From 400b4c5725c7a06b98f39cfcfb43ed0db5f9f76e Mon Sep 17 00:00:00 2001 From: ljf Date: Thu, 8 Apr 2021 20:20:10 +0200 Subject: [PATCH] [enh] Add monitoring options --- README.md | 2 +- check_process | 20 ++++++++++++------- conf/monitor-backup | 2 ++ manifest.json | 23 ++++++++++++++++++++-- scripts/_common.sh | 25 ++++++++++------------- scripts/backup | 18 +++++++++++++++++ scripts/install | 15 +++++++++++--- scripts/remove | 18 ++++++++++++++--- scripts/upgrade | 48 +++++++++++++++++++++++++++++++++++++-------- 9 files changed, 132 insertions(+), 39 deletions(-) create mode 100644 conf/monitor-backup diff --git a/README.md b/README.md index 9b63e4c..c19f68a 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Offer backup storage to a friend. The main goal of Borg is to provide an efficient and secure way to backup data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to not fully trusted targets. -**Shipped version:** 1.1.14 +**Shipped version:** 1.1.16 ## Documentation diff --git a/check_process b/check_process index efc60ad..edbba5a 100644 --- a/check_process +++ b/check_process @@ -1,9 +1,10 @@ ;; Test complet ; Manifest - server="domain.tld:22" - ssh_user="sam" - public_key="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILM5TaFx9x9gXAkdRqEw39tpBLW/jXFzcBe9diuPlEfP" - quota="5G" + ssh_user="sam" + public_key="ssh-ed25519 AAAACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC" + alert_delay=1 + alert_mails="sam@domain.tld" + quota="1G" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -12,10 +13,15 @@ setup_private=0 setup_public=0 upgrade=1 + upgrade=1 from_commit=c6ff77fc299c008b83cfe5f849b5d115989d5c49 backup_restore=1 - multi_instance=0 + multi_instance=1 port_already_use=0 change_url=0 ;;; Options -Email=ljf+borgserver_ynh@reflexlibre.net -Notification=down +Email=ljf+borg_ynh@reflexlibre.net +Notificatio +;;; Upgrade options + ; commit=c6ff77fc299c008b83cfe5f849b5d115989d5c49 + name=Merge pull request #26 from YunoHost-Apps/testing + manifest_arg=ssh_user=sam&public_key=ssh-ed25519 AAAACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"a=1G diff --git a/conf/monitor-backup b/conf/monitor-backup new file mode 100644 index 0000000..9010a0f --- /dev/null +++ b/conf/monitor-backup @@ -0,0 +1,2 @@ +SHELL=/bin/bash +0 9,20 * * * root : Monitor __SSH_USER__ backup ; ALERT_DELAY="$(yunohost app setting __APP__ alert_delay)"; [[ $(find /home/__SSH_USER__ -mtime -${ALERT_DELAY} -ls | wc -l) > 0 ]] || ( echo "No file has been backuped in /home/__SSH_USER__ since ${ALERT_DELAY} days" | mail -s "[YNH] Backup missing : __SSH_USER__" $(yunohost app setting __APP__ alert_mails)) diff --git a/manifest.json b/manifest.json index 6f3ba89..877c874 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Offer backup storage to a friend.", "fr": "Offrez un espace de stockage à un⋅e ami⋅e." }, - "version": "1.1.14~ynh1", + "version": "1.1.16~ynh1", "url": "https://borgbackup.readthedocs.io", "license": "BSD-3-Clause", "maintainer": { @@ -17,7 +17,7 @@ "requirements": { "yunohost": ">= 3.8.1" }, - "multi_instance": false, + "multi_instance": true, "services": [], "arguments": { "install" : [ @@ -38,6 +38,25 @@ "fr": "Indiquez la clé publique donnée par l'app borg_ynh" } }, + { + "name": "alert_delay", + "type": "number", + "ask": { + "en": "After which delay in days should we alert if there are no changes on repo ?", + "fr": "Après quel délais en jours devons-nous lancer une alerte si il n'y a pas de changement dans le repo ?" + }, + "default": "1" + }, + { + "name": "alert_mails", + "type": "string", + "ask": { + "en": "Emails to whom send alerts ?", + "fr": "Emails des personnes à qui envoyer les alertes ?" + }, + "default": "root", + "example": "camille@example.com,eden@example.com" + }, { "name": "quota", "type": "string", diff --git a/scripts/_common.sh b/scripts/_common.sh index 9553a46..6a33ffa 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,18 +5,25 @@ #================================================= # App package root directory should be the parent folder PKG_DIR=$(cd ../; pwd) +BORG_VERSION=1.1.16 -pkg_dependencies="python3-pip python3-dev libacl1-dev libssl-dev liblz4-dev python-jinja2 python3-setuptools python-virtualenv" +pkg_dependencies="python3-pip python3-dev libacl1-dev libssl-dev liblz4-dev python3-jinja2 python3-setuptools python3-venv python-virtualenv virtualenv libfuse-dev pkg-config" # Install borg with pip if borg is not here install_borg_with_pip () { + if [ -d /opt/borg-env ]; then + /opt/borg-env/bin/python /opt/borg-env/bin/pip list | grep "Version: $BORG_VERSION" || ynh_secure_remove /opt/borg-env + fi if [ ! -d /opt/borg-env ]; then python3 -m venv /opt/borg-env - /opt/borg-env/bin/python /opt/borg-env/bin/pip install borgbackup==1.1.14 + /opt/borg-env/bin/python /opt/borg-env/bin/pip install wheel + /opt/borg-env/bin/python /opt/borg-env/bin/pip install borgbackup[fuse]==$BORG_VERSION echo "#!/bin/bash /opt/borg-env/bin/python /opt/borg-env/bin/borg \"\$@\"" > /usr/local/bin/borg - chmod a+x /usr/local/bin/borg + touch "/opt/borg-env/$(ynh_get_debian_release)" fi + # We need this to be executable by other borg apps + chmod a+x /usr/local/bin/borg } #================================================= @@ -46,15 +53,3 @@ ynh_save_args () { ynh_app_setting_set $app $setting_var "${!var}" done } - - - -ynh_configure () { - ynh_backup_if_checksum_is_different $2 - ynh_render_template "${PKG_DIR}/conf/$1.j2" $2 - ynh_store_file_checksum $2 -} - -ynh_read_json () { - python3 -c "import sys, json;print(json.load(open('$1'))['$2'])" -} diff --git a/scripts/backup b/scripts/backup index a50d340..4263664 100755 --- a/scripts/backup +++ b/scripts/backup @@ -18,5 +18,23 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME +export ssh_user="$(ynh_app_setting_get $app ssh_user)" + +#================================================= +# DECLARE DATA AND CONF FILES TO BACKUP +#================================================= +ynh_print_info --message="Declaring files to be backed up..." +ynh_backup "/home/$ssh_user/.ssh" +ynh_backup "/home/$ssh_user/.nobackup" +ynh_backup "/etc/cron.d/$app" + +ynh_print_info --message="Borg backup repo in /home/$ssh_user/ won't be backup to avoid backup of backup loop issue." + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/install b/scripts/install index 10e81f7..9cade3c 100755 --- a/scripts/install +++ b/scripts/install @@ -23,7 +23,7 @@ ynh_abort_if_errors export app=$YNH_APP_INSTANCE_NAME # Retrieve arguments -ynh_export ssh_user public_key quota +ynh_export ssh_user public_key quota alert_delay alert_mails #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS @@ -35,7 +35,7 @@ ynh_system_user_exists --username=$ssh_user && ynh_die --message="This user alre # STORE SETTINGS FROM MANIFEST #================================================= -ynh_save_args ssh_user public_key quota +ynh_save_args ssh_user public_key quota alert_delay alert_mails #================================================= # INSTALL DEPENDENCIES @@ -48,16 +48,18 @@ install_borg_with_pip #================================================= # CREATE SSH USER USED BY BORG #================================================= -ynh_script_progression --message="Creat SSH user used by Borg..." +ynh_script_progression --message="Creating SSH user used by Borg..." adduser $ssh_user --quiet --gecos ",,," --shell /bin/bash --disabled-password #================================================= # AUTORIZE SSH FOR THIS USER #================================================= +ynh_script_progression --message="Configuring SSH public key for remote connexion..." home=/home/$ssh_user mkdir -p /home/$ssh_user/.ssh +chmod o=--- /home/$ssh_user touch /home/$ssh_user/.ssh/authorized_keys extra="--storage-quota $quota" if [ "$quota" = "" ]; then @@ -68,9 +70,16 @@ echo "command=\"borg serve $extra --restrict-to-repository /home/$ssh_user/backu #================================================= # AVOID BACKUP OF BACKUP #================================================= +ynh_script_progression --message="Avoiding to backup the backup itself..." touch $home/.nobackup +#================================================= +# SETUP CRON +#================================================= +ynh_script_progression --message="Configuring cron to monitor backup..." +ynh_add_config --template="monitor-backup" --destination="/etc/cron.d/$app" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 4f5756e..4a4c3eb 100755 --- a/scripts/remove +++ b/scripts/remove @@ -23,12 +23,24 @@ ynh_script_progression --message="Removing dependencies..." ynh_remove_app_dependencies -#================================================= -# REMOVE FILES -#================================================= +# Remove borg if we are removing the last borg app on the system +if [ "$(yunohost app list | grep "id: borg" | wc -l)" == "1" ] ; then + ynh_secure_remove "/opt/borg-env" + ynh_secure_remove "/usr/local/bin/borg" +fi +#================================================= +# REMOVE USER BUT KEEP FILES +#================================================= +# We keep files cause we don't know what the user want to do about +# backups stored in the home directory userdel $ssh_user +#================================================= +# REMOVE CRON FILES +#================================================= +ynh_secure_remove "/etc/cron.d/$app" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index e94e027..382b029 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,12 +26,14 @@ ynh_check_app_version_changed # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} +# We don't backup before upgrade cause we don't want accidental +# remove of repo if upgrade failed + +#ynh_backup_before_upgrade +#ynh_clean_setup () { +# # restore it if the upgrade fails +# ynh_restore_upgradebackup +#} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -49,18 +51,48 @@ if [ -f "/etc/yunohost/hooks.d/backup/17-data_home" ]; then ynh_secure_remove /etc/yunohost/hooks.d/backup/17-data_home fi -if echo "$ssh_user" | grep -v ' '; then +if echo "$ssh_user" | grep -q ' '; then + ynh_app_setting_set --app=$app --key=ssh_user --value="$(grep "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIadutuK2" /home/*/.ssh/authorized_keys | grep borg | cut -d/ -f3)" +fi + +if echo "$public_key" | grep -q -v ' '; then ynh_app_setting_set --app=$app --key=public_key --value="$(grep -Po 'no-user-rc \K.*$' /home/$ssh_user/.ssh/authorized_keys)" fi +# Reinstall borg if debian change of major version +if [ ! -f "/opt/borg-env/$(ynh_get_debian_release)" ] ; then + ynh_secure_remove /opt/borg-env +fi + #================================================= -# INSTALL DEPENDENCIES +# UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# Upgrade borgbackup +#================================================= +ynh_script_progression --message="Upgrading borgbackup..." --weight=1 + install_borg_with_pip +#================================================= +# AVOID BACKUP OF BACKUP +#================================================= +ynh_script_progression --message="Avoiding to backup the backup itself..." + +touch $home/.nobackup + +#================================================= +# SETUP CRON +#================================================= +ynh_script_progression --message="Configuring cron to monitor backup..." +ynh_add_config --template="monitor-backup" --destination="/etc/cron.d/$app" + #================================================= # END OF SCRIPT #=================================================