2020-02-23 12:02:10 +01:00
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
export app=$YNH_APP_INSTANCE_NAME
2020-03-02 22:11:41 +01:00
export final_path="/opt/yunohost/${app}"
2020-02-23 12:02:10 +01:00
# Retrieve arguments
2020-03-02 22:11:41 +01:00
ynh_export server port ssh_user backup_path passphrase on_calendar check_on_calendar check_read_data_on_calendar conf data apps allow_extra_space_use
2020-02-23 12:02:10 +01:00
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
2020-03-02 22:11:41 +01:00
ynh_save_args server port ssh_user backup_path passphrase on_calendar check_on_calendar check_read_data_on_calendar conf data apps allow_extra_space_use
2020-02-23 12:02:10 +01:00
#=================================================
2020-04-12 17:13:11 +02:00
# INSTALL RESTIC
2020-02-23 12:02:10 +01:00
#=================================================
2020-04-12 17:13:11 +02:00
ynh_script_progression --message="Installing restic binary" --weight=7
2020-02-23 12:02:10 +01:00
install_restic
2021-03-07 16:09:16 +01:00
#=================================================
# CREATE APP USER
#=================================================
ynh_script_progression --message="Creating user ${app}"
useradd -m ${app}
ynh_script_progression --message="Configure ${app} user sudoer rights"
cat > /tmp/${app}_sudoer << EOSUDOER
2021-03-21 10:24:30 +01:00
${app} ALL = (root) NOPASSWD: /usr/bin/yunohost*, /bin/journalctl*, /usr/bin/find /etc/yunohost/apps -name backup, ${final_path}/check_method_${app}
2021-03-07 16:09:16 +01:00
EOSUDOER
visudo -cf /tmp/${app}_sudoer && mv /tmp/${app}_sudoer /etc/sudoers.d/${app}
2020-02-23 12:02:10 +01:00
#=================================================
# ACTIVATE BACKUP METHODS
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="Activating backup methods"
2020-02-23 12:02:10 +01:00
mkdir -p /etc/yunohost/hooks.d/backup_method
mkdir -p /usr/share/yunohost/backup_method
#=================================================
# SETUP THE BACKUP METHOD
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="Setting up backup methods"
2020-02-23 12:02:10 +01:00
ynh_configure backup_method "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
2021-02-28 16:38:35 +01:00
ynh_configure check_method "${final_path}/check_method_${app}"
2020-02-23 12:02:10 +01:00
2020-11-14 18:03:13 +01:00
#=================================================
2021-03-21 12:52:05 +01:00
# SETUP LOG SCRIPTS
2020-11-14 18:03:13 +01:00
#=================================================
2021-03-21 12:52:05 +01:00
ynh_script_progression --message="Setting up backup log script"
2021-02-28 16:38:35 +01:00
ynh_configure restic_log "${final_path}/restic_log_${app}"
2021-03-21 10:24:30 +01:00
chmod +x "${final_path}/restic_log_${app}"
2021-03-07 16:09:16 +01:00
chown ${app}: "${final_path}/restic_log_${app}"
2020-11-14 18:03:13 +01:00
2021-03-21 12:52:05 +01:00
ynh_script_progression --message="Setting up check log script"
ynh_configure restic_check_log "${final_path}/restic_check_log_${app}"
chmod +x "${final_path}/restic_check_log_${app}"
chown ${app}: "${final_path}/restic_check_log_${app}"
2020-02-23 12:02:10 +01:00
#=================================================
# CONFIGURE CRON
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="Configuring cron" --weight=5
2020-03-02 22:11:41 +01:00
ynh_configure backup-with-restic "/usr/local/bin/backup-with-${app}"
ynh_configure check-restic "${final_path}/check-${app}"
2021-03-21 10:24:30 +01:00
chmod +x "/usr/local/bin/backup-with-${app}"
2021-03-07 16:09:16 +01:00
chown ${app}: "/usr/local/bin/backup-with-${app}"
2021-03-21 10:24:30 +01:00
chmod +x "${final_path}/check-${app}"
chmod +x "${final_path}/check_method_${app}"
2020-03-02 22:11:41 +01:00
ynh_add_systemd_config --service=${app} --template=systemd.service
ynh_add_systemd_config --service=${app}_check --template=systemd_check.service
ynh_add_systemd_config --service=${app}_check_read_data --template=systemd_check_read_data.service
ynh_configure systemd.timer "/etc/systemd/system/${app}.timer"
ynh_configure systemd_check.timer "/etc/systemd/system/${app}_check.timer"
ynh_configure systemd_check_read_data.timer "/etc/systemd/system/${app}_check_read_data.timer"
2021-02-27 22:49:02 +01:00
systemctl disable --quiet ${app}.service
systemctl disable --quiet ${app}_check.service
systemctl disable --quiet ${app}_check_read_data.service
systemctl enable --quiet ${app}.timer
systemctl enable --quiet ${app}_check.timer
systemctl enable --quiet ${app}_check_read_data.timer
2020-03-02 22:11:41 +01:00
systemctl start ${app}.timer
systemctl start ${app}_check.timer
systemctl start ${app}_check_read_data.timer
2020-02-23 12:02:10 +01:00
2021-03-07 16:09:16 +01:00
#=================================================
# SET PERMISSIONS ON FINAL PATH
#=================================================
ynh_script_progression --message="Set permissions on ${final_path}"
chown -R ${app}: ${final_path}
2020-02-23 12:02:10 +01:00
#=================================================
2021-03-21 19:57:50 +01:00
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring logrotate"
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.log
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.err
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.log
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.err
#=================================================
2020-02-23 12:02:10 +01:00
# GENERATE SSH KEY
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="Generating private key"
2021-03-07 16:09:16 +01:00
ssh_dir="/root/.ssh"
if [ ! -d "${ssh_dir}" ];then
mkdir -p "${ssh_dir}"
fi
private_key="${ssh_dir}/id_${app}_ed25519"
2020-02-23 12:02:10 +01:00
test -f $private_key || ssh-keygen -q -t ed25519 -N "" -f $private_key
#=================================================
# GENERATE SSH CONFIG
#=================================================
2021-02-28 16:38:35 +01:00
ynh_script_progression --message="Generating ssh config for ${app} server ${server}"
2021-03-07 16:09:16 +01:00
grep -q "${app}" ${ssh_dir}/config 2>/dev/null || cat << EOCONF >> ${ssh_dir}/config
2021-02-28 16:38:35 +01:00
# begin $app ssh config
2020-02-23 12:02:10 +01:00
Host ${server}
Hostname ${server}
Port ${port}
User ${ssh_user}
IdentityFile ${private_key}
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
2021-02-28 16:38:35 +01:00
# end $app ssh config
2020-02-23 12:02:10 +01:00
EOCONF
#=================================================
# Display key
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="You should now allow the following public key for user ${ssh_user} on server ${server}:
2020-02-23 12:02:10 +01:00
$(cat ${private_key}.pub)"
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
2020-03-03 21:02:28 +01:00
ynh_script_progression --message="Sending post-installation instructions to admin" --last
2020-02-23 12:02:10 +01:00
ynh_print_OFF
message="You should now allow the following public key for user ${ssh_user} on server ${server}:
$(cat ${private_key}.pub)
2021-02-28 16:38:35 +01:00
Do so by running those commands on ${server} with user ${ssh_user}:
2020-02-23 12:02:10 +01:00
mkdir ~/.ssh 2>/dev/null
touch ~/.ssh/authorized_keys
chmod u=rw,go= ~/.ssh/authorized_keys
cat << EOPKEY >> ~/.ssh/authorized_keys
$(cat ${private_key}.pub)
EOPKEY
$(if [ "$backup_path" != "./" ];then echo "Also make sure ${backup_path} exists and is writable by ${ssh_user}";fi)
2021-02-28 16:38:35 +01:00
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/restic_ynh"
2020-02-23 12:02:10 +01:00
ynh_send_readme_to_admin "$message" "root"
ynh_print_ON