From 756c1c32e95f3187b1d6f2e55d0dedb3fc62d032 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 30 Mar 2016 09:49:35 +0100 Subject: [PATCH] More mediagoblin stuff --- src/freedombone | 438 +++++++++++++++-------------- src/freedombone-backup-local | 6 + src/freedombone-backup-remote | 497 +++++++++++++++++---------------- src/freedombone-controlpanel | 15 +- src/freedombone-restore-local | 27 ++ src/freedombone-restore-remote | 22 ++ 6 files changed, 552 insertions(+), 453 deletions(-) diff --git a/src/freedombone b/src/freedombone index 70a24565..77a42544 100755 --- a/src/freedombone +++ b/src/freedombone @@ -1251,6 +1251,12 @@ function read_configuration { if grep -q "MEDIAGOBLIN_CODE" $CONFIGURATION_FILE; then MEDIAGOBLIN_CODE=$(grep "MEDIAGOBLIN_CODE" $CONFIGURATION_FILE | awk -F '=' '{print $2}') fi + if grep -q "MEDIAGOBLIN_REPO" $CONFIGURATION_FILE; then + MEDIAGOBLIN_REPO=$(grep "MEDIAGOBLIN_REPO" $CONFIGURATION_FILE | awk -F '=' '{print $2}') + fi + if grep -q "MEDIAGOBLIN_COMMIT" $CONFIGURATION_FILE; then + MEDIAGOBLIN_COMMIT=$(grep "MEDIAGOBLIN_COMMIT" $CONFIGURATION_FILE | awk -F '=' '{print $2}') + fi if grep -q "GIT_ADMIN_PASSWORD" $CONFIGURATION_FILE; then GIT_ADMIN_PASSWORD=$(grep "GIT_ADMIN_PASSWORD" $CONFIGURATION_FILE | awk -F '=' '{print $2}') fi @@ -1486,6 +1492,9 @@ function set_default_onion_domains { if [ ${#GIT_DOMAIN_NAME} -gt 1 ]; then GIT_DOMAIN_NAME='git.local' fi + if [ ${#MEDIAGOBLIN_DOMAIN_NAME} -gt 1 ]; then + MEDIAGOBLIN_DOMAIN_NAME='media.local' + fi } function nginx_disable_sniffing { @@ -1894,92 +1903,92 @@ function check_domains { fi if [ ${#GIT_DOMAIN_NAME} -gt 1 ]; then - test_domain_name "$GIT_DOMAIN_NAME" + test_domain_name "$GIT_DOMAIN_NAME" - if [[ "$test_domain_name" == "$WIKI_DOMAIN_NAME" ]]; then - echo $'Hubzilla domain name is the same as wiki domain name. They must be different' - exit 83682 - fi - if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then - echo $'Hubzilla domain name is the same as Owncloud domain name. They must be different' - exit 65192 - fi - if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then - echo $'Hubzilla domain name is the same as blog domain name. They must be different' - exit 74817 - fi - if [[ "$test_domain_name" == "$MICROBLOG_DOMAIN_NAME" ]]; then - echo $'Hubzilla domain name is the same as microblog domain name. They must be different' - exit 83683 - fi - if [[ "$test_domain_name" == "$HUBZILLA_DOMAIN_NAME" ]]; then - echo $'Microblog domain name is the same as hubzilla domain name. They must be different' - exit 678382 - fi - fi + if [[ "$test_domain_name" == "$WIKI_DOMAIN_NAME" ]]; then + echo $'Hubzilla domain name is the same as wiki domain name. They must be different' + exit 83682 + fi + if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then + echo $'Hubzilla domain name is the same as Owncloud domain name. They must be different' + exit 65192 + fi + if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then + echo $'Hubzilla domain name is the same as blog domain name. They must be different' + exit 74817 + fi + if [[ "$test_domain_name" == "$MICROBLOG_DOMAIN_NAME" ]]; then + echo $'Hubzilla domain name is the same as microblog domain name. They must be different' + exit 83683 + fi + if [[ "$test_domain_name" == "$HUBZILLA_DOMAIN_NAME" ]]; then + echo $'Microblog domain name is the same as hubzilla domain name. They must be different' + exit 678382 + fi + fi } # Checks whether certificates were generated for the given hostname function check_certificates { - if [ ! $1 ]; then - return - fi - if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then - if [ ! -f /etc/ssl/private/$1.key ]; then - echo $"Private certificate for $CHECK_HOSTNAME was not created" - exit 63959 - fi - if [ ! -f /etc/ssl/certs/$1.crt ]; then - echo $"Public certificate for $CHECK_HOSTNAME was not created" - exit 7679 - fi - else - if [ ! -f /etc/letsencrypt/live/${1}/privkey.pem ]; then - echo $"Private certificate for $CHECK_HOSTNAME was not created" - exit 6282 - fi - if [ ! -f /etc/letsencrypt/live/${1}/fullchain.pem ]; then - echo $"Public certificate for $CHECK_HOSTNAME was not created" - exit 5328 - fi - fi - if [ ! -f /etc/ssl/certs/$1.dhparam ]; then - echo $"Diffie–Hellman parameters for $CHECK_HOSTNAME were not created" - exit 5989 - fi + if [ ! $1 ]; then + return + fi + if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then + if [ ! -f /etc/ssl/private/$1.key ]; then + echo $"Private certificate for $CHECK_HOSTNAME was not created" + exit 63959 + fi + if [ ! -f /etc/ssl/certs/$1.crt ]; then + echo $"Public certificate for $CHECK_HOSTNAME was not created" + exit 7679 + fi + else + if [ ! -f /etc/letsencrypt/live/${1}/privkey.pem ]; then + echo $"Private certificate for $CHECK_HOSTNAME was not created" + exit 6282 + fi + if [ ! -f /etc/letsencrypt/live/${1}/fullchain.pem ]; then + echo $"Public certificate for $CHECK_HOSTNAME was not created" + exit 5328 + fi + fi + if [ ! -f /etc/ssl/certs/$1.dhparam ]; then + echo $"Diffie–Hellman parameters for $CHECK_HOSTNAME were not created" + exit 5989 + fi } function backup_database_local { - # Makes local backups of databases which can then be automatically rolled - # back if corruption is detected - database_name=$1 + # Makes local backups of databases which can then be automatically rolled + # back if corruption is detected + database_name=$1 - backup_databases_script=/usr/bin/backupdatabases - echo '' >> $backup_databases_script - echo "# Backup the ${database_name} database" >> $backup_databases_script - echo "TEMPFILE=/root/${database_name}.sql" >> $backup_databases_script - echo 'DAILYFILE=/var/backups/${database_name}_daily.sql' >> $backup_databases_script - echo "mysqldump --password=\"\$MYSQL_PASSWORD\" ${database_name} > \$TEMPFILE" >> $backup_databases_script - echo 'FILESIZE=$(stat -c%s $TEMPFILE)' >> $backup_databases_script - echo 'if [ "$FILESIZE" -eq "0" ]; then' >> $backup_databases_script - echo ' if [ -f $DAILYFILE ]; then' >> $backup_databases_script - echo ' cp $DAILYFILE $TEMPFILE' >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # try to restore yesterdays database' >> $backup_databases_script - echo " mysql -u root --password=\"\$MYSQL_PASSWORD\" ${database_name} -o < \$DAILYFILE" >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # Send a warning email' >> $backup_databases_script - echo " echo \"Unable to create a backup of the ${database_name} database. Attempted to restore from yesterdays backup\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script - echo ' else' >> $backup_databases_script - echo ' # Send a warning email' >> $backup_databases_script - echo " echo \"Unable to create a backup of the ${database_name} database.\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script - echo ' fi' >> $backup_databases_script - echo 'else' >> $backup_databases_script - echo ' chmod 600 $TEMPFILE' >> $backup_databases_script - echo ' mv $TEMPFILE $DAILYFILE' >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # Make the backup readable only by root' >> $backup_databases_script - echo ' chmod 600 $DAILYFILE' >> $backup_databases_script + backup_databases_script=/usr/bin/backupdatabases + echo '' >> $backup_databases_script + echo "# Backup the ${database_name} database" >> $backup_databases_script + echo "TEMPFILE=/root/${database_name}.sql" >> $backup_databases_script + echo 'DAILYFILE=/var/backups/${database_name}_daily.sql' >> $backup_databases_script + echo "mysqldump --password=\"\$MYSQL_PASSWORD\" ${database_name} > \$TEMPFILE" >> $backup_databases_script + echo 'FILESIZE=$(stat -c%s $TEMPFILE)' >> $backup_databases_script + echo 'if [ "$FILESIZE" -eq "0" ]; then' >> $backup_databases_script + echo ' if [ -f $DAILYFILE ]; then' >> $backup_databases_script + echo ' cp $DAILYFILE $TEMPFILE' >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # try to restore yesterdays database' >> $backup_databases_script + echo " mysql -u root --password=\"\$MYSQL_PASSWORD\" ${database_name} -o < \$DAILYFILE" >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # Send a warning email' >> $backup_databases_script + echo " echo \"Unable to create a backup of the ${database_name} database. Attempted to restore from yesterdays backup\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script + echo ' else' >> $backup_databases_script + echo ' # Send a warning email' >> $backup_databases_script + echo " echo \"Unable to create a backup of the ${database_name} database.\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script + echo ' fi' >> $backup_databases_script + echo 'else' >> $backup_databases_script + echo ' chmod 600 $TEMPFILE' >> $backup_databases_script + echo ' mv $TEMPFILE $DAILYFILE' >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # Make the backup readable only by root' >> $backup_databases_script + echo ' chmod 600 $DAILYFILE' >> $backup_databases_script echo 'fi' >> $backup_databases_script weekly_backup_script=/etc/cron.weekly/backupdatabasesweekly @@ -9607,150 +9616,163 @@ function install_mediagoblin { cd $MEDIAGOBLIN_WORKING_DIRECTORY git checkout $MEDIAGOBLIN_COMMIT -b $MEDIAGOBLIN_COMMIT - ./bootstrap.sh - if [ ! "$?" = "0" ]; then - exit 278826 + if ! grep -q "Mediagoblin commit" $COMPLETION_FILE; then + echo "Mediagoblin commit:$MEDIAGOBLIN_COMMIT" >> $COMPLETION_FILE + else + sed -i "s/Mediagoblin commit.*/Mediagoblin commit:$MEDIAGOBLIN_COMMIT/g" $COMPLETION_FILE fi - ./configure --with-python3 --without-virtualenv - if [ ! "$?" = "0" ]; then - exit 462826 - fi + ./bootstrap.sh + if [ ! "$?" = "0" ]; then + exit 278826 + fi - make - if [ ! "$?" = "0" ]; then - exit 738229 - fi + ./configure --with-python3 --without-virtualenv + if [ ! "$?" = "0" ]; then + exit 462826 + fi - if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then - mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev - fi - chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev - easy_install flup - if [ ! "$?" = "0" ]; then - exit 83527 - fi - if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then - echo $'mediagoblin.ini not found' - exit 737529 - fi - if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then - echo $'paste.ini not found' - exit 52762 - fi + make + if [ ! "$?" = "0" ]; then + exit 738229 + fi - cp -av mediagoblin.ini mediagoblin_local.ini - cp -av paste.ini paste_local.ini + if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then + mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev + fi + chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev + easy_install flup + if [ ! "$?" = "0" ]; then + exit 83527 + fi + if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then + echo $'mediagoblin.ini not found' + exit 737529 + fi + if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then + echo $'paste.ini not found' + exit 52762 + fi - # TODO configure ini files + cp -av mediagoblin.ini mediagoblin_local.ini + cp -av paste.ini paste_local.ini - chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY + # TODO configure ini files - # init with systemd - echo '[Unit]' > /etc/systemd/system/mediagoblin.service - echo 'Description=Mediagoblin (Media Server)' >> /etc/systemd/system/mediagoblin.service - echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin.service - echo 'After=network.target' >> /etc/systemd/system/mediagoblin.service - #echo 'After=postgresql.service' >> /etc/systemd/system/mediagoblin.service - echo '' >> /etc/systemd/system/mediagoblin.service - echo '[Service]' >> /etc/systemd/system/mediagoblin.service - echo 'Type=simple' >> /etc/systemd/system/mediagoblin.service - echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin.service - echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin.service - echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin.service - echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/lazyserver.sh --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543" >> /etc/systemd/system/mediagoblin.service - echo 'Restart=always' >> /etc/systemd/system/mediagoblin.service - echo 'Environment="USER=mediagoblin","HOME=/var/lib/mediagoblin"' >> /etc/systemd/system/mediagoblin.service - echo '' >> /etc/systemd/system/mediagoblin.service - echo '[Install]' >> /etc/systemd/system/mediagoblin.service - echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin.service - systemctl daemon-reload - systemctl enable mediagoblin - systemctl start mediagoblin + chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY - # web config - MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME - nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME - echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m' - nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME - nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST - echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST + # init with systemd + echo '[Unit]' > /etc/systemd/system/mediagoblin.service + echo 'Description=Mediagoblin (Media Server)' >> /etc/systemd/system/mediagoblin.service + echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin.service + echo 'After=network.target' >> /etc/systemd/system/mediagoblin.service + #echo 'After=postgresql.service' >> /etc/systemd/system/mediagoblin.service + echo '' >> /etc/systemd/system/mediagoblin.service + echo '[Service]' >> /etc/systemd/system/mediagoblin.service + echo 'Type=simple' >> /etc/systemd/system/mediagoblin.service + echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin.service + echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin.service + echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin.service + echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/lazyserver.sh --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543" >> /etc/systemd/system/mediagoblin.service + echo 'Restart=always' >> /etc/systemd/system/mediagoblin.service + echo 'Environment="USER=mediagoblin","HOME=/var/lib/mediagoblin"' >> /etc/systemd/system/mediagoblin.service + echo '' >> /etc/systemd/system/mediagoblin.service + echo '[Install]' >> /etc/systemd/system/mediagoblin.service + echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin.service + systemctl daemon-reload + systemctl enable mediagoblin + systemctl start mediagoblin - if [ ! -f /etc/ssl/certs/$MEDIAGOBLIN_DOMAIN_NAME.dhparam ]; then - if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then - ${PROJECT_NAME}-addcert -h $MEDIAGOBLIN_DOMAIN_NAME --dhkey $DH_KEYLENGTH - else - ${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS - fi - check_certificates $MEDIAGOBLIN_DOMAIN_NAME - fi + MEDIAGOBLIN_ONION_HOSTNAME=$(add_onion_service mediagoblin 80 ${MEDIAGOBLIN_ONION_PORT}) + if ! grep -q "Mediagoblin onion domain" $COMPLETION_FILE; then + echo "Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}" >> $COMPLETION_FILE + else + sed -i "s|Mediagoblin onion domain.*|Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}|g" $COMPLETION_FILE + fi + + # web config + MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME + nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME + echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m' + nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME + nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST + echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST - nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME - systemctl restart php5-fpm - systemctl restart nginx + if [ ! -f /etc/ssl/certs/$MEDIAGOBLIN_DOMAIN_NAME.dhparam ]; then + if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then + ${PROJECT_NAME}-addcert -h $MEDIAGOBLIN_DOMAIN_NAME --dhkey $DH_KEYLENGTH + else + ${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS + fi + check_certificates $MEDIAGOBLIN_DOMAIN_NAME + fi - # update the dynamic DNS - CURRENT_DDNS_DOMAIN=$MEDIAGOBLIN_DOMAIN_NAME - add_ddns_domain + nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME + systemctl restart php5-fpm + systemctl restart nginx - echo 'install_mediagoblin' >> $COMPLETION_FILE + # update the dynamic DNS + CURRENT_DDNS_DOMAIN=$MEDIAGOBLIN_DOMAIN_NAME + add_ddns_domain + + echo 'install_mediagoblin' >> $COMPLETION_FILE } function create_upgrade_script { diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local index 2b7803ed..80b19e54 100755 --- a/src/freedombone-backup-local +++ b/src/freedombone-backup-local @@ -104,6 +104,10 @@ function update_domains { if grep -q "Owncloud domain" $COMPLETION_FILE; then OWNCLOUD_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Owncloud domain" | awk -F ':' '{print $2}') fi + MEDIAGOBLIN_DOMAIN_NAME='mediagoblin' + if grep -q "Mediagoblin domain" $COMPLETION_FILE; then + MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}') + fi } function mount_drive { @@ -377,6 +381,7 @@ function backup_directories { "none, none, /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs, hubzilla" "none, none, /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs, blog" "none, none, /var/lib/tor, tor" + "none, none, /var/www/${MEDIAGOBLIN_DOMAIN_NAME}/htdocs, mediagoblin" ) for dr in "${backup_dirs[@]}" @@ -533,6 +538,7 @@ function valid_backup_destination { "$destination_dir" == "owncloudfiles" || \ "$destination_dir" == "owncloudconfig" || \ "$destination_dir" == "ownclouddata" || \ + "$destination_dir" == "mediagoblin" || \ "$destination_dir" == "mailinglist" ]]; then is_valid="no" fi diff --git a/src/freedombone-backup-remote b/src/freedombone-backup-remote index 9cdeaca6..954e531f 100755 --- a/src/freedombone-backup-remote +++ b/src/freedombone-backup-remote @@ -335,327 +335,338 @@ function backup_owncloud { echo $"Backing up Owncloud data" if [ -d /var/www/owncloud/data ]; then backup_directory_to_friend /var/www/owncloud/data owncloudfiles - fi - backup_directory_to_friend /var/www/owncloud/config owncloudconfig - restart_site - fi + fi + backup_directory_to_friend /var/www/owncloud/config owncloudconfig + restart_site + fi +} + +function backup_mediagoblin { + if grep -q "Mediagoblin domain" $COMPLETION_FILE; then + MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}') + suspend_site ${MEDIAGOBLIN_DOMAIN_NAME} + echo $"Backing up Mediagoblin" + backup_directory_to_friend /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs mediagoblin + restart_site + fi } function backup_gogs { - if [ -d /home/git/go/src/github.com/gogits ]; then - GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') - suspend_site ${GIT_DOMAIN_NAME} - backup_database_to_friend gogs - backup_directory_to_friend /root/tempgogsdata gogsdata - echo $"Obtaining Gogs settings backup" - backup_directory_to_friend /home/git/go/src/github.com/gogits/gogs/custom gogs - echo $"Obtaining Gogs repos backup" - mv /home/git/gogs-repositories/*.git /home/git/gogs-repositories/bob - backup_directory_to_friend /home/git/gogs-repositories gogsrepos - echo $"Obtaining Gogs authorized_keys backup" - backup_directory_to_friend /home/git/.ssh gogsssh - restart_site - fi + if [ -d /home/git/go/src/github.com/gogits ]; then + GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') + suspend_site ${GIT_DOMAIN_NAME} + backup_database_to_friend gogs + backup_directory_to_friend /root/tempgogsdata gogsdata + echo $"Obtaining Gogs settings backup" + backup_directory_to_friend /home/git/go/src/github.com/gogits/gogs/custom gogs + echo $"Obtaining Gogs repos backup" + mv /home/git/gogs-repositories/*.git /home/git/gogs-repositories/bob + backup_directory_to_friend /home/git/gogs-repositories gogsrepos + echo $"Obtaining Gogs authorized_keys backup" + backup_directory_to_friend /home/git/.ssh gogsssh + restart_site + fi } function backup_wiki { - if [ -d /etc/dokuwiki ]; then - echo $"Backing up wiki" - backup_directory_to_friend /var/lib/dokuwiki wiki - backup_directory_to_friend /etc/dokuwiki wiki2 - fi + if [ -d /etc/dokuwiki ]; then + echo $"Backing up wiki" + backup_directory_to_friend /var/lib/dokuwiki wiki + backup_directory_to_friend /etc/dokuwiki wiki2 + fi } function backup_blog { - if grep -q "Blog domain" $COMPLETION_FILE; then - FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}') - if [ -d /var/www/${FULLBLOG_DOMAIN_NAME} ]; then - echo $"Backing up blog" - backup_directory_to_friend /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs blog - else - echo $"Blog domain specified but not found in /var/www/${FULLBLOG_DOMAIN_NAME}" - exit 2578 - fi - fi + if grep -q "Blog domain" $COMPLETION_FILE; then + FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}') + if [ -d /var/www/${FULLBLOG_DOMAIN_NAME} ]; then + echo $"Backing up blog" + backup_directory_to_friend /var/www/${FULLBLOG_DOMAIN_NAME}/htdocs blog + else + echo $"Blog domain specified but not found in /var/www/${FULLBLOG_DOMAIN_NAME}" + exit 2578 + fi + fi } function backup_certs { - if [ -d /etc/ssl ]; then - echo $"Backing up certificates" - backup_directory_to_friend /etc/ssl ssl - fi + if [ -d /etc/ssl ]; then + echo $"Backing up certificates" + backup_directory_to_friend /etc/ssl ssl + fi } function backup_mailing_list { - if [ -d /var/spool/mlmmj ]; then - echo $"Backing up the public mailing list" - backup_directory_to_friend /var/spool/mlmmj mailinglist - fi + if [ -d /var/spool/mlmmj ]; then + echo $"Backing up the public mailing list" + backup_directory_to_friend /var/spool/mlmmj mailinglist + fi } function backup_xmpp { - if [ -d /var/lib/prosody ]; then - echo $"Backing up the XMPP settings" - backup_directory_to_friend /var/lib/prosody xmpp - fi + if [ -d /var/lib/prosody ]; then + echo $"Backing up the XMPP settings" + backup_directory_to_friend /var/lib/prosody xmpp + fi } function backup_web_server { - if [ -d /etc/nginx ]; then - echo $"Backing up web settings" - backup_directory_to_friend /etc/nginx/sites-available web - fi + if [ -d /etc/nginx ]; then + echo $"Backing up web settings" + backup_directory_to_friend /etc/nginx/sites-available web + fi } function backup_admin_readme { - if [ -f /home/$ADMIN_USERNAME/README ]; then - echo $"Backing up README" - if [ ! -d /home/$ADMIN_USERNAME/tempbackup ]; then - mkdir -p /home/$ADMIN_USERNAME/tempbackup - fi - cp -f /home/$ADMIN_USERNAME/README /home/$ADMIN_USERNAME/tempbackup - backup_directory_to_friend /home/$ADMIN_USERNAME/tempbackup readme - fi + if [ -f /home/$ADMIN_USERNAME/README ]; then + echo $"Backing up README" + if [ ! -d /home/$ADMIN_USERNAME/tempbackup ]; then + mkdir -p /home/$ADMIN_USERNAME/tempbackup + fi + cp -f /home/$ADMIN_USERNAME/README /home/$ADMIN_USERNAME/tempbackup + backup_directory_to_friend /home/$ADMIN_USERNAME/tempbackup readme + fi } function backup_ipfs { - if [ -d /home/$ADMIN_USERNAME/.ipfs ]; then - echo $"Backing up IPFS" - backup_directory_to_friend /home/$ADMIN_USERNAME/.ipfs ipfs - fi + if [ -d /home/$ADMIN_USERNAME/.ipfs ]; then + echo $"Backing up IPFS" + backup_directory_to_friend /home/$ADMIN_USERNAME/.ipfs ipfs + fi } function backup_dlna { - if [ -d /var/cache/minidlna ]; then - echo $"Backing up DLNA cache" - backup_directory_to_friend /var/cache/minidlna dlna - fi + if [ -d /var/cache/minidlna ]; then + echo $"Backing up DLNA cache" + backup_directory_to_friend /var/cache/minidlna dlna + fi } function backup_voip { - if [ -f /etc/mumble-server.ini ]; then - echo $"Backing up VoIP settings" - if [ ! -d /root/tempvoipbackup ]; then - mkdir -p /root/tempvoipbackup - fi - cp -f /etc/mumble-server.ini /root/tempvoipbackup - cp -f /var/lib/mumble-server/mumble-server.sqlite /root/tempvoipbackup - cp -f /etc/sipwitch.conf /root/tempvoipbackup - backup_directory_to_friend /root/tempvoipbackup voip - fi + if [ -f /etc/mumble-server.ini ]; then + echo $"Backing up VoIP settings" + if [ ! -d /root/tempvoipbackup ]; then + mkdir -p /root/tempvoipbackup + fi + cp -f /etc/mumble-server.ini /root/tempvoipbackup + cp -f /var/lib/mumble-server/mumble-server.sqlite /root/tempvoipbackup + cp -f /etc/sipwitch.conf /root/tempvoipbackup + backup_directory_to_friend /root/tempvoipbackup voip + fi } function backup_tox { - if [ -d /var/lib/tox-bootstrapd ]; then - echo "Backing up Tox node settings" - if [ -d /var/lib/tox-bootstrapd/Maildir ]; then - rm -rf /var/lib/tox-bootstrapd/Maildir - fi - cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd - backup_directory_to_friend /var/lib/tox-bootstrapd tox - fi + if [ -d /var/lib/tox-bootstrapd ]; then + echo "Backing up Tox node settings" + if [ -d /var/lib/tox-bootstrapd/Maildir ]; then + rm -rf /var/lib/tox-bootstrapd/Maildir + fi + cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd + backup_directory_to_friend /var/lib/tox-bootstrapd tox + fi } function backup_mariadb { - if [ ${#DATABASE_PASSWORD} -gt 1 ]; then - if [ ! -d /root/tempmariadb ]; then - mkdir /root/tempmariadb - fi - mysqldump --password=$DATABASE_PASSWORD mysql user > /root/tempmariadb/mysql.sql - if [ ! -s /root/tempmariadb/mysql.sql ]; then - echo $"Unable to backup MariaDB settings" - rm -rf /root/tempmariadb - # Send a warning email - echo $"Unable to export database settings" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS - exit 653 - fi - echo "$DATABASE_PASSWORD" > /root/tempmariadb/db - chmod 400 /root/tempmariadb/db - backup_directory_to_friend /root/tempmariadb mariadb - fi + if [ ${#DATABASE_PASSWORD} -gt 1 ]; then + if [ ! -d /root/tempmariadb ]; then + mkdir /root/tempmariadb + fi + mysqldump --password=$DATABASE_PASSWORD mysql user > /root/tempmariadb/mysql.sql + if [ ! -s /root/tempmariadb/mysql.sql ]; then + echo $"Unable to backup MariaDB settings" + rm -rf /root/tempmariadb + # Send a warning email + echo $"Unable to export database settings" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS + exit 653 + fi + echo "$DATABASE_PASSWORD" > /root/tempmariadb/db + chmod 400 /root/tempmariadb/db + backup_directory_to_friend /root/tempmariadb mariadb + fi } # Returns the filename of a key share function get_key_share { - no_of_shares=$1 - USERNAME="$2" - REMOTE_DOMAIN="$3" + no_of_shares=$1 + USERNAME="$2" + REMOTE_DOMAIN="$3" - # Get a share index based on the supplied domain name - # This ensures that the same share is always given to the same domain - sharenumstr=$(md5sum <<< "$REMOTE_DOMAIN") - share_index=$(echo $((0x${sharenumstr%% *} % ${no_of_shares})) | tr -d -) + # Get a share index based on the supplied domain name + # This ensures that the same share is always given to the same domain + sharenumstr=$(md5sum <<< "$REMOTE_DOMAIN") + share_index=$(echo $((0x${sharenumstr%% *} % ${no_of_shares})) | tr -d -) - # get the filename - share_files=(/home/$USERNAME/.gnupg_fragments/keyshare.asc.*) - share_filename=${share_files[share_index]} + # get the filename + share_files=(/home/$USERNAME/.gnupg_fragments/keyshare.asc.*) + share_filename=${share_files[share_index]} - echo "$share_filename" + echo "$share_filename" } function disperse_key_shares { - USERNAME=$1 - REMOTE_DOMAIN=$2 - REMOTE_SSH_PORT=$3 - REMOTE_PASSWORD=$4 - REMOTE_SERVER=$5 + USERNAME=$1 + REMOTE_DOMAIN=$2 + REMOTE_SSH_PORT=$3 + REMOTE_PASSWORD=$4 + REMOTE_SERVER=$5 - if [ -d /home/$USERNAME/.gnupg_fragments ]; then - if [ $REMOTE_DOMAIN ]; then - cd /home/$USERNAME/.gnupg_fragments - no_of_shares=$(ls -afq keyshare.asc.* | wc -l) - if (( no_of_shares > 1 )); then - share_filename=$(get_key_share $no_of_shares "$USERNAME" "$REMOTE_DOMAIN") + if [ -d /home/$USERNAME/.gnupg_fragments ]; then + if [ $REMOTE_DOMAIN ]; then + cd /home/$USERNAME/.gnupg_fragments + no_of_shares=$(ls -afq keyshare.asc.* | wc -l) + if (( no_of_shares > 1 )); then + share_filename=$(get_key_share $no_of_shares "$USERNAME" "$REMOTE_DOMAIN") - # create a temp directory containing the share - temp_key_share_dir=/home/$USERNAME/tempkey - temp_key_share_fragments=$temp_key_share_dir/.gnupg_fragments_${USERNAME} - mkdir -p $temp_key_share_fragments - cp $share_filename $temp_key_share_fragments/ + # create a temp directory containing the share + temp_key_share_dir=/home/$USERNAME/tempkey + temp_key_share_fragments=$temp_key_share_dir/.gnupg_fragments_${USERNAME} + mkdir -p $temp_key_share_fragments + cp $share_filename $temp_key_share_fragments/ - # copy the fragments directory to the remote server - /usr/bin/sshpass -p "$REMOTE_PASSWORD" \ - scp -r -P $REMOTE_SSH_PORT $temp_key_share_fragments $REMOTE_SERVER - if [ ! "$?" = "0" ]; then - # Send a warning email - echo "Key share to $REMOTE_SERVER failed" | \ - mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS - else - # Send a confirmation email - echo "Key ${share_filename} shared to $REMOTE_SERVER" | \ - mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS - fi + # copy the fragments directory to the remote server + /usr/bin/sshpass -p "$REMOTE_PASSWORD" \ + scp -r -P $REMOTE_SSH_PORT $temp_key_share_fragments $REMOTE_SERVER + if [ ! "$?" = "0" ]; then + # Send a warning email + echo "Key share to $REMOTE_SERVER failed" | \ + mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS + else + # Send a confirmation email + echo "Key ${share_filename} shared to $REMOTE_SERVER" | \ + mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS + fi - # remove the temp file/directory - shred -zu $temp_key_share_fragments/* - rm -rf $temp_key_share_dir - fi - fi - fi + # remove the temp file/directory + shred -zu $temp_key_share_fragments/* + rm -rf $temp_key_share_dir + fi + fi + fi } function valid_backup_destination { - destination_dir="$1" - is_valid="yes" + destination_dir="$1" + is_valid="yes" - if [[ "$destination_dir" == "hubzilla" || \ - "$destination_dir" == "hubzilladata" || \ - "$destination_dir" == "gogs" || \ - "$destination_dir" == "gogsrepos" || \ - "$destination_dir" == "gogsssh" || \ - "$destination_dir" == "gnusocial" || \ - "$destination_dir" == "gnusocialdata" || \ - "$destination_dir" == "mariadb" || \ - "$destination_dir" == "config" || \ - "$destination_dir" == "letsencrypt" || \ - "$destination_dir" == "wiki" || \ - "$destination_dir" == "wiki2" || \ - "$destination_dir" == "xmpp" || \ - "$destination_dir" == "ipfs" || \ - "$destination_dir" == "dlna" || \ - "$destination_dir" == "tox" || \ - "$destination_dir" == "ssl" || \ - "$destination_dir" == "blog" || \ - "$destination_dir" == "owncloudfiles" || \ - "$destination_dir" == "owncloudconfig" || \ - "$destination_dir" == "ownclouddata" || \ - "$destination_dir" == "mailinglist" ]]; then - is_valid="no" - fi + if [[ "$destination_dir" == "hubzilla" || \ + "$destination_dir" == "hubzilladata" || \ + "$destination_dir" == "gogs" || \ + "$destination_dir" == "gogsrepos" || \ + "$destination_dir" == "gogsssh" || \ + "$destination_dir" == "gnusocial" || \ + "$destination_dir" == "gnusocialdata" || \ + "$destination_dir" == "mariadb" || \ + "$destination_dir" == "config" || \ + "$destination_dir" == "letsencrypt" || \ + "$destination_dir" == "wiki" || \ + "$destination_dir" == "wiki2" || \ + "$destination_dir" == "xmpp" || \ + "$destination_dir" == "ipfs" || \ + "$destination_dir" == "dlna" || \ + "$destination_dir" == "tox" || \ + "$destination_dir" == "ssl" || \ + "$destination_dir" == "blog" || \ + "$destination_dir" == "owncloudfiles" || \ + "$destination_dir" == "owncloudconfig" || \ + "$destination_dir" == "ownclouddata" || \ + "$destination_dir" == "mailinglist" ]]; then + is_valid="no" + fi - echo $is_valid + echo $is_valid } function backup_extra_directories { - if [ ! -f $BACKUP_EXTRA_DIRECTORIES ]; then - return - fi + if [ ! -f $BACKUP_EXTRA_DIRECTORIES ]; then + return + fi - echo $"Backing up some additional directories" - while read backup_line - do - backup_dir=$(echo "$backup_line" | awk -F ',' '{print $1}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') - if [ -d "$backup_dir" ]; then - destination_dir=$(echo "$backup_line" | awk -F ',' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') - if [[ $(valid_backup_destination "$destination_dir") == "yes" ]]; then - backup_directory_to_friend "$backup_dir" "$destination_dir" - else - echo $"WARNING: The backup directory $destination_dir is already used." - echo $"Choose a different destination name for backing up $backup_dir" - fi - else - echo $"WARNING: Directory $backup_dir does not exist" - fi - done <$BACKUP_EXTRA_DIRECTORIES + echo $"Backing up some additional directories" + while read backup_line + do + backup_dir=$(echo "$backup_line" | awk -F ',' '{print $1}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') + if [ -d "$backup_dir" ]; then + destination_dir=$(echo "$backup_line" | awk -F ',' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') + if [[ $(valid_backup_destination "$destination_dir") == "yes" ]]; then + backup_directory_to_friend "$backup_dir" "$destination_dir" + else + echo $"WARNING: The backup directory $destination_dir is already used." + echo $"Choose a different destination name for backing up $backup_dir" + fi + else + echo $"WARNING: Directory $backup_dir does not exist" + fi + done <$BACKUP_EXTRA_DIRECTORIES } TEST_MODE="no" if [[ "$1" == "test" ]]; then - TEST_MODE="yes" + TEST_MODE="yes" fi backup_configuration if [[ $TEST_MODE == "no" ]]; then - backup_users - backup_letsencrypt - backup_tor - backup_gnusocial - backup_rss_reader - backup_hubzilla - backup_owncloud - backup_gogs - backup_wiki - backup_blog - backup_certs - backup_mailing_list - backup_xmpp - backup_web_server - backup_admin_readme - backup_ipfs - backup_dlna - backup_voip - backup_tox - backup_mariadb - backup_extra_directories + backup_users + backup_letsencrypt + backup_tor + backup_gnusocial + backup_rss_reader + backup_hubzilla + backup_owncloud + backup_mediagoblin + backup_gogs + backup_wiki + backup_blog + backup_certs + backup_mailing_list + backup_xmpp + backup_web_server + backup_admin_readme + backup_ipfs + backup_dlna + backup_voip + backup_tox + backup_mariadb + backup_extra_directories fi # For each remote server while read remote_server do - # Get the server and its password - # Format is: - # username@domain /home/username - REMOTE_SERVER=$(echo "${remote_server}" | awk -F ' ' '{print $1}') - if [ $REMOTE_SERVER ]; then - REMOTE_DOMAIN=$(echo "${remote_server}" | awk -F ' ' '{print $1}' | awk -F '@' '{print $2}') - REMOTE_SSH_PORT=$(echo "${remote_server}" | awk -F ' ' '{print $2}') - REMOTE_DIRECTORY=$(echo "${remote_server}" | awk -F ' ' '{print $3}') - REMOTE_PASSWORD=$(echo "${remote_server}" | awk -F ' ' '{print $4}') - NOW=$(date +"%Y-%m-%d %H:%M:%S") - REMOTE_SERVER=$REMOTE_SERVER:$REMOTE_DIRECTORY + # Get the server and its password + # Format is: + # username@domain /home/username + REMOTE_SERVER=$(echo "${remote_server}" | awk -F ' ' '{print $1}') + if [ $REMOTE_SERVER ]; then + REMOTE_DOMAIN=$(echo "${remote_server}" | awk -F ' ' '{print $1}' | awk -F '@' '{print $2}') + REMOTE_SSH_PORT=$(echo "${remote_server}" | awk -F ' ' '{print $2}') + REMOTE_DIRECTORY=$(echo "${remote_server}" | awk -F ' ' '{print $3}') + REMOTE_PASSWORD=$(echo "${remote_server}" | awk -F ' ' '{print $4}') + NOW=$(date +"%Y-%m-%d %H:%M:%S") + REMOTE_SERVER=$REMOTE_SERVER:$REMOTE_DIRECTORY - echo "$NOW Starting backup to $REMOTE_SERVER" >> /var/log/remotebackups.log + echo "$NOW Starting backup to $REMOTE_SERVER" >> /var/log/remotebackups.log - # Social key management - for d in /home/*/ ; do - USERNAME=$(echo "$d" | awk -F '/' '{print $3}') - if [[ $USERNAME != "git" && $USERNAME != "mirrors" ]]; then - disperse_key_shares $USERNAME $REMOTE_DOMAIN $REMOTE_SSH_PORT "$REMOTE_PASSWORD" $REMOTE_SERVER - fi - done + # Social key management + for d in /home/*/ ; do + USERNAME=$(echo "$d" | awk -F '/' '{print $3}') + if [[ $USERNAME != "git" && $USERNAME != "mirrors" ]]; then + disperse_key_shares $USERNAME $REMOTE_DOMAIN $REMOTE_SSH_PORT "$REMOTE_PASSWORD" $REMOTE_SERVER + fi + done - if [[ $TEST_MODE == "yes" ]]; then - echo "rsync -ratlzv --rsh=\"/usr/bin/sshpass -p '$REMOTE_PASSWORD' ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no\" $SERVER_DIRECTORY/backup $REMOTE_SERVER" - fi - rsync -ratlzv --rsh="/usr/bin/sshpass -p \"$REMOTE_PASSWORD\" ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" $SERVER_DIRECTORY/backup $REMOTE_SERVER - if [ ! "$?" = "0" ]; then - echo "$NOW Backup to $REMOTE_SERVER failed" >> /var/log/remotebackups.log - # Send a warning email - echo "Backup to $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS - else - echo "$NOW Backed up to $REMOTE_SERVER" >> /var/log/remotebackups.log - fi - fi + if [[ $TEST_MODE == "yes" ]]; then + echo "rsync -ratlzv --rsh=\"/usr/bin/sshpass -p '$REMOTE_PASSWORD' ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no\" $SERVER_DIRECTORY/backup $REMOTE_SERVER" + fi + rsync -ratlzv --rsh="/usr/bin/sshpass -p \"$REMOTE_PASSWORD\" ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" $SERVER_DIRECTORY/backup $REMOTE_SERVER + if [ ! "$?" = "0" ]; then + echo "$NOW Backup to $REMOTE_SERVER failed" >> /var/log/remotebackups.log + # Send a warning email + echo "Backup to $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS + else + echo "$NOW Backed up to $REMOTE_SERVER" >> /var/log/remotebackups.log + fi + fi done < /home/${ADMIN_USERNAME}/backup.list diff --git a/src/freedombone-controlpanel b/src/freedombone-controlpanel index e64d8f96..aaef4e91 100755 --- a/src/freedombone-controlpanel +++ b/src/freedombone-controlpanel @@ -393,6 +393,15 @@ function show_domains { fi echo '' fi + if grep -q "Mediagoblin domain" $COMPLETION_FILE; then + echo -n -e "$(pad_string 'Mediagoblin')" + MEDIADOM=$(cat ${COMPLETION_FILE} | grep 'Mediagoblin domain' | awk -F ':' '{print $2}') + echo -n -e "$(pad_string ${MEDIADOM})" + if [ -d /var/lib/tor/hidden_service_mediagoblin ]; then + echo -n "$(cat /var/lib/tor/hidden_service_mediagoblin/hostname)" + fi + echo '' + fi echo '' } @@ -1074,7 +1083,7 @@ function restore_from_usb { trap "rm -f $data" 0 1 2 5 15 dialog --backtitle $"Freedombone Control Panel" \ --title $"Restore from USB backup" \ - --radiolist $"Choose an application to restore:" 31 70 28 \ + --radiolist $"Choose an application to restore:" 32 70 28 \ 1 $"Everything" off \ 2 $"Return to the backup and restore menu" on \ 3 $"Configuration files" off \ @@ -1105,7 +1114,8 @@ function restore_from_usb { 28 $"DLNA" off \ 29 $"VoIP" off \ 30 $"RSS reader" off \ - 31 $"Tox" off 2> $data + 31 $"Tox" off \ + 32 $"Mediagoblin" off 2> $data sel=$? case $sel in 1) break;; @@ -1148,6 +1158,7 @@ function restore_from_usb { 29) ${PROJECT_NAME}-restore-local $USB_DRIVE voip;; 30) ${PROJECT_NAME}-restore-local $USB_DRIVE ttrss;; 31) ${PROJECT_NAME}-restore-local $USB_DRIVE tox;; + 32) ${PROJECT_NAME}-restore-local $USB_DRIVE mediagoblin;; esac done any_key diff --git a/src/freedombone-restore-local b/src/freedombone-restore-local index 7218de74..798046c9 100755 --- a/src/freedombone-restore-local +++ b/src/freedombone-restore-local @@ -58,6 +58,7 @@ DATABASE_PASSWORD=$(cat /root/dbpass) MICROBLOG_DOMAIN_NAME= HUBZILLA_DOMAIN_NAME= OWNCLOUD_DOMAIN_NAME= +MEDIAGOBLIN_DOMAIN_NAME= GIT_DOMAIN_NAME= WIKI_DOMAIN_NAME= FULLBLOG_DOMAIN_NAME= @@ -249,6 +250,9 @@ function update_domains { if grep -q "Owncloud domain" $COMPLETION_FILE; then OWNCLOUD_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Owncloud domain" | awk -F ':' '{print $2}') fi + if grep -q "Mediagoblin domain" $COMPLETION_FILE; then + MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}') + fi if grep -q "Gogs domain" $COMPLETION_FILE; then GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}') fi @@ -865,6 +869,28 @@ function restore_owncloud { fi } +function restore_mediagoblin { + if [[ $RESTORE_APP != 'all' ]]; then + if [[ $RESTORE_APP != 'mediagoblin' ]]; then + return + fi + fi + if [ ! $MEDIAGOBLIN_DOMAIN_NAME ]; then + return + fi + + if [ -d $USB_MOUNT/backup/mediagoblin ]; then + restore_directory_from_usb /root/tempmediagoblin mediagoblin + cp -r /root/tempmediagoblin/* / + if [ ! "$?" = "0" ]; then + unmount_drive + exit 67843 + fi + rm -rf /root/tempmediagoblin + chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs + fi +} + function restore_gogs { if [[ $RESTORE_APP != 'all' ]]; then if [[ $RESTORE_APP != 'gogs' ]]; then @@ -1149,6 +1175,7 @@ restore_gnu_social restore_hubzilla restore_rss_reader restore_owncloud +restore_mediagoblin restore_gogs restore_wiki restore_blog diff --git a/src/freedombone-restore-remote b/src/freedombone-restore-remote index 5702201c..c58a02b0 100755 --- a/src/freedombone-restore-remote +++ b/src/freedombone-restore-remote @@ -735,6 +735,27 @@ function restore_owncloud { fi } +function restore_mediagoblin { + if [[ $RESTORE_APP != 'all' ]]; then + if [[ $RESTORE_APP != 'mediagoblin' ]]; then + return + fi + fi + if grep -q "Mediagoblin domain" $COMPLETION_FILE; then + MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}') + if [ -d $SERVER_DIRECTORY/backup/mediagoblin ]; then + echo $"Restoring Mediagoblin installation" + restore_directory_from_friend /root/tempmediagoblin mediagoblin + cp -r /root/tempmediagoblin/* / + if [ ! "$?" = "0" ]; then + exit 5626 + fi + rm -rf /root/tempmediagoblin + fi + chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs + fi +} + function restore_gogs { if [[ $RESTORE_APP != 'all' ]]; then if [[ $RESTORE_APP != 'gogs' ]]; then @@ -992,6 +1013,7 @@ restore_gnu_social restore_hubzilla restore_rss_reader restore_owncloud +restore_mediagoblin restore_gogs restore_wiki restore_blog