From 6b3b8af8a85c82a511ffcac3c6ec5fb83b1c23c5 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 16 Dec 2015 14:12:46 +0000 Subject: [PATCH] Restore gogs --- man/freedombone-restore-gogs.1.gz | Bin 0 -> 354 bytes src/freedombone-restore-gogs | 274 ++++++++++++++++++++++++++++++ 2 files changed, 274 insertions(+) create mode 100644 man/freedombone-restore-gogs.1.gz create mode 100755 src/freedombone-restore-gogs diff --git a/man/freedombone-restore-gogs.1.gz b/man/freedombone-restore-gogs.1.gz new file mode 100644 index 0000000000000000000000000000000000000000..6a6cb17973ac4c6d2af94d9cf0e94884685180ff GIT binary patch literal 354 zcmV-o0iFIIiwFQPadB1v1BH-XPlGTNhVT0;PPp+3a5I`ojFD~#i~ArexcGI^!Woc_ zb!p3fzYLe?5~odXdfNAS-qcAVSSiF@)5Y=o1^+7(=vDsz88-Ad~Q^%3Q# zNi<(rgh~NZX^i4E+zBZjloZlbnRc4BW8^(?gd%YmyI~x95cs!)esDGDrnE9OYRwDu zfKKgxwrt9p?w|9Oipq(6O>(^(uAi_ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +PROJECT_NAME='freedombone' +COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt +BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv + +export TEXTDOMAIN=${PROJECT_NAME}-restore-gogs +export TEXTDOMAINDIR="/usr/share/locale" + +USB_DRIVE=/dev/sdb1 +USB_MOUNT=/mnt/usb + +# get default USB from config file +CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg +if [ -f $CONFIG_FILE ]; then + if grep -q "USB_DRIVE=" $CONFIG_FILE; then + USB_DRIVE=$(cat $CONFIG_FILE | grep "USB_DRIVE=" | awk -F '=' '{print $2}') + fi +fi + +ADMIN_USERNAME= +ADMIN_NAME= + +# MariaDB password +DATABASE_PASSWORD=$(cat /root/dbpass) + +MICROBLOG_DOMAIN_NAME= +HUBZILLA_DOMAIN_NAME= +OWNCLOUD_DOMAIN_NAME= +GIT_DOMAIN_NAME= +WIKI_DOMAIN_NAME= +FULLBLOG_DOMAIN_NAME= + +function mount_drive { + if [ $1 ]; then + USB_DRIVE=/dev/${1}1 + fi + + # get the admin user + ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') + if [ $2 ]; then + ADMIN_USERNAME=$2 + fi + ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1) + + # check that the backup destination is available + if [ ! -b $USB_DRIVE ]; then + echo $"Please attach a USB drive" + exit 1 + fi + + # unmount if already mounted + umount -f $USB_MOUNT + if [ ! -d $USB_MOUNT ]; then + mkdir $USB_MOUNT + fi + if [ -f /dev/mapper/encrypted_usb ]; then + rm -rf /dev/mapper/encrypted_usb + fi + cryptsetup luksClose encrypted_usb + + # mount the encrypted backup drive + cryptsetup luksOpen $USB_DRIVE encrypted_usb + if [ "$?" = "0" ]; then + USB_DRIVE=/dev/mapper/encrypted_usb + fi + mount $USB_DRIVE $USB_MOUNT + if [ ! "$?" = "0" ]; then + echo $"There was a problem mounting the USB drive to $USB_MOUNT" + rm -rf $USB_MOUNT + exit 2 + fi +} + +function unmount_drive { + sync + umount $USB_MOUNT + if [ ! "$?" = "0" ]; then + echo $"Unable to unmount the drive. This means that the backup did not work" + rm -rf $USB_MOUNT + exit 9 + fi + rm -rf $USB_MOUNT + + echo $"Setting permissions" + for d in /home/*/ ; do + USERNAME=$(echo "$d" | awk -F '/' '{print $3}') + if [[ $USERNAME != "git" ]]; then + chown -R $USERNAME:$USERNAME /home/$USERNAME + fi + done + + if [[ $USB_DRIVE == /dev/mapper/encrypted_usb ]]; then + echo $"Unmount encrypted USB" + cryptsetup luksClose encrypted_usb + fi + if [ -f /dev/mapper/encrypted_usb ]; then + rm -rf /dev/mapper/encrypted_usb + fi +} + +function check_backup_exists { + if [ ! -d $USB_MOUNT/backup ]; then + echo $"No backup directory found on the USB drive." + unmount_drive + exit 2 + fi +} + +function check_admin_user { + echo $"Checking that admin user exists" + if [ ! -d /home/$ADMIN_USERNAME ]; then + echo $"Username $ADMIN_USERNAME not found. Reinstall ${PROJECT_NAME} with this username." + unmount_drive + exit 295 + fi +} + +function copy_gpg_keys { + echo $"Copying GPG keys from admin user to root" + cp -r /home/$ADMIN_USERNAME/.gnupg /root +} + +function restore_directory_from_usb { + if [ ! -d ${1} ]; then + mkdir ${1} + fi + obnam restore -r $USB_MOUNT/backup/${2} --to ${1} +} + +function restore_database { + RESTORE_SUBDIR="root" + + if [ -d $USB_MOUNT/backup/${1} ]; then + echo $"Restoring ${1} database" + restore_directory_from_usb "/root/temp${1}data" "${1}data" + if [ ! -f /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql ]; then + echo $"Unable to restore ${1} database" + rm -rf /root/temp${1}data + unmount_drive + exit 503 + fi + mysqlsuccess=$(mysql -u root --password=$DATABASE_PASSWORD ${1} -o < /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/${1}.sql) + if [ ! "$?" = "0" ]; then + echo "$mysqlsuccess" + unmount_drive + exit 964 + fi + shred -zu /root/temp${1}data/${RESTORE_SUBDIR}/temp${1}data/* + rm -rf /root/temp${1}data + echo $"Restoring ${1} installation" + if [ ! -d /root/temp${1} ]; then + mkdir /root/temp${1} + fi + restore_directory_from_usb "/root/temp${1}" "${1}" + RESTORE_SUBDIR="var" + if [ ${2} ]; then + if [ -d /var/www/${2}/htdocs ]; then + if [ -d /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs ]; then + rm -rf /var/www/${2}/htdocs + mv /root/temp${1}/${RESTORE_SUBDIR}/www/${2}/htdocs /var/www/${2}/ + if [ ! "$?" = "0" ]; then + unmount_drive + exit 683 + fi + if [ -d /etc/letsencrypt/live/${2} ]; then + ln -s /etc/letsencrypt/live/${2}/privkey.pem /etc/ssl/private/${2}.key + ln -s /etc/letsencrypt/live/${2}/fullchain.pem /etc/ssl/certs/${2}.pem + else + # Ensure that the bundled SSL cert is being used + if [ -f /etc/ssl/certs/${2}.bundle.crt ]; then + sed -i "s|${2}.crt|${2}.bundle.crt|g" /etc/nginx/sites-available/${2} + fi + fi + fi + fi + fi + fi +} + +function update_domains { + if grep -q "Gogs domain" $COMPLETION_FILE; then + GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') + fi +} + +function same_admin_user { + PREV_ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') + if [[ "$PREV_ADMIN_USERNAME" != "$ADMIN_USERNAME" ]]; then + echo $"The admin username has changed from $PREV_ADMIN_USERNAME to $ADMIN_USERNAME. To restore you will first need to install a new ${PROJECT_NAME} system with an initial admin user named $PREV_ADMIN_USERNAME" + unmount_drive + exit 73265 + fi +} + +function restore_gogs { + if [ $GIT_DOMAIN_NAME ]; then + restore_database gogs ${GIT_DOMAIN_NAME} + if [ -d $USB_MOUNT/backup/gogs ]; then + echo $"Restoring Gogs settings" + if [ ! -d /home/git/go/src/github.com/gogits/gogs/custom ]; then + mkdir -p /home/git/go/src/github.com/gogits/gogs/custom + fi + cp -r /root/tempgogs/home/git/go/src/github.com/gogits/gogs/custom/* /home/git/go/src/github.com/gogits/gogs/custom + if [ ! "$?" = "0" ]; then + unmount_drive + exit 981 + fi + echo $"Restoring Gogs repos" + restore_directory_from_usb /root/tempgogsrepos gogsrepos + cp -r /root/tempgogsrepos/home/git/gogs-repositories/* /home/git/gogs-repositories/ + if [ ! "$?" = "0" ]; then + unmount_drive + exit 67574 + fi + echo $"Restoring Gogs authorized_keys" + restore_directory_from_usb /root/tempgogsssh gogsssh + if [ ! -d /home/git/.ssh ]; then + mkdir /home/git/.ssh + fi + cp -r /root/tempgogsssh/home/git/.ssh/* /home/git/.ssh/ + if [ ! "$?" = "0" ]; then + unmount_drive + exit 8463 + fi + rm -rf /root/tempgogs + rm -rf /root/tempgogsrepos + rm -rf /root/tempgogsssh + chown -R git:git /home/git + fi + fi +} + +mount_drive $1 $2 +check_backup_exists +check_admin_user +copy_gpg_keys +restore_configuration +same_admin_user +update_domains +restore_gogs +unmount_drive + +echo $"Restore Gogs from USB drive is complete. You can now unplug it." + +exit 0