backup_dir/db + chmod 400 $temp_backup_dir/db + backup_directory_to_friend $temp_backup_dir postgresql +} + # Returns the filename of a key share function get_key_share { no_of_shares=$1 @@ -410,6 +432,7 @@ if [[ $TEST_MODE == "no" ]]; then backup_web_server backup_admin_readme backup_mariadb + backup_postgresql backup_certs backup_mailing_list backup_apps remote diff --git a/src/freedombone-restore-local b/src/freedombone-restore-local index e41ea027..75c40db8 100755 --- a/src/freedombone-restore-local +++ b/src/freedombone-restore-local @@ -289,6 +289,59 @@ function restore_mariadb { fi } +function restore_postgresql { + if [[ $RESTORE_APP != 'all' ]]; then + if [[ $RESTORE_APP != 'postgresql' ]]; then + return + fi + fi + + if [[ $(is_completed install_postgresql) == "0" ]]; then + function_check install_postgresql + install_postgresql + fi + + if [ -d $USB_MOUNT/backup/postgresql ]; then + echo $"Restoring postgresql settings" + temp_restore_dir=/root/temppostgresql + restore_directory_from_usb $temp_restore_dir postgresql + + store_original_postgresql_password + + echo $'Obtaining original postgresql password' + db_pass=$(cat /root/.postgresqloriginal) + if [ ${#db_pass} -gt 0 ]; then + echo $"Restore the postgresql user table" + if [ -d ${temp_restore_dir}${temp_restore_dir} ]; then + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}${temp_restore_dir}/postgresql.sql) + else + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql) + fi + if [ ! "$?" = "0" ]; then + echo $"Try again using the password obtained from backup" + db_pass=$(${PROJECT_NAME}-pass -u root -a postgresql) + if [ -d ${temp_restore_dir}${temp_restore_dir} ]; then + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}${temp_restore_dir}/postgresql.sql) + else + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql) + fi + fi + if [ ! "$?" = "0" ]; then + echo "$mysqlsuccess" + set_user_permissions + backup_unmount_drive + exit 73825 + fi + echo $"Restarting database" + systemctl restart postgresql + echo $"Ensure postgresql handles authentication" + POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql) + DATABASE_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql) + fi + rm -rf $temp_restore_dir + fi +} + function restore_letsencrypt { if [[ $RESTORE_APP != 'all' ]]; then if [[ $RESTORE_APP != 'letsencrypt' ]]; then @@ -865,6 +918,7 @@ restore_configfiles same_admin_user restore_passwordstore restore_mariadb +restore_postgresql restore_letsencrypt restore_tor restore_mutt_settings diff --git a/src/freedombone-restore-remote b/src/freedombone-restore-remote index d4b302b2..6cc18f3b 100755 --- a/src/freedombone-restore-remote +++ b/src/freedombone-restore-remote @@ -255,6 +255,56 @@ function restore_mariadb { fi } +function restore_postgresql { + if [[ $RESTORE_APP != 'all' ]]; then + if [[ $RESTORE_APP != 'postgresql' ]]; then + return + fi + fi + + if [[ $(is_completed install_postgresql) == "0" ]]; then + function_check install_postgresql + install_postgresql + fi + + if [ -d $SERVER_DIRECTORY/backup/postgresql ]; then + echo $"Restoring Postgresql settings" + temp_restore_dir=/root/temppostgresql + restore_directory_from_friend $temp_restore_dir postgresql + + store_original_postgresql_password + + echo $'Obtaining Postgresql password' + db_pass=$(cat /root/.postgresqloriginal) + if [ ${#db_pass} -gt 0 ]; then + echo $"Restore the Postgresql user table" + if [ -d ${temp_restore_dir}${temp_restore_dir} ]; then + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}${temp_restore_dir}/postgresql.sql) + else + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql) + fi + if [ ! "$?" = "0" ]; then + echo $"Try again using the password obtained from backup" + db_pass=$(${PROJECT_NAME}-pass -u root -a postgresql) + if [ -d ${temp_restore_dir}${temp_restore_dir} ]; then + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}${temp_restore_dir}/postgresql.sql) + else + mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql) + fi + fi + if [ ! "$?" = "0" ]; then + echo "$mysqlsuccess" + exit 962 + fi + echo $"Restarting database" + systemctl restart postgresql + echo $"Ensure postgresql handles authentication" + POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql) + fi + rm -rf ${temp_restore_dir} + fi +} + function restore_letsencrypt { if [[ $RESTORE_APP != 'all' ]]; then if [[ $RESTORE_APP != 'letsencrypt' ]]; then @@ -769,6 +819,7 @@ restore_blocklist restore_configfiles restore_passwordstore restore_mariadb +restore_postgresql restore_letsencrypt restore_mutt_settings restore_gpg diff --git a/src/freedombone-utils-backup b/src/freedombone-utils-backup index cb0b4643..a66a6480 100755 --- a/src/freedombone-utils-backup +++ b/src/freedombone-utils-backup @@ -241,7 +241,7 @@ function backup_database_local_usb { mysqldump --lock-tables --password="$DATABASE_PASSWORD" ${1} > ${local_database_dir}/${1}.sql else USE_POSTGRESQL= - pg_dump ${1} > ${local_database_dir}/${1}.sql + sudo -u postgres pg_dump ${1} > ${local_database_dir}/${1}.sql fi if [ -f ${local_database_dir}/${1}.sql ]; then if [ ! -s ${local_database_dir}/${1}.sql ]; then @@ -557,7 +557,7 @@ function backup_database_remote { mysqldump --lock-tables --password="$DATABASE_PASSWORD" ${1} > ${local_database_dir}/${1}.sql else USE_POSTGRESQL= - pg_dump ${1} > ${local_database_dir}/${1}.sql + sudo -u postgres pg_dump ${1} > ${local_database_dir}/${1}.sql fi if [ -f ${local_database_dir}/${1}.sql ]; then @@ -659,7 +659,7 @@ function restore_database_from_friend { mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${1} -o < ${local_database_dir}/${RESTORE_SUBDIR}/temp${1}data/${1}.sql) else USE_POSTGRESQL= - mysqlsuccess=$(sudo -u postgres psql $database_name < ${local_database_dir}/${RESTORE_SUBDIR}/temp${1}data/${1}.sql) + mysqlsuccess=$(sudo -u postgres pg_restore ${local_database_dir}/${RESTORE_SUBDIR}/temp${1}data/${1}.sql) fi if [ ! "$?" = "0" ]; then echo "$mysqlsuccess" @@ -738,8 +738,13 @@ function restore_database { backup_unmount_drive exit 503 fi - keep_database_running - mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${restore_app_name} -o < $database_file) + if [ ! $USE_POSTGRESQL ]; then + keep_database_running + mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${restore_app_name} -o < $database_file) + else + USE_POSTGRESQL= + mysqlsuccess=$(sudo -u postgres pg_restore $database_file) + fi if [ ! "$?" = "0" ]; then echo "$mysqlsuccess" function_check set_user_permissions diff --git a/src/freedombone-utils-postgresql b/src/freedombone-utils-postgresql index 6a02a814..ba1faccb 100755 --- a/src/freedombone-utils-postgresql +++ b/src/freedombone-utils-postgresql @@ -31,6 +31,15 @@ # Set this when calling backup and restore commands USE_POSTGRESQL= +function store_original_postgresql_password { + if [ ! -f /root/.postgresqloriginal ]; then + echo $'Storing original postgresql password' + ORIGINAL_POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql) + # We can store this in plaintext because it will soon be of historical interest only + echo -n "$ORIGINAL_POSTGRESQL_PASSWORD" > /root/.postgresqloriginal + fi +} + function get_postgresql_password { POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql) if [[ "$POSTGRESQL_PASSWORD" == *'failed'* ]]; then