mirror of
https://github.com/YunoHost-Apps/restic_ynh.git
synced 2024-09-03 20:16:22 +02:00
commit
9de5c8b060
26 changed files with 618 additions and 936 deletions
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**Shipped version:** 0.12.0~ynh9
|
|
||||||
## Disclaimers / important information
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**Shipped version:** 0.12.0~ynh9
|
||||||
## Documentation and resources
|
## Documentation and resources
|
||||||
|
|
||||||
- Official app website: <https://restic.net>
|
- Official app website: <https://restic.net>
|
||||||
|
|
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**Versión actual:** 0.12.0~ynh9
|
|
||||||
## informaciones importantes
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**Versión actual:** 0.12.0~ynh9
|
||||||
## Documentaciones y recursos
|
## Documentaciones y recursos
|
||||||
|
|
||||||
- Sitio web oficial: <https://restic.net>
|
- Sitio web oficial: <https://restic.net>
|
||||||
|
|
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**Paketatutako bertsioa:** 0.12.0~ynh9
|
|
||||||
## Ezespena / informazio garrantzitsua
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**Paketatutako bertsioa:** 0.12.0~ynh9
|
||||||
## Dokumentazioa eta baliabideak
|
## Dokumentazioa eta baliabideak
|
||||||
|
|
||||||
- Aplikazioaren webgune ofiziala: <https://restic.net>
|
- Aplikazioaren webgune ofiziala: <https://restic.net>
|
||||||
|
|
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**Version incluse :** 0.12.0~ynh9
|
|
||||||
## Avertissements / informations importantes
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**Version incluse :** 0.12.0~ynh9
|
||||||
## Documentations et ressources
|
## Documentations et ressources
|
||||||
|
|
||||||
- Site officiel de l’app : <https://restic.net>
|
- Site officiel de l’app : <https://restic.net>
|
||||||
|
|
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**Versión proporcionada:** 0.12.0~ynh9
|
|
||||||
## Avisos / información importante
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**Versión proporcionada:** 0.12.0~ynh9
|
||||||
## Documentación e recursos
|
## Documentación e recursos
|
||||||
|
|
||||||
- Web oficial da app: <https://restic.net>
|
- Web oficial da app: <https://restic.net>
|
||||||
|
|
|
@ -22,10 +22,6 @@ Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
|
||||||
**分发版本:** 0.12.0~ynh9
|
|
||||||
## 免责声明 / 重要信息
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
If you want to backup your server A onto the server B.
|
||||||
|
@ -79,7 +75,7 @@ At the end of the installation, the app displays the public_key and the user to
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
```
|
```
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
mkdir ~/.ssh -p
|
||||||
touch ~/.ssh/authorized_keys
|
touch ~/.ssh/authorized_keys
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
@ -170,6 +166,7 @@ systemctl start restic_check_read_data.service
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
||||||
|
|
||||||
|
**分发版本:** 0.12.0~ynh9
|
||||||
## 文档与资源
|
## 文档与资源
|
||||||
|
|
||||||
- 官方应用网站: <https://restic.net>
|
- 官方应用网站: <https://restic.net>
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
;; Test complet
|
|
||||||
; Manifest
|
|
||||||
server="dst.domain.tld"
|
|
||||||
ssh_user="sam"
|
|
||||||
passphrase="APassphrase"
|
|
||||||
conf=1
|
|
||||||
port=2222
|
|
||||||
backup_path=src.domain.tld
|
|
||||||
data=1
|
|
||||||
app="all"
|
|
||||||
allow_extra_space_use=1
|
|
||||||
on_calendar="Daily"
|
|
||||||
check_on_calendar="*-*-8,15,22 3:15"
|
|
||||||
check_read_data_on_calendar="*-*-1 3:15"
|
|
||||||
; Checks
|
|
||||||
pkg_linter=1
|
|
||||||
setup_sub_dir=0
|
|
||||||
setup_root=0
|
|
||||||
setup_nourl=1
|
|
||||||
setup_private=0
|
|
||||||
setup_public=0
|
|
||||||
upgrade=1
|
|
||||||
# 0.12.0~ynh9
|
|
||||||
upgrade=1 from_commit=526944051f68f4149e415be4e862ce3c69d69f18
|
|
||||||
backup_restore=1
|
|
||||||
multi_instance=1
|
|
||||||
port_already_use=0
|
|
||||||
change_url=0
|
|
||||||
;;; Options
|
|
||||||
Email=restic-ynh@coupouchetty-ramouchetty.fr
|
|
||||||
Notification=down
|
|
|
@ -13,7 +13,7 @@ RESTIC_PATH=$(yunohost app setting {{ app }} backup_path)
|
||||||
RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
|
RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
|
||||||
RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
|
RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
|
||||||
|
|
||||||
RESTIC_COMMAND=/usr/local/bin/{{ app }}
|
RESTIC_COMMAND={{ install_dir }}/{{ app }}
|
||||||
LOGFILE=/var/log/restic_backup_{{ app }}.log
|
LOGFILE=/var/log/restic_backup_{{ app }}.log
|
||||||
ERRFILE=/var/log/restic_backup_{{ app }}.err
|
ERRFILE=/var/log/restic_backup_{{ app }}.err
|
||||||
|
|
||||||
|
|
|
@ -20,13 +20,13 @@ CHECK_READ_DATA=${1:-0}
|
||||||
# Check system part conf
|
# Check system part conf
|
||||||
conf=$(sudo yunohost app setting {{ app }} conf)
|
conf=$(sudo yunohost app setting {{ app }} conf)
|
||||||
if [ $conf -eq 1 ];then
|
if [ $conf -eq 1 ];then
|
||||||
sudo {{final_path}}/check_method_{{ app }} auto_conf ${CHECK_READ_DATA}
|
sudo {{install_dir}}/check_method_{{ app }} auto_conf ${CHECK_READ_DATA}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check system data
|
# Check system data
|
||||||
data=$(sudo yunohost app setting {{ app }} data)
|
data=$(sudo yunohost app setting {{ app }} data)
|
||||||
if [ $data -eq 1 ];then
|
if [ $data -eq 1 ];then
|
||||||
sudo {{final_path}}/check_method_{{ app }} auto_data ${CHECK_READ_DATA}
|
sudo {{install_dir}}/check_method_{{ app }} auto_data ${CHECK_READ_DATA}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check all apps independently
|
# Check all apps independently
|
||||||
|
@ -40,7 +40,7 @@ for app in $(sudo /usr/bin/find /etc/yunohost/apps -name backup | cut -d / -f 5)
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
if [ "$check_app" == "true" ];then
|
if [ "$check_app" == "true" ];then
|
||||||
sudo {{final_path}}/check_method_{{ app }} auto_${app} ${CHECK_READ_DATA}
|
sudo {{install_dir}}/check_method_{{ app }} auto_${app} ${CHECK_READ_DATA}
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
rm "$LOCK_FILE"
|
rm "$LOCK_FILE"
|
||||||
|
|
|
@ -10,7 +10,7 @@ RESTIC_PATH=$(yunohost app setting {{ app }} backup_path)
|
||||||
RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
|
RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
|
||||||
RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
|
RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
|
||||||
|
|
||||||
RESTIC_COMMAND=/usr/local/bin/{{ app }}
|
RESTIC_COMMAND={{ install_dir }}/{{ app }}
|
||||||
|
|
||||||
do_check() {
|
do_check() {
|
||||||
|
|
||||||
|
|
1
conf/sudoer
Normal file
1
conf/sudoer
Normal file
|
@ -0,0 +1 @@
|
||||||
|
__APP__ ALL=(root) NOPASSWD: /usr/bin/yunohost*, /bin/journalctl*, /usr/bin/find /etc/yunohost/apps -name backup, __INSTALL_DIR__/check_method___APP__
|
|
@ -4,8 +4,8 @@ After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=/usr/local/bin/backup-with-__APP__
|
ExecStart=__INSTALL_DIR__/backup-with-__APP__
|
||||||
ExecStartPost=/opt/yunohost/__APP__/restic_log___APP__
|
ExecStartPost=__INSTALL_DIR__/restic_log___APP__
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
|
|
||||||
|
|
|
@ -4,8 +4,8 @@ After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=__FINALPATH__/check-__APP__
|
ExecStart=__INSTALL_DIR__/check-__APP__
|
||||||
ExecStartPost=/opt/yunohost/__APP__/restic_check_log___APP__ 0
|
ExecStartPost=__INSTALL_DIR__/restic_check_log___APP__ 0
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
|
|
||||||
|
|
|
@ -4,8 +4,8 @@ After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=__FINALPATH__/check-__APP__ "1"
|
ExecStart=__INSTALL_DIR__/check-__APP__ "1"
|
||||||
ExecStartPost=/opt/yunohost/__APP__/restic_check_log___APP__ 1
|
ExecStartPost=__INSTALL_DIR__/restic_check_log___APP__ 1
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
|
|
||||||
|
|
|
@ -3,3 +3,146 @@ A [Restic](https://restic.net/) package for YunoHost (heavily inspired by [the B
|
||||||
Restic is a backup tool that can make local and remote backups.
|
Restic is a backup tool that can make local and remote backups.
|
||||||
This package uses restic to make backups to a sftp server.
|
This package uses restic to make backups to a sftp server.
|
||||||
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
If you want to backup your server A onto the server B.
|
||||||
|
|
||||||
|
## Setup Restic app on Server A
|
||||||
|
|
||||||
|
Firstly set up this app on the server A you want to backup:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ yunohost app install https://github.com/YunoHost-Apps/restic_ynh
|
||||||
|
Indicate the server where you want put your backups: serverb.domain.tld
|
||||||
|
sftp port of your server (default: 22): 2222
|
||||||
|
The directory where you want your backup repositories to be created in (default: ./): ./servera.domain.tld
|
||||||
|
Indicate the ssh user to use to connect on this server: servera
|
||||||
|
You are now about to define a new user password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
|
||||||
|
Indicate a strong passphrase, that you will keep preciously if you want to be able to use your backups:
|
||||||
|
Would you like to backup your YunoHost configuration ? [yes | no] (default: yes):
|
||||||
|
Would you like to backup mails and user home directory ? [yes | no] (default: yes):
|
||||||
|
Which apps would you backup (list separated by comma or 'all') ? (default: all): gitlab,blogotext,sogo
|
||||||
|
Allow backup method to temporarily use more space? [yes | no] (default: yes):
|
||||||
|
Indicate the backup frequency (see systemd OnCalendar format) (default: *-*-* 0:15:00): *-*-* 0:05
|
||||||
|
Indicate the backup check frequency (see systemd OnCalendar format) (default: Sat *-*-8..31 3:15:00):
|
||||||
|
Indicate the complete backup check frequency (see systemd OnCalendar format) (default: Sun *-*-1..7 3:15:00):
|
||||||
|
```
|
||||||
|
|
||||||
|
You can schedule your backup by choosing an other frequency. Some example:
|
||||||
|
|
||||||
|
Monthly :
|
||||||
|
|
||||||
|
Weekly :
|
||||||
|
|
||||||
|
Daily : Daily at midnight
|
||||||
|
|
||||||
|
Hourly : Hourly o Clock
|
||||||
|
|
||||||
|
Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
|
||||||
|
|
||||||
|
4:00 : Every day at 4 AM
|
||||||
|
|
||||||
|
5,17:00 : Every day at 5 AM and at 5 PM
|
||||||
|
|
||||||
|
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
|
||||||
|
|
||||||
|
After each invocation an e-mail will be sent to root@yourdomain.tld with the execution log.
|
||||||
|
|
||||||
|
Restic can check backups consistency and verify the actual backed up data has not been modified.
|
||||||
|
If you use the default values for the backup checks frequencies, a full check will be made on the first day of each month and a simple check will be made on each one of the three remaining weeks of the month.
|
||||||
|
|
||||||
|
At the end of the installation, the app displays the public_key and the user to give to the person who has access to the server B.
|
||||||
|
|
||||||
|
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
||||||
|
|
||||||
|
```
|
||||||
|
mkdir ~/.ssh -p
|
||||||
|
touch ~/.ssh/authorized_keys
|
||||||
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
|
cat << EOPKEY >> ~/.ssh/authorized_keys
|
||||||
|
<paste here the privakey displayed at the end of installation>
|
||||||
|
EOPKEY
|
||||||
|
```
|
||||||
|
If you don't find the mail and you don't see the message in the log bar you can find the public_key with this command:
|
||||||
|
```
|
||||||
|
cat /root/.ssh/id_restic_ed25519.pub
|
||||||
|
```
|
||||||
|
|
||||||
|
## (Optional) set sftp jail on server B
|
||||||
|
|
||||||
|
To improve security, make sure user `servera` can only do sftp and can only access his home directory on server B.
|
||||||
|
This is how you would do it on Debian/Ubuntu, otherwise refer to your distribution manual (don't forget to replace `servera` with the real username)
|
||||||
|
|
||||||
|
```
|
||||||
|
cat << EOCONFIG >> /etc/ssh/sshd_config
|
||||||
|
Match User servera
|
||||||
|
ChrootDirectory %h
|
||||||
|
ForceCommand internal-sftp
|
||||||
|
AllowTcpForwarding no
|
||||||
|
X11Forwarding no
|
||||||
|
EOCONFIG
|
||||||
|
service ssh restart
|
||||||
|
```
|
||||||
|
|
||||||
|
## Test
|
||||||
|
At this step your backup should schedule.
|
||||||
|
|
||||||
|
If you want to be sure, you can test it by running on server A:
|
||||||
|
```
|
||||||
|
systemctl start restic.service
|
||||||
|
```
|
||||||
|
|
||||||
|
Next you can verify the backup contents by running on server A
|
||||||
|
```
|
||||||
|
restic -r sftp:serverb.domain.tld:servera.domain.tld/auto_conf snapshots
|
||||||
|
```
|
||||||
|
|
||||||
|
Replace `auto_conf` with `auto_<app>` if you did not choose to backup configuration but only applications.
|
||||||
|
|
||||||
|
If you want to check the backups consistency:
|
||||||
|
```
|
||||||
|
systemctl start restic_check.service
|
||||||
|
```
|
||||||
|
|
||||||
|
If you want to make a complete check of the backups - keep in mind that this reads all the backed up data, it can take some time depending on your target server upload speed (more on this topic in [the Restic documentation](https://restic.readthedocs.io/en/latest/045_working_with_repos.html#checking-integrity-and-consistency)):
|
||||||
|
```
|
||||||
|
systemctl start restic_check_read_data.service
|
||||||
|
```
|
||||||
|
|
||||||
|
## Display the apps list to backup
|
||||||
|
|
||||||
|
```
|
||||||
|
yunohost app setting restic apps
|
||||||
|
```
|
||||||
|
|
||||||
|
## Edit the apps list to backup
|
||||||
|
|
||||||
|
```
|
||||||
|
yunohost app setting restic apps -v "nextcloud,wordpress"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Launch a backup
|
||||||
|
|
||||||
|
```
|
||||||
|
systemctl start restic
|
||||||
|
```
|
||||||
|
|
||||||
|
## Launch a backups check
|
||||||
|
|
||||||
|
```
|
||||||
|
systemctl start restic_check.service
|
||||||
|
```
|
||||||
|
|
||||||
|
## Launch a complete backups check
|
||||||
|
|
||||||
|
WARNING: this will read data from your backups destination server.
|
||||||
|
It may take a quite long time depending on the target server's internet upload speed and hardware performance.
|
||||||
|
|
||||||
|
```
|
||||||
|
systemctl start restic_check_read_data.service
|
||||||
|
```
|
||||||
|
|
||||||
|
## Backup on different server, and apply distinct schedule for apps
|
||||||
|
|
||||||
|
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
||||||
|
|
|
@ -1,143 +0,0 @@
|
||||||
## Usage
|
|
||||||
|
|
||||||
If you want to backup your server A onto the server B.
|
|
||||||
|
|
||||||
## Setup Restic app on Server A
|
|
||||||
|
|
||||||
Firstly set up this app on the server A you want to backup:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ yunohost app install https://github.com/YunoHost-Apps/restic_ynh
|
|
||||||
Indicate the server where you want put your backups: serverb.domain.tld
|
|
||||||
sftp port of your server (default: 22): 2222
|
|
||||||
The directory where you want your backup repositories to be created in (default: ./): ./servera.domain.tld
|
|
||||||
Indicate the ssh user to use to connect on this server: servera
|
|
||||||
You are now about to define a new user password. The password should be at least 8 characters - though it is good practice to use longer password (i.e. a passphrase) and/or to use various kind of characters (uppercase, lowercase, digits and special characters).
|
|
||||||
Indicate a strong passphrase, that you will keep preciously if you want to be able to use your backups:
|
|
||||||
Would you like to backup your YunoHost configuration ? [yes | no] (default: yes):
|
|
||||||
Would you like to backup mails and user home directory ? [yes | no] (default: yes):
|
|
||||||
Which apps would you backup (list separated by comma or 'all') ? (default: all): gitlab,blogotext,sogo
|
|
||||||
Allow backup method to temporarily use more space? [yes | no] (default: yes):
|
|
||||||
Indicate the backup frequency (see systemd OnCalendar format) (default: *-*-* 0:15:00): *-*-* 0:05
|
|
||||||
Indicate the backup check frequency (see systemd OnCalendar format) (default: Sat *-*-8..31 3:15:00):
|
|
||||||
Indicate the complete backup check frequency (see systemd OnCalendar format) (default: Sun *-*-1..7 3:15:00):
|
|
||||||
```
|
|
||||||
|
|
||||||
You can schedule your backup by choosing an other frequency. Some example:
|
|
||||||
|
|
||||||
Monthly :
|
|
||||||
|
|
||||||
Weekly :
|
|
||||||
|
|
||||||
Daily : Daily at midnight
|
|
||||||
|
|
||||||
Hourly : Hourly o Clock
|
|
||||||
|
|
||||||
Sat *-*-1..7 18:00:00 : The first saturday of every month at 18:00
|
|
||||||
|
|
||||||
4:00 : Every day at 4 AM
|
|
||||||
|
|
||||||
5,17:00 : Every day at 5 AM and at 5 PM
|
|
||||||
|
|
||||||
See here for more info : https://wiki.archlinux.org/index.php/Systemd/Timers#Realtime_timer
|
|
||||||
|
|
||||||
After each invocation an e-mail will be sent to root@yourdomain.tld with the execution log.
|
|
||||||
|
|
||||||
Restic can check backups consistency and verify the actual backed up data has not been modified.
|
|
||||||
If you use the default values for the backup checks frequencies, a full check will be made on the first day of each month and a simple check will be made on each one of the three remaining weeks of the month.
|
|
||||||
|
|
||||||
At the end of the installation, the app displays the public_key and the user to give to the person who has access to the server B.
|
|
||||||
|
|
||||||
You should now authorize the public key for user `servera` on server B by logging into server B with user `servera` and running:
|
|
||||||
|
|
||||||
```
|
|
||||||
mkdir ~/.ssh -p 2>/dev/null
|
|
||||||
touch ~/.ssh/authorized_keys
|
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
|
||||||
<paste here the privakey displayed at the end of installation>
|
|
||||||
EOPKEY
|
|
||||||
```
|
|
||||||
If you don't find the mail and you don't see the message in the log bar you can find the public_key with this command:
|
|
||||||
```
|
|
||||||
cat /root/.ssh/id_restic_ed25519.pub
|
|
||||||
```
|
|
||||||
|
|
||||||
## (Optional) set sftp jail on server B
|
|
||||||
|
|
||||||
To improve security, make sure user `servera` can only do sftp and can only access his home directory on server B.
|
|
||||||
This is how you would do it on Debian/Ubuntu, otherwise refer to your distribution manual (don't forget to replace `servera` with the real username)
|
|
||||||
|
|
||||||
```
|
|
||||||
cat << EOCONFIG >> /etc/ssh/sshd_config
|
|
||||||
Match User servera
|
|
||||||
ChrootDirectory %h
|
|
||||||
ForceCommand internal-sftp
|
|
||||||
AllowTcpForwarding no
|
|
||||||
X11Forwarding no
|
|
||||||
EOCONFIG
|
|
||||||
service ssh restart
|
|
||||||
```
|
|
||||||
|
|
||||||
## Test
|
|
||||||
At this step your backup should schedule.
|
|
||||||
|
|
||||||
If you want to be sure, you can test it by running on server A:
|
|
||||||
```
|
|
||||||
systemctl start restic.service
|
|
||||||
```
|
|
||||||
|
|
||||||
Next you can verify the backup contents by running on server A
|
|
||||||
```
|
|
||||||
restic -r sftp:serverb.domain.tld:servera.domain.tld/auto_conf snapshots
|
|
||||||
```
|
|
||||||
|
|
||||||
Replace `auto_conf` with `auto_<app>` if you did not choose to backup configuration but only applications.
|
|
||||||
|
|
||||||
If you want to check the backups consistency:
|
|
||||||
```
|
|
||||||
systemctl start restic_check.service
|
|
||||||
```
|
|
||||||
|
|
||||||
If you want to make a complete check of the backups - keep in mind that this reads all the backed up data, it can take some time depending on your target server upload speed (more on this topic in [the Restic documentation](https://restic.readthedocs.io/en/latest/045_working_with_repos.html#checking-integrity-and-consistency)):
|
|
||||||
```
|
|
||||||
systemctl start restic_check_read_data.service
|
|
||||||
```
|
|
||||||
|
|
||||||
## Display the apps list to backup
|
|
||||||
|
|
||||||
```
|
|
||||||
yunohost app setting restic apps
|
|
||||||
```
|
|
||||||
|
|
||||||
## Edit the apps list to backup
|
|
||||||
|
|
||||||
```
|
|
||||||
yunohost app setting restic apps -v "nextcloud,wordpress"
|
|
||||||
```
|
|
||||||
|
|
||||||
## Launch a backup
|
|
||||||
|
|
||||||
```
|
|
||||||
systemctl start restic
|
|
||||||
```
|
|
||||||
|
|
||||||
## Launch a backups check
|
|
||||||
|
|
||||||
```
|
|
||||||
systemctl start restic_check.service
|
|
||||||
```
|
|
||||||
|
|
||||||
## Launch a complete backups check
|
|
||||||
|
|
||||||
WARNING: this will read data from your backups destination server.
|
|
||||||
It may take a quite long time depending on the target server's internet upload speed and hardware performance.
|
|
||||||
|
|
||||||
```
|
|
||||||
systemctl start restic_check_read_data.service
|
|
||||||
```
|
|
||||||
|
|
||||||
## Backup on different server, and apply distinct schedule for apps
|
|
||||||
|
|
||||||
You can setup the Restic app several times on the same server so you can backup on several server or manage your frequency backup differently for specific part of your server.
|
|
||||||
|
|
16
doc/POST_INSTALL.md
Normal file
16
doc/POST_INSTALL.md
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
You should now allow the following public key for user __SSH_USER__ on server __SERVER__:
|
||||||
|
|
||||||
|
__PUBLIC_KEY__
|
||||||
|
|
||||||
|
Do so by running those commands on __SERVER__ with user __SSH_USER__:
|
||||||
|
|
||||||
|
```
|
||||||
|
mkdir ~/.ssh -p
|
||||||
|
touch ~/.ssh/authorized_keys
|
||||||
|
chmod u=rw,go= ~/.ssh/authorized_keys
|
||||||
|
echo "__PUBLIC_KEY__" >> ~/.ssh/authorized_keys
|
||||||
|
```
|
||||||
|
|
||||||
|
Also make sure __BACKUP_PATH__ exists and is writable by __SSH_USER__
|
||||||
|
|
||||||
|
If you're facing an issue or want to improve this app, please open a new issue in this project: <https://github.com/YunoHost-Apps/restic_ynh>
|
160
manifest.json
160
manifest.json
|
@ -1,160 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Restic",
|
|
||||||
"id": "restic",
|
|
||||||
"packaging_format": 1,
|
|
||||||
"description": {
|
|
||||||
"en": "Backup your server with Restic",
|
|
||||||
"fr": "Sauvegardez votre serveur avec Restic"
|
|
||||||
},
|
|
||||||
"version": "0.12.0~ynh9",
|
|
||||||
"url": "https://restic.net/",
|
|
||||||
"upstream": {
|
|
||||||
"license": "BSD-2-Clause",
|
|
||||||
"website": "https://restic.net",
|
|
||||||
"admindoc": "https://restic.readthedocs.io/en/latest/",
|
|
||||||
"code": "https://github.com/restic/restic"
|
|
||||||
},
|
|
||||||
"license": "BSD-2-Clause",
|
|
||||||
"maintainer": {
|
|
||||||
"name": "Lionel Coupouchetty-Ramouchetty",
|
|
||||||
"email": "restic-ynh@coupouchetty-ramouchetty.fr",
|
|
||||||
"url": "https://gnoobix.net"
|
|
||||||
},
|
|
||||||
"requirements": {
|
|
||||||
"yunohost": ">= 11.2"
|
|
||||||
},
|
|
||||||
"multi_instance": true,
|
|
||||||
"services": [],
|
|
||||||
"arguments": {
|
|
||||||
"install" : [
|
|
||||||
{
|
|
||||||
"name": "server",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate the server where you want put your backups",
|
|
||||||
"fr": "Indiquez le serveur où vous voulez faire vos sauvegardes"
|
|
||||||
},
|
|
||||||
"help":{
|
|
||||||
"en": "IP address or resolvable hostname of your destination server",
|
|
||||||
"fr": "Adresse IP ou nom résolvable de votre serveur de destination"
|
|
||||||
},
|
|
||||||
"example": "example.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "port",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "sftp port of your server",
|
|
||||||
"fr": "Le port sftp de votre serveur"
|
|
||||||
},
|
|
||||||
"help":{
|
|
||||||
"en": "Listening port of your sftp or ssh server. The default value is 22",
|
|
||||||
"fr": "Le port d'écoute de votre serveur sftp ou ssh. La valeur par défaut est 22"
|
|
||||||
},
|
|
||||||
"example": "22",
|
|
||||||
"default": "22"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "backup_path",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "The directory where you want your backup repositories to be created in",
|
|
||||||
"fr": "Le répertoire dans lequel les dépôts restic seront créés"
|
|
||||||
},
|
|
||||||
"help":{
|
|
||||||
"en": "A complete or relative path to an existing directory on the remote server writable by the remote backup user. Defaults to the login directory",
|
|
||||||
"fr": "Un chemin complet ou relatif vers un répertoire existant sur le serveur distant et accessible en écriture au compte utilisé pour la sauvegarde. Répertoire d'accueil par défaut"
|
|
||||||
},
|
|
||||||
"example": "./backups",
|
|
||||||
"default": "."
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "ssh_user",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate the ssh user to use to connect on this server",
|
|
||||||
"fr": "Indiquez l'utilisateur ssh à utiliser pour se connecter au serveur"
|
|
||||||
},
|
|
||||||
"example": "john"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "passphrase",
|
|
||||||
"type": "password",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate a strong passphrase, that you will keep preciously if you want to be able to use your backups",
|
|
||||||
"fr": "Indiquez une phrase de passe forte que vous garderez précieusement si vous voulez être en mesure d'utiliser vos sauvegardes"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "conf",
|
|
||||||
"type": "boolean",
|
|
||||||
"ask": {
|
|
||||||
"en": "Would you like to backup your YunoHost configuration ?",
|
|
||||||
"fr": "Souhaitez-vous effectuer des sauvegardes des configurations du système YunoHost ?"
|
|
||||||
},
|
|
||||||
"default": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "data",
|
|
||||||
"type": "boolean",
|
|
||||||
"ask": {
|
|
||||||
"en": "Would you like to backup mails and user home directory ?",
|
|
||||||
"fr": "Souhaitez-vous effectuer des sauvegardes des mails et des répertoire des utilisateurs ?"
|
|
||||||
},
|
|
||||||
"default": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "apps",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Which apps would you backup (list separated by comma or 'all') ?",
|
|
||||||
"fr": "Souhaitez-vous effectuer des sauvegardes de vos applications ?"
|
|
||||||
},
|
|
||||||
"default": "all"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "allow_extra_space_use",
|
|
||||||
"type": "boolean",
|
|
||||||
"ask": {
|
|
||||||
"en": "Allow backup method to temporarily use more space?",
|
|
||||||
"fr": "Permettre à la sauvegarde de consommer temporairement de l'espace supplémentaire?"
|
|
||||||
},
|
|
||||||
"help":{
|
|
||||||
"en": "Some applications as Gitlab can't be backed up with the standard method and require extra space temporarily",
|
|
||||||
"fr": "Certaines applications comme Gitlab ne peuvent être sauvegardées avec la méthode standard et nécessitent d'utiliser plus d'espace disque temporairement"
|
|
||||||
},
|
|
||||||
"default": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "on_calendar",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate the backup frequency (see systemd OnCalendar format)",
|
|
||||||
"fr": "Indiquez la fréquence de la sauvegarde (voir le format OnCalendar de systemd)"
|
|
||||||
},
|
|
||||||
"example": "Daily",
|
|
||||||
"default": "*-*-* 0:15:00"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "check_on_calendar",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate the backup check frequency (see systemd OnCalendar format)",
|
|
||||||
"fr": "Indiquez la fréquence de vérification de la sauvegarde (voir le format OnCalendar de systemd)"
|
|
||||||
},
|
|
||||||
"example": "Tue *-*-* 00:15:00",
|
|
||||||
"default": "Sat *-*-8..31 3:15:00"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "check_read_data_on_calendar",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Indicate the complete backup check frequency (see systemd OnCalendar format)",
|
|
||||||
"fr": "Indiquez la fréquence de vérification complète de la sauvegarde (voir le format OnCalendar de systemd)"
|
|
||||||
},
|
|
||||||
"example": "Tue *-*-* 00:15:00",
|
|
||||||
"default": "Sat *-*-1..7 3:15:00"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
133
manifest.toml
Normal file
133
manifest.toml
Normal file
|
@ -0,0 +1,133 @@
|
||||||
|
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
|
||||||
|
|
||||||
|
packaging_format = 2
|
||||||
|
|
||||||
|
id = "restic"
|
||||||
|
name = "Restic"
|
||||||
|
description.en = "Backup your server with Restic"
|
||||||
|
description.fr = "Sauvegardez votre serveur avec Restic"
|
||||||
|
|
||||||
|
version = "0.12.0~ynh9"
|
||||||
|
|
||||||
|
maintainers = ["Lionel Coupouchetty-Ramouchetty"]
|
||||||
|
|
||||||
|
[upstream]
|
||||||
|
license = "BSD-2-Clause"
|
||||||
|
website = "https://restic.net"
|
||||||
|
admindoc = "https://restic.readthedocs.io/en/latest/"
|
||||||
|
code = "https://github.com/restic/restic"
|
||||||
|
|
||||||
|
[integration]
|
||||||
|
yunohost = ">= 11.2"
|
||||||
|
architectures = "all"
|
||||||
|
multi_instance = true
|
||||||
|
ldap = "not_relevant"
|
||||||
|
sso = "not_relevant"
|
||||||
|
disk = "50M"
|
||||||
|
ram.build = "50M"
|
||||||
|
ram.runtime = "50M"
|
||||||
|
|
||||||
|
[install]
|
||||||
|
[install.server]
|
||||||
|
ask.en = "Indicate the server where you want put your backups"
|
||||||
|
ask.fr = "Indiquez le serveur où vous voulez faire vos sauvegardes"
|
||||||
|
help.en = "IP address or resolvable hostname of your destination server"
|
||||||
|
help.fr = "Adresse IP ou nom résolvable de votre serveur de destination"
|
||||||
|
type = "string"
|
||||||
|
example = "example.com"
|
||||||
|
|
||||||
|
[install.port]
|
||||||
|
ask.en = "sftp port of your server"
|
||||||
|
ask.fr = "Le port sftp de votre serveur"
|
||||||
|
help.en = "Listening port of your sftp or ssh server. The default value is 22"
|
||||||
|
help.fr = "Le port d'écoute de votre serveur sftp ou ssh. La valeur par défaut est 22"
|
||||||
|
type = "string"
|
||||||
|
example = "22"
|
||||||
|
default = "22"
|
||||||
|
|
||||||
|
[install.backup_path]
|
||||||
|
ask.en = "The directory where you want your backup repositories to be created in"
|
||||||
|
ask.fr = "Le répertoire dans lequel les dépôts restic seront créés"
|
||||||
|
help.en = "A complete or relative path to an existing directory on the remote server writable by the remote backup user. Defaults to the login directory"
|
||||||
|
help.fr = "Un chemin complet ou relatif vers un répertoire existant sur le serveur distant et accessible en écriture au compte utilisé pour la sauvegarde. Répertoire d'accueil par défaut"
|
||||||
|
type = "string"
|
||||||
|
example = "./backups"
|
||||||
|
default = "."
|
||||||
|
|
||||||
|
[install.ssh_user]
|
||||||
|
ask.en = "Indicate the ssh user to use to connect on this server"
|
||||||
|
ask.fr = "Indiquez l'utilisateur ssh à utiliser pour se connecter au serveur"
|
||||||
|
type = "string"
|
||||||
|
example = "john"
|
||||||
|
|
||||||
|
[install.passphrase]
|
||||||
|
ask.en = "Indicate a strong passphrase, that you will keep preciously if you want to be able to use your backups"
|
||||||
|
ask.fr = "Indiquez une phrase de passe forte que vous garderez précieusement si vous voulez être en mesure d'utiliser vos sauvegardes"
|
||||||
|
type = "password"
|
||||||
|
|
||||||
|
[install.conf]
|
||||||
|
ask.en = "Would you like to backup your YunoHost configuration ?"
|
||||||
|
ask.fr = "Souhaitez-vous effectuer des sauvegardes des configurations du système YunoHost ?"
|
||||||
|
type = "boolean"
|
||||||
|
default = true
|
||||||
|
|
||||||
|
[install.data]
|
||||||
|
ask.en = "Would you like to backup mails and user home directory ?"
|
||||||
|
ask.fr = "Souhaitez-vous effectuer des sauvegardes des mails et des répertoire des utilisateurs ?"
|
||||||
|
type = "boolean"
|
||||||
|
default = true
|
||||||
|
|
||||||
|
[install.apps]
|
||||||
|
ask.en = "Which apps would you backup (list separated by comma or 'all') ?"
|
||||||
|
ask.fr = "Souhaitez-vous effectuer des sauvegardes de vos applications ?"
|
||||||
|
type = "string"
|
||||||
|
default = "all"
|
||||||
|
|
||||||
|
[install.allow_extra_space_use]
|
||||||
|
ask.en = "Allow backup method to temporarily use more space?"
|
||||||
|
ask.fr = "Permettre à la sauvegarde de consommer temporairement de l'espace supplémentaire?"
|
||||||
|
help.en = "Some applications as Gitlab can't be backed up with the standard method and require extra space temporarily"
|
||||||
|
help.fr = "Certaines applications comme Gitlab ne peuvent être sauvegardées avec la méthode standard et nécessitent d'utiliser plus d'espace disque temporairement"
|
||||||
|
type = "boolean"
|
||||||
|
default = true
|
||||||
|
|
||||||
|
[install.on_calendar]
|
||||||
|
ask.en = "Indicate the backup frequency (see systemd OnCalendar format)"
|
||||||
|
ask.fr = "Indiquez la fréquence de la sauvegarde (voir le format OnCalendar de systemd)"
|
||||||
|
type = "string"
|
||||||
|
example = "Daily"
|
||||||
|
default = "*-*-* 0:15:00"
|
||||||
|
|
||||||
|
[install.check_on_calendar]
|
||||||
|
ask.en = "Indicate the backup check frequency (see systemd OnCalendar format)"
|
||||||
|
ask.fr = "Indiquez la fréquence de vérification de la sauvegarde (voir le format OnCalendar de systemd)"
|
||||||
|
type = "string"
|
||||||
|
example = "Tue *-*-* 00:15:00"
|
||||||
|
default = "Sat *-*-8..31 3:15:00"
|
||||||
|
|
||||||
|
[install.check_read_data_on_calendar]
|
||||||
|
ask.en = "Indicate the complete backup check frequency (see systemd OnCalendar format)"
|
||||||
|
ask.fr = "Indiquez la fréquence de vérification complète de la sauvegarde (voir le format OnCalendar de systemd)"
|
||||||
|
type = "string"
|
||||||
|
example = "Tue *-*-* 00:15:00"
|
||||||
|
default = "Sat *-*-1..7 3:15:00"
|
||||||
|
|
||||||
|
[resources]
|
||||||
|
[resources.sources.main]
|
||||||
|
amd64.url = "https://github.com/restic/restic/releases/download/v0.16.2/restic_0.16.2_linux_amd64.bz2"
|
||||||
|
amd64.sha256 = "dae5e6e39107a66dc5c8ea59f6f27b16c54bd6be31f57e3281f6d87de30e05b0"
|
||||||
|
i386.url = "https://github.com/restic/restic/releases/download/v0.16.2/restic_0.16.2_linux_386.bz2"
|
||||||
|
i386.sha256 = "692e70ade358ad4fe19f0cd5fbaf21c3830d0f23c3d4e491a043f6cbc1b5cf59"
|
||||||
|
arm64.url = "https://github.com/restic/restic/releases/download/v0.16.2/restic_0.16.2_linux_arm64.bz2"
|
||||||
|
arm64.sha256 = "efdd75eb5c12af6fec4189aa57dc777035a87dd57204daa52293901199569157"
|
||||||
|
armhf.url = "https://github.com/restic/restic/releases/download/v0.16.2/restic_0.16.2_linux_arm.bz2"
|
||||||
|
armhf.sha256 = "60376b01b334a0cee3a59016f44dde8b336de2b6aa44f1e6e403d307990c47a0"
|
||||||
|
|
||||||
|
in_subdir = false
|
||||||
|
rename = "restic"
|
||||||
|
|
||||||
|
[resources.system_user]
|
||||||
|
|
||||||
|
[resources.install_dir]
|
||||||
|
|
||||||
|
[resources.permissions]
|
|
@ -3,132 +3,81 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
# COMMON VARIABLES
|
# COMMON VARIABLES
|
||||||
#=================================================
|
#=================================================
|
||||||
# App package root directory should be the parent folder
|
|
||||||
PKG_DIR=$(cd ../; pwd)
|
|
||||||
RESTIC_VERSION="0.16.2"
|
RESTIC_VERSION="0.16.2"
|
||||||
|
|
||||||
# Install restic if restic is not here
|
systemd_services_suffixes=( "" "_check" "_check_read_data" )
|
||||||
install_restic () {
|
|
||||||
architecture=$(uname -m)
|
|
||||||
arch=''
|
_gen_and_save_public_key() {
|
||||||
case $architecture in
|
public_key=""
|
||||||
i386|i686)
|
|
||||||
arch="386"
|
if [[ -n "$server" ]]; then
|
||||||
;;
|
private_key="/root/.ssh/id_${app}_ed25519"
|
||||||
x86_64)
|
if [ ! -f "$private_key" ]; then
|
||||||
arch=amd64
|
ssh-keygen -q -t ed25519 -N "" -f "$private_key"
|
||||||
;;
|
fi
|
||||||
armv*)
|
public_key=$(cat "$private_key.pub")
|
||||||
arch=arm
|
fi
|
||||||
;;
|
|
||||||
aarch64)
|
ynh_app_setting_set --app="$app" --key=public_key --value="$public_key"
|
||||||
arch=arm64
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo
|
|
||||||
ynh_die --message="Unsupported architecture \"$architecture\""
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
wget https://github.com/restic/restic/releases/download/v${RESTIC_VERSION}/restic_${RESTIC_VERSION}_linux_${arch}.bz2 -O /tmp/restic.bz2 2>&1 >/dev/null
|
|
||||||
wget https://github.com/restic/restic/releases/download/v${RESTIC_VERSION}/SHA256SUMS -O /tmp/restic-sha256sums 2>&1 >/dev/null
|
|
||||||
expected_sum=$(grep restic_${RESTIC_VERSION}_linux_${arch}.bz2 /tmp/restic-sha256sums | awk '{print $1}')
|
|
||||||
sum=$(sha256sum /tmp/restic.bz2 | awk '{print $1}')
|
|
||||||
if [ "$sum" == "$expected_sum" ];then
|
|
||||||
pkill restic || true
|
|
||||||
bunzip2 /tmp/restic.bz2 -f -c > /usr/local/bin/${app}
|
|
||||||
chmod +x /usr/local/bin/${app}
|
|
||||||
else
|
|
||||||
ynh_die --message="\nDownloaded file does not match expected sha256 sum, aborting"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_set_ssh_config() {
|
||||||
|
if grep -q "$app" "/root/.ssh/config" 2>/dev/null; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat << EOCONF >> /root/.ssh/config
|
||||||
|
# begin $app ssh config
|
||||||
|
Host ${server}
|
||||||
|
Hostname ${server}
|
||||||
|
Port ${port}
|
||||||
|
User ${ssh_user}
|
||||||
|
IdentityFile ${private_key}
|
||||||
|
StrictHostKeyChecking no
|
||||||
|
UserKnownHostsFile /dev/null
|
||||||
|
# end $app ssh config
|
||||||
|
EOCONF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# COMMON HELPERS
|
# COMMON HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_export () {
|
|
||||||
local ynh_arg=""
|
_ynh_add_config_j2() {
|
||||||
for var in $@;
|
# Declare an array to define the options of this helper.
|
||||||
do
|
local legacy_args=tdv
|
||||||
ynh_arg=$(echo $var | awk '{print toupper($0)}')
|
local -A args_array=([t]=template= [d]=destination=)
|
||||||
if [ "$var" == "path_url" ]; then
|
local template
|
||||||
ynh_arg="PATH"
|
local destination
|
||||||
|
# Manage arguments with getopts
|
||||||
|
ynh_handle_getopts_args "$@"
|
||||||
|
local template_path
|
||||||
|
|
||||||
|
if [ -f "$YNH_APP_BASEDIR/conf/$template" ]; then
|
||||||
|
template_path="$YNH_APP_BASEDIR/conf/$template"
|
||||||
|
elif [ -f "$template" ]; then
|
||||||
|
template_path=$template
|
||||||
|
else
|
||||||
|
ynh_die --message="The provided template $template doesn't exist"
|
||||||
fi
|
fi
|
||||||
ynh_arg="YNH_APP_ARG_$ynh_arg"
|
|
||||||
export $var="${!ynh_arg}"
|
ynh_backup_if_checksum_is_different --file="$destination"
|
||||||
done
|
|
||||||
|
# Make sure to set the permissions before we copy the file
|
||||||
|
# This is to cover a case where an attacker could have
|
||||||
|
# created a file beforehand to have control over it
|
||||||
|
# (cp won't overwrite ownership / modes by default...)
|
||||||
|
touch $destination
|
||||||
|
chown root:root $destination
|
||||||
|
chmod 640 $destination
|
||||||
|
|
||||||
|
ynh_render_template "$template_path" "$destination"
|
||||||
|
|
||||||
|
_ynh_apply_default_permissions $destination
|
||||||
|
|
||||||
|
ynh_store_file_checksum --file="$destination"
|
||||||
}
|
}
|
||||||
# Save listed var in YunoHost app settings
|
|
||||||
# usage: ynh_save_args VARNAME1 [VARNAME2 [...]]
|
|
||||||
ynh_save_args () {
|
|
||||||
for var in $@;
|
|
||||||
do
|
|
||||||
local setting_var="$var"
|
|
||||||
if [ "$var" == "path_url" ]; then
|
|
||||||
setting_var="path"
|
|
||||||
fi
|
|
||||||
ynh_app_setting_set $app $setting_var "${!var}"
|
|
||||||
done
|
|
||||||
}
|
|
||||||
|
|
||||||
ynh_configure () {
|
|
||||||
ynh_backup_if_checksum_is_different $2
|
|
||||||
ynh_render_template "${PKG_DIR}/conf/$1.j2" "$2"
|
|
||||||
ynh_store_file_checksum $2
|
|
||||||
}
|
|
||||||
|
|
||||||
# Send an email to inform the administrator
|
|
||||||
#
|
|
||||||
# usage: ynh_send_readme_to_admin app_message [recipients]
|
|
||||||
# | arg: app_message - The message to send to the administrator.
|
|
||||||
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
|
|
||||||
# example: "root admin@domain"
|
|
||||||
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
|
|
||||||
# example: "root admin@domain user1 user2"
|
|
||||||
ynh_send_readme_to_admin() {
|
|
||||||
local app_message="${1:-...No specific information...}"
|
|
||||||
local recipients="${2:-root}"
|
|
||||||
|
|
||||||
# Retrieve the email of users
|
|
||||||
find_mails () {
|
|
||||||
local list_mails="$1"
|
|
||||||
local mail
|
|
||||||
local recipients=" "
|
|
||||||
# Read each mail in argument
|
|
||||||
for mail in $list_mails
|
|
||||||
do
|
|
||||||
# Keep root or a real email address as it is
|
|
||||||
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
|
|
||||||
then
|
|
||||||
recipients="$recipients $mail"
|
|
||||||
else
|
|
||||||
# But replace an user name without a domain after by its email
|
|
||||||
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
|
|
||||||
then
|
|
||||||
recipients="$recipients $mail"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
echo "$recipients"
|
|
||||||
}
|
|
||||||
recipients=$(find_mails "$recipients")
|
|
||||||
|
|
||||||
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
|
|
||||||
|
|
||||||
local mail_message="This is an automated message from your beloved YunoHost server.
|
|
||||||
Specific information for the application $app.
|
|
||||||
$app_message
|
|
||||||
---
|
|
||||||
Automatic diagnosis data from YunoHost
|
|
||||||
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
|
|
||||||
|
|
||||||
# Define binary to use for mail command
|
|
||||||
if [ -e /usr/bin/bsd-mailx ]
|
|
||||||
then
|
|
||||||
local mail_bin=/usr/bin/bsd-mailx
|
|
||||||
else
|
|
||||||
local mail_bin=/usr/bin/mail.mailutils
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Send the email to the recipients
|
|
||||||
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
|
|
||||||
}
|
|
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -10,45 +8,33 @@
|
||||||
source ../settings/scripts/_common.sh
|
source ../settings/scripts/_common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_print_info --message="Loading installation settings..."
|
|
||||||
|
|
||||||
export app=$YNH_APP_INSTANCE_NAME
|
|
||||||
export final_path="/opt/yunohost/${app}"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_print_info --message="Declaring files to be backed up..."
|
ynh_print_info --message="Declaring files to be backed up..."
|
||||||
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP VARIOUS FILES
|
# BACKUP THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup "/usr/local/bin/backup-with-$app"
|
ynh_backup --src_path="$install_dir"
|
||||||
ynh_backup "/etc/systemd/system/$app.service"
|
|
||||||
ynh_backup "/etc/systemd/system/$app.timer"
|
#=================================================
|
||||||
ynh_backup "/etc/systemd/system/${app}_check.service"
|
# SYSTEM CONFIGURATION
|
||||||
ynh_backup "/etc/systemd/system/${app}_check.timer"
|
#=================================================
|
||||||
ynh_backup "/etc/systemd/system/${app}_check_read_data.service"
|
|
||||||
ynh_backup "/etc/systemd/system/${app}_check_read_data.timer"
|
for suffix in "${systemd_services_suffixes[@]}"; do
|
||||||
ynh_backup "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
ynh_backup --src_path="/etc/systemd/system/$app$suffix.timer"
|
||||||
ynh_backup "${final_path}/check_method_${app}"
|
ynh_backup --src_path="/etc/systemd/system/$app$suffix.service"
|
||||||
ynh_backup "${final_path}/restic_log_${app}"
|
done
|
||||||
ssh_dir="/root/.ssh"
|
|
||||||
ynh_backup "${ssh_dir}/id_${app}_ed25519"
|
ynh_backup --src_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
ynh_backup "${ssh_dir}/id_${app}_ed25519.pub"
|
ynh_backup --src_path="/etc/sudoers.d/$app"
|
||||||
ynh_backup "${ssh_dir}/config"
|
|
||||||
|
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519"
|
||||||
|
ynh_backup --src_path="/root/.ssh/id_${app}_ed25519.pub"
|
||||||
|
# FIXME: uh do we really want to backup it all?
|
||||||
|
ynh_backup --src_path="/root/.ssh/config"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
|
|
211
scripts/install
211
scripts/install
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -9,188 +7,85 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_clean_setup () {
|
|
||||||
ynh_clean_check_starting
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
||||||
#=================================================
|
|
||||||
export app=$YNH_APP_INSTANCE_NAME
|
|
||||||
export final_path="/opt/yunohost/${app}"
|
|
||||||
|
|
||||||
# Retrieve arguments
|
|
||||||
ynh_export server port ssh_user backup_path passphrase on_calendar check_on_calendar check_read_data_on_calendar conf data apps allow_extra_space_use
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STORE SETTINGS FROM MANIFEST
|
# STORE SETTINGS FROM MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Storing installation settings..."
|
|
||||||
|
|
||||||
ynh_save_args server port ssh_user backup_path passphrase on_calendar check_on_calendar check_read_data_on_calendar conf data apps allow_extra_space_use
|
# passwords aren't saved by default
|
||||||
|
ynh_app_setting_set --app=$app --key=passphrase --value="$passphrase"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL RESTIC
|
# INSTALL RESTIC
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Installing restic binary" --weight=7
|
ynh_script_progression --message="Installing Restic..." --weight=7
|
||||||
|
|
||||||
install_restic
|
ynh_setup_source --source_id=main --dest_dir="$install_dir"
|
||||||
|
chmod +x "$install_dir/restic"
|
||||||
|
|
||||||
#=================================================
|
_gen_and_save_public_key
|
||||||
# CREATE APP USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Creating user ${app}"
|
|
||||||
|
|
||||||
useradd -m ${app}
|
_set_ssh_config
|
||||||
|
|
||||||
ynh_script_progression --message="Configure ${app} user sudoer rights"
|
|
||||||
|
|
||||||
cat > /tmp/${app}_sudoer << EOSUDOER
|
|
||||||
${app} ALL = (root) NOPASSWD: /usr/bin/yunohost*, /bin/journalctl*, /usr/bin/find /etc/yunohost/apps -name backup, ${final_path}/check_method_${app}
|
|
||||||
EOSUDOER
|
|
||||||
visudo -cf /tmp/${app}_sudoer && mv /tmp/${app}_sudoer /etc/sudoers.d/${app}
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# ACTIVATE BACKUP METHODS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Activating backup methods"
|
|
||||||
|
|
||||||
mkdir -p /etc/yunohost/hooks.d/backup_method
|
|
||||||
mkdir -p /usr/share/yunohost/backup_method
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP THE BACKUP METHOD
|
# SETUP THE BACKUP METHOD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up backup methods"
|
ynh_script_progression --message="Setting up backup method..." --weight=1
|
||||||
|
|
||||||
ynh_configure backup_method "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
mkdir -p /etc/yunohost/hooks.d/backup
|
||||||
ynh_configure check_method "${final_path}/check_method_${app}"
|
mkdir -p /etc/yunohost/hooks.d/backup_method
|
||||||
|
mkdir -p /usr/share/yunohost/backup_method
|
||||||
|
|
||||||
|
## Backup method
|
||||||
|
_ynh_add_config_j2 --template="backup_method.j2" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
|
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
|
|
||||||
|
_ynh_add_config_j2 --template="backup-with-restic.j2" --destination="$install_dir/backup-with-restic"
|
||||||
|
chmod u+x "$install_dir/backup-with-restic"
|
||||||
|
|
||||||
|
## Check method
|
||||||
|
_ynh_add_config_j2 --template="check_method.j2" --destination="$install_dir/check_method_restic"
|
||||||
|
|
||||||
|
_ynh_add_config_j2 --template="check-restic.j2" --destination="$install_dir/check-restic"
|
||||||
|
chmod u+x "$install_dir/check-restic"
|
||||||
|
|
||||||
|
## Backup log script
|
||||||
|
_ynh_add_config_j2 --template="restic_log.j2" --destination="$install_dir/restic_log"
|
||||||
|
chmod u+x "$install_dir/restic_log"
|
||||||
|
|
||||||
|
# Check log script
|
||||||
|
_ynh_add_config_j2 --template="restic_check_log.j2" --destination="$install_dir/restic_check_log"
|
||||||
|
chmod u+x "$install_dir/restic_check_log"
|
||||||
|
|
||||||
|
chown -R "$app:$app" "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOG SCRIPTS
|
# SYSTEM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up backup log script"
|
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
||||||
|
|
||||||
ynh_configure restic_log "${final_path}/restic_log_${app}"
|
# Systemd services and timers
|
||||||
chmod +x "${final_path}/restic_log_${app}"
|
for suffix in "${systemd_services_suffixes[@]}"; do
|
||||||
chown ${app}: "${final_path}/restic_log_${app}"
|
ynh_add_systemd_config --service="$app$suffix" --template="systemd$suffix.service"
|
||||||
|
_ynh_add_config_j2 --template="systemd$suffix.timer.j2" --destination="/etc/systemd/system/$app$suffix.timer"
|
||||||
|
ynh_systemd_action --service_name="${app}$suffix.service" --action="disable"
|
||||||
|
systemctl enable --quiet "${app}$suffix.timer"
|
||||||
|
ynh_systemd_action --service_name="${app}$suffix.timer" --action="start"
|
||||||
|
|
||||||
ynh_script_progression --message="Setting up check log script"
|
yunohost service add "$app$suffix" --description="Restic backup program ($app$suffix)" \
|
||||||
ynh_configure restic_check_log "${final_path}/restic_check_log_${app}"
|
--test_status="systemctl show $app$suffix.service -p ActiveState --value | grep -v failed"
|
||||||
chmod +x "${final_path}/restic_check_log_${app}"
|
done
|
||||||
chown ${app}: "${final_path}/restic_check_log_${app}"
|
|
||||||
|
|
||||||
#=================================================
|
ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
|
||||||
# CONFIGURE CRON
|
chown root:root "/etc/sudoers.d/$app"
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring cron" --weight=5
|
|
||||||
|
|
||||||
ynh_configure backup-with-restic "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_backup_${app}.log"
|
||||||
ynh_configure check-restic "${final_path}/check-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_backup_${app}.err"
|
||||||
chmod +x "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_check_${app}.log"
|
||||||
chown ${app}: "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_check_${app}.err"
|
||||||
chmod +x "${final_path}/check-${app}"
|
|
||||||
chmod +x "${final_path}/check_method_${app}"
|
|
||||||
ynh_add_systemd_config --service=${app} --template=systemd.service
|
|
||||||
ynh_add_systemd_config --service=${app}_check --template=systemd_check.service
|
|
||||||
ynh_add_systemd_config --service=${app}_check_read_data --template=systemd_check_read_data.service
|
|
||||||
ynh_configure systemd.timer "/etc/systemd/system/${app}.timer"
|
|
||||||
ynh_configure systemd_check.timer "/etc/systemd/system/${app}_check.timer"
|
|
||||||
ynh_configure systemd_check_read_data.timer "/etc/systemd/system/${app}_check_read_data.timer"
|
|
||||||
systemctl disable --quiet ${app}.service
|
|
||||||
systemctl disable --quiet ${app}_check.service
|
|
||||||
systemctl disable --quiet ${app}_check_read_data.service
|
|
||||||
systemctl enable --quiet ${app}.timer
|
|
||||||
systemctl enable --quiet ${app}_check.timer
|
|
||||||
systemctl enable --quiet ${app}_check_read_data.timer
|
|
||||||
systemctl start ${app}.timer
|
|
||||||
systemctl start ${app}_check.timer
|
|
||||||
systemctl start ${app}_check_read_data.timer
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SET PERMISSIONS ON FINAL PATH
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Set permissions on ${final_path}"
|
|
||||||
|
|
||||||
chown -R ${app}: ${final_path}
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP LOGROTATE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring logrotate"
|
|
||||||
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.log
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.err
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.log
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.err
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERATE SSH KEY
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Generating private key"
|
|
||||||
|
|
||||||
ssh_dir="/root/.ssh"
|
|
||||||
if [ ! -d "${ssh_dir}" ];then
|
|
||||||
mkdir -p "${ssh_dir}"
|
|
||||||
fi
|
|
||||||
private_key="${ssh_dir}/id_${app}_ed25519"
|
|
||||||
test -f $private_key || ssh-keygen -q -t ed25519 -N "" -f $private_key
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERATE SSH CONFIG
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Generating ssh config for ${app} server ${server}"
|
|
||||||
|
|
||||||
grep -q "${app}" ${ssh_dir}/config 2>/dev/null || cat << EOCONF >> ${ssh_dir}/config
|
|
||||||
# begin $app ssh config
|
|
||||||
Host ${server}
|
|
||||||
Hostname ${server}
|
|
||||||
Port ${port}
|
|
||||||
User ${ssh_user}
|
|
||||||
IdentityFile ${private_key}
|
|
||||||
StrictHostKeyChecking no
|
|
||||||
UserKnownHostsFile /dev/null
|
|
||||||
# end $app ssh config
|
|
||||||
EOCONF
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# Display key
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="You should now allow the following public key for user ${ssh_user} on server ${server}:
|
|
||||||
|
|
||||||
$(cat ${private_key}.pub)"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SEND A README FOR THE ADMIN
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Sending post-installation instructions to admin" --last
|
|
||||||
|
|
||||||
message="You should now allow the following public key for user ${ssh_user} on server ${server}:
|
|
||||||
$(cat ${private_key}.pub)
|
|
||||||
|
|
||||||
Do so by running those commands on ${server} with user ${ssh_user}:
|
|
||||||
|
|
||||||
mkdir ~/.ssh 2>/dev/null
|
|
||||||
touch ~/.ssh/authorized_keys
|
|
||||||
chmod u=rw,go= ~/.ssh/authorized_keys
|
|
||||||
cat << EOPKEY >> ~/.ssh/authorized_keys
|
|
||||||
$(cat ${private_key}.pub)
|
|
||||||
EOPKEY
|
|
||||||
|
|
||||||
$(if [ "$backup_path" != "./" ];then echo "Also make sure ${backup_path} exists and is writable by ${ssh_user}";fi)
|
|
||||||
|
|
||||||
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/restic_ynh"
|
|
||||||
|
|
||||||
ynh_send_readme_to_admin "$message" "root"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Installation of $app completed"
|
ynh_script_progression --message="Installation of $app completed" --last
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -9,71 +7,37 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..."
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
export final_path="/opt/yunohost/${app}"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE LOGROTATE CONFIGURATION
|
# REMOVE SYSTEM CONFIGURATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing logrotate configuration..."
|
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
|
||||||
|
|
||||||
|
# Systemd services and timers
|
||||||
|
for suffix in "${systemd_services_suffixes[@]}"; do
|
||||||
|
if ynh_exec_warn_less yunohost service status "$app_suffix" >/dev/null; then
|
||||||
|
yunohost service remove "$app_suffix"
|
||||||
|
fi
|
||||||
|
ynh_systemd_action --service_name="$app$suffix.timer" --action="stop"
|
||||||
|
ynh_systemd_action --service_name="$app$suffix.timer" --action="disable"
|
||||||
|
ynh_remove_systemd_config --service="$app$suffix"
|
||||||
|
ynh_secure_remove "/etc/systemd/system/$app$suffix.timer"
|
||||||
|
done
|
||||||
|
|
||||||
# Remove the app-specific logrotate config
|
# Remove the app-specific logrotate config
|
||||||
ynh_remove_logrotate
|
ynh_remove_logrotate
|
||||||
|
|
||||||
#=================================================
|
# Remove sudoers
|
||||||
# REMOVE DEPENDENCIES
|
rm "/etc/sudoers.d/$app"
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing dependencies..." --weight=4
|
|
||||||
|
|
||||||
# Remove metapackage and its dependencies
|
|
||||||
ynh_remove_app_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SPECIFIC REMOVE
|
|
||||||
#=================================================
|
|
||||||
# REMOVE VARIOUS FILES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing various files..." --weight=2
|
|
||||||
|
|
||||||
systemctl stop ${app}.timer
|
|
||||||
systemctl --quiet disable ${app}.timer
|
|
||||||
ynh_remove_systemd_config --service=${app}
|
|
||||||
ynh_remove_systemd_config --service=${app}_check
|
|
||||||
ynh_remove_systemd_config --service=${app}_check_read_data
|
|
||||||
ynh_secure_remove "/etc/systemd/system/${app}.timer"
|
|
||||||
ynh_secure_remove "/etc/systemd/system/${app}_check.timer"
|
|
||||||
ynh_secure_remove "/etc/systemd/system/${app}_check_read_data.timer"
|
|
||||||
ynh_secure_remove "/usr/local/bin/backup-with-${app}"
|
|
||||||
ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
ynh_secure_remove "${final_path}/check_method_${app}"
|
|
||||||
ynh_secure_remove "${final_path}/check-${app}"
|
|
||||||
ynh_secure_remove "${final_path}/restic_log_${app}"
|
|
||||||
ynh_secure_remove "${final_path}/restic_check_log_${app}"
|
|
||||||
ynh_secure_remove "${final_path}"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE SSH CONFIG
|
# REMOVE SSH CONFIG
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing ssh config"
|
ynh_script_progression --message="Removing ssh config"
|
||||||
|
|
||||||
ssh_dir="/root/.ssh"
|
sed -e "/begin ${app}/,/end ${app}/{/.*/d}" /root/.ssh/config -i || true
|
||||||
sed -e "/begin ${app}/,/end ${app}/{/.*/d}" ${ssh_dir}/config -i || true
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC FINALIZATION
|
|
||||||
#=================================================
|
|
||||||
# REMOVE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing sudoers rights for user ${app}"
|
|
||||||
rm /etc/sudoers.d/${app}
|
|
||||||
|
|
||||||
ynh_script_progression --message="Removing ${app} user" --last
|
|
||||||
userdel ${app}
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -11,53 +9,53 @@ source ../settings/scripts/_common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MANAGE SCRIPT FAILURE
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||||
|
|
||||||
ynh_clean_setup () {
|
ynh_restore_file --origin_path="$install_dir"
|
||||||
ynh_clean_check_starting
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
# ynh_setup_source --source_id=main --dest_dir="$install_dir"
|
||||||
# LOAD SETTINGS
|
# chmod +x "$install_dir/restic"
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..."
|
|
||||||
|
|
||||||
export app=$YNH_APP_INSTANCE_NAME
|
_gen_and_save_public_key
|
||||||
|
|
||||||
export server=$(ynh_app_setting_get --app=$app --key=server)
|
chown -R "$app:$app" "$install_dir"
|
||||||
|
|
||||||
export final_path="/opt/yunohost/${app}"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# INSTALL RESTIC
|
|
||||||
#=================================================
|
|
||||||
install_restic
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ACTIVATE BACKUP METHODS
|
# ACTIVATE BACKUP METHODS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Setting up backup method..." --weight=1
|
||||||
|
|
||||||
|
mkdir -p /etc/yunohost/hooks.d/backup
|
||||||
mkdir -p /etc/yunohost/hooks.d/backup_method
|
mkdir -p /etc/yunohost/hooks.d/backup_method
|
||||||
mkdir -p /usr/share/yunohost/backup_method
|
mkdir -p /usr/share/yunohost/backup_method
|
||||||
|
|
||||||
#=================================================
|
ynh_restore_file --origin_path="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
# RESTORE FILES
|
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_restore
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ENABLE TIMER
|
# RESTORE SYSTEM CONFIGURATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
|
||||||
|
|
||||||
systemctl enable --quiet ${app}.timer
|
ynh_restore_file --origin_path="/etc/sudoers.d/$app"
|
||||||
systemctl enable --quiet ${app}_check.timer
|
chown root:root "/etc/sudoers.d/$app"
|
||||||
systemctl enable --quiet ${app}_check_read_data.timer
|
|
||||||
systemctl start ${app}.timer
|
ynh_restore_file --origin_path="/root/.ssh/id_${app}_ed25519"
|
||||||
systemctl start ${app}_check.timer
|
ynh_restore_file --origin_path="/root/.ssh/id_${app}_ed25519.pub"
|
||||||
systemctl start ${app}_check_read_data.timer
|
# FIXME: restore the .ssh/config instead?
|
||||||
|
_set_ssh_config
|
||||||
|
|
||||||
|
for suffix in "${systemd_services_suffixes[@]}"; do
|
||||||
|
ynh_restore_file --origin_path="/etc/systemd/system/$app$suffix.timer"
|
||||||
|
ynh_restore_file --origin_path="/etc/systemd/system/$app$suffix.service"
|
||||||
|
systemctl enable --quiet "$app$suffix.timer"
|
||||||
|
ynh_systemd_action --service_name="$app$suffix.timer" --action="start"
|
||||||
|
|
||||||
|
yunohost service add "$app$suffix" --description="Restic backup program ($app$suffix)" \
|
||||||
|
--test_status="systemctl show $app$suffix.service -p ActiveState --value | grep -v failed"
|
||||||
|
done
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
|
|
254
scripts/upgrade
254
scripts/upgrade
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC START
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -10,194 +8,120 @@ source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# STOP SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..."
|
ynh_script_progression --message="Stopping $app's systemd service..." --weight=1
|
||||||
|
|
||||||
export app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
export final_path="/opt/yunohost/${app}"
|
|
||||||
export server=$(ynh_app_setting_get $app server)
|
|
||||||
export port=$(ynh_app_setting_get $app port)
|
|
||||||
export ssh_user=$(ynh_app_setting_get $app ssh_user)
|
|
||||||
export backup_path=$(ynh_app_setting_get $app backup_path)
|
|
||||||
export passphrase=$(ynh_app_setting_get $app passphrase)
|
|
||||||
export on_calendar=$(ynh_app_setting_get $app on_calendar)
|
|
||||||
export check_on_calendar=$(ynh_app_setting_get $app check_on_calendar)
|
|
||||||
export check_read_data_on_calendar=$(ynh_app_setting_get $app check_read_data_on_calendar)
|
|
||||||
export conf=$(ynh_app_setting_get $app conf)
|
|
||||||
export data=$(ynh_app_setting_get $app data)
|
|
||||||
export apps=$(ynh_app_setting_get $app apps)
|
|
||||||
export allow_extra_space_use=$(ynh_app_setting_get $app allow_extra_space_use)
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CHECK VERSION
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
upgrade_type=$(ynh_check_app_version_changed)
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
|
|
||||||
|
|
||||||
# Backup the current version of the app
|
|
||||||
ynh_backup_before_upgrade
|
|
||||||
ynh_clean_setup () {
|
|
||||||
ynh_clean_check_starting
|
|
||||||
# Restore it if the upgrade fails
|
|
||||||
ynh_restore_upgradebackup
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
|
|
||||||
if grep "${app}.timer" /etc/yunohost/services.yml > /dev/null ; then
|
if grep "${app}.timer" /etc/yunohost/services.yml > /dev/null ; then
|
||||||
yunohost service remove $app.timer
|
yunohost service remove $app.timer
|
||||||
systemctl --quiet enable $app.timer
|
ynh_systemd_action --service="$app" --action="stop"
|
||||||
systemctl start $app.timer
|
ynh_systemd_action --service="$app.timer" --action="disable"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
|
||||||
|
|
||||||
|
if [ -f "/usr/local/bin/backup-with-${app}" ]; then
|
||||||
|
ynh_delete_file_checksum --file="/usr/local/bin/backup-with-${app}"
|
||||||
|
ynh_secure_remove --file="/usr/local/bin/backup-with-${app}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "/usr/local/bin/$app" ]; then
|
||||||
|
ynh_secure_remove --file="/usr/local/bin/$app"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -d "/opt/yunohost/$app" ]; then
|
||||||
|
mv "/opt/yunohost/$app/"* "$install_dir"
|
||||||
|
ynh_delete_file_checksum --file="/opt/yunohost/$app/check-restic"
|
||||||
|
ynh_delete_file_checksum --file="/opt/yunohost/$app/check_method_restic"
|
||||||
|
ynh_delete_file_checksum --file="/opt/yunohost/$app/restic_check_log_restic"
|
||||||
|
ynh_delete_file_checksum --file="/opt/yunohost/$app/restic_log_restic"
|
||||||
|
ynh_secure_remove --file="/opt/yunohost/$app/"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# old versions did not have delimiters in ~/.ssh/config making removal in
|
||||||
|
# multi-instance cases break the remaining instances.
|
||||||
|
# So we need to add the delimiters if they are missing
|
||||||
|
# The config will be re-added afterwards
|
||||||
|
if ! grep -q "begin ${app}" /root/.ssh/config; then
|
||||||
|
# did not find delimiters so removing old configuration
|
||||||
|
sed -e "/Host ${server}/,+6d" "/root/.ssh/config" -i || true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL RESTIC
|
# INSTALL RESTIC
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Installing restic binary" --weight=7
|
ynh_script_progression --message="Installing Restic..." --weight=7
|
||||||
|
|
||||||
install_restic
|
ynh_setup_source --source_id=main --dest_dir="$install_dir"
|
||||||
|
chmod +x "$install_dir/restic"
|
||||||
|
|
||||||
#=================================================
|
# This function will only create it if required
|
||||||
# CREATE APP USER
|
_gen_and_save_public_key
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Creating user ${app}"
|
|
||||||
|
|
||||||
id ${app} 2>/dev/null || useradd -m ${app}
|
# Set ssh config if it is missing
|
||||||
ynh_script_progression --message="Configure ${app} user sudoer rights"
|
if ! grep -q "begin $app" "/root/.ssh/config"; then
|
||||||
cat > /tmp/${app}_sudoer << EOSUDOER
|
_set_ssh_config
|
||||||
${app} ALL = (root) NOPASSWD: /usr/bin/yunohost*, /bin/journalctl*, /usr/bin/find /etc/yunohost/apps -name backup, ${final_path}/check_method_${app}
|
|
||||||
EOSUDOER
|
|
||||||
visudo -cf /tmp/${app}_sudoer && mv /tmp/${app}_sudoer /etc/sudoers.d/${app}
|
|
||||||
ynh_script_progression --message="Move ssh keys from root to ${app} user's home"
|
|
||||||
ynh_script_progression --message="Generate ssh config"
|
|
||||||
set +o errexit
|
|
||||||
set +o nounset
|
|
||||||
export ssh_dir="/root/.ssh"
|
|
||||||
export private_key="${ssh_dir}/id_${app}_ed25519"
|
|
||||||
mkdir ${ssh_dir} 2>/dev/null || true
|
|
||||||
touch ${ssh_dir}/config
|
|
||||||
grep -q "begin ${app}" ${ssh_dir}/config
|
|
||||||
missing_conf="$?"
|
|
||||||
if [ "$missing_conf" -eq "1" ];then
|
|
||||||
cat << EOCONF >> ${ssh_dir}/config
|
|
||||||
# begin $app ssh config
|
|
||||||
Host ${server}
|
|
||||||
Hostname ${server}
|
|
||||||
Port ${port}
|
|
||||||
User ${ssh_user}
|
|
||||||
IdentityFile ${private_key}
|
|
||||||
StrictHostKeyChecking no
|
|
||||||
UserKnownHostsFile /dev/null
|
|
||||||
# end $app ssh config
|
|
||||||
EOCONF
|
|
||||||
fi
|
fi
|
||||||
chown -R ${app}: /home/${app}
|
|
||||||
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# ACTIVATE BACKUP METHODS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Activating backup methods"
|
|
||||||
|
|
||||||
mkdir -p /etc/yunohost/hooks.d/backup_method
|
|
||||||
mkdir -p /usr/share/yunohost/backup_method
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP THE BACKUP METHOD
|
# SETUP THE BACKUP METHOD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up backup methods"
|
ynh_script_progression --message="Setting up backup method..." --weight=1
|
||||||
|
|
||||||
ynh_configure backup_method "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
mkdir -p /etc/yunohost/hooks.d/backup
|
||||||
ynh_configure check_method "${final_path}/check_method_${app}"
|
mkdir -p /etc/yunohost/hooks.d/backup_method
|
||||||
|
mkdir -p /usr/share/yunohost/backup_method
|
||||||
|
|
||||||
|
## Backup method
|
||||||
|
_ynh_add_config_j2 --template="backup_method.j2" --destination="/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
|
chmod go=--- "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
|
||||||
|
|
||||||
|
_ynh_add_config_j2 --template="backup-with-restic.j2" --destination="$install_dir/backup-with-restic"
|
||||||
|
chmod u+x "$install_dir/backup-with-restic"
|
||||||
|
|
||||||
|
## Check method
|
||||||
|
_ynh_add_config_j2 --template="check_method.j2" --destination="$install_dir/check_method_restic"
|
||||||
|
|
||||||
|
_ynh_add_config_j2 --template="check-restic.j2" --destination="$install_dir/check-restic"
|
||||||
|
chmod u+x "$install_dir/check-restic"
|
||||||
|
|
||||||
|
## Backup log script
|
||||||
|
_ynh_add_config_j2 --template="restic_log.j2" --destination="$install_dir/restic_log"
|
||||||
|
chmod u+x "$install_dir/restic_log"
|
||||||
|
|
||||||
|
# Check log script
|
||||||
|
_ynh_add_config_j2 --template="restic_check_log.j2" --destination="$install_dir/restic_check_log"
|
||||||
|
chmod u+x "$install_dir/restic_check_log"
|
||||||
|
|
||||||
|
chown -R "$app:$app" "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOG SCRIPTS
|
# SYSTEM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up backup log script"
|
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
||||||
|
|
||||||
ynh_configure restic_log "${final_path}/restic_log_${app}"
|
# Systemd services and timers
|
||||||
chmod +x "${final_path}/restic_log_${app}"
|
for suffix in "${systemd_services_suffixes[@]}"; do
|
||||||
chown ${app}: "${final_path}/restic_log_${app}"
|
ynh_add_systemd_config --service="$app$suffix" --template="systemd$suffix.service"
|
||||||
|
_ynh_add_config_j2 --template="systemd$suffix.timer.j2" --destination="/etc/systemd/system/$app$suffix.timer"
|
||||||
|
ynh_systemd_action --service_name="${app}$suffix.service" --action="disable"
|
||||||
|
systemctl enable --quiet "${app}$suffix.timer"
|
||||||
|
ynh_systemd_action --service_name="${app}$suffix.timer" --action="start"
|
||||||
|
|
||||||
ynh_script_progression --message="Setting up check log script"
|
yunohost service add "$app$suffix" --description="Restic backup program ($app$suffix)" \
|
||||||
ynh_configure restic_check_log "${final_path}/restic_check_log_${app}"
|
--test_status="systemctl show $app$suffix.service -p ActiveState --value | grep -v failed"
|
||||||
chmod +x "${final_path}/restic_check_log_${app}"
|
done
|
||||||
chown ${app}: "${final_path}/restic_check_log_${app}"
|
|
||||||
|
|
||||||
#=================================================
|
ynh_add_config --template="sudoer" --destination="/etc/sudoers.d/$app"
|
||||||
# CONFIGURE CRON
|
chown root:root "/etc/sudoers.d/$app"
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring cron" --weight=5
|
|
||||||
|
|
||||||
ynh_configure backup-with-restic "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_backup_${app}.log"
|
||||||
ynh_configure check-restic "${final_path}/check-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_backup_${app}.err"
|
||||||
chmod +x "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_check_${app}.log"
|
||||||
chown ${app}: "/usr/local/bin/backup-with-${app}"
|
ynh_use_logrotate --logfile="/var/log/restic_check_${app}.err"
|
||||||
chmod +x "${final_path}/check-${app}"
|
|
||||||
chmod +x "${final_path}/check_method_${app}"
|
|
||||||
ynh_add_systemd_config --service=${app} --template=systemd.service
|
|
||||||
ynh_add_systemd_config --service=${app}_check --template=systemd_check.service
|
|
||||||
ynh_add_systemd_config --service=${app}_check_read_data --template=systemd_check_read_data.service
|
|
||||||
ynh_configure systemd.timer "/etc/systemd/system/${app}.timer"
|
|
||||||
ynh_configure systemd_check.timer "/etc/systemd/system/${app}_check.timer"
|
|
||||||
ynh_configure systemd_check_read_data.timer "/etc/systemd/system/${app}_check_read_data.timer"
|
|
||||||
systemctl --quiet disable ${app}.service
|
|
||||||
systemctl --quiet disable ${app}_check.service
|
|
||||||
systemctl --quiet disable ${app}_check_read_data.service
|
|
||||||
systemctl --quiet enable ${app}.timer
|
|
||||||
systemctl --quiet enable ${app}_check.timer
|
|
||||||
systemctl --quiet enable ${app}_check_read_data.timer
|
|
||||||
systemctl start ${app}.timer
|
|
||||||
systemctl start ${app}_check.timer
|
|
||||||
systemctl start ${app}_check_read_data.timer
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# UPGRADE SSH CONFIG
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# old versions did not have delimiters in ~/.ssh/config
|
|
||||||
# making removal in multi-instance cases break the remaining
|
|
||||||
# instances.
|
|
||||||
# So we need to add the delimiters if they are missing
|
|
||||||
set +o errexit
|
|
||||||
set +o nounset
|
|
||||||
grep -q "begin ${app}" ${ssh_dir}/config
|
|
||||||
missing_delimiters="$?"
|
|
||||||
if [ "$missing_delimiters" -eq 1 ];then
|
|
||||||
# did not find delimiters so removing old configuration
|
|
||||||
sed -e "/Host ${server}/,+6d" ${ssh_dir}/config -i || true
|
|
||||||
cat << EOCONF >> ${ssh_dir}/config
|
|
||||||
# begin $app ssh config
|
|
||||||
Host ${server}
|
|
||||||
Hostname ${server}
|
|
||||||
Port ${port}
|
|
||||||
User ${ssh_user}
|
|
||||||
IdentityFile ${private_key}
|
|
||||||
StrictHostKeyChecking no
|
|
||||||
UserKnownHostsFile /dev/null
|
|
||||||
# end $app ssh config
|
|
||||||
EOCONF
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC FINALIZATION
|
|
||||||
#=================================================
|
|
||||||
# SETUP LOGROTATE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring logrotate"
|
|
||||||
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.log
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_backup_${app}.err
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.log
|
|
||||||
ynh_use_logrotate --logfile=/var/log/restic_check_${app}.err
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
|
|
25
tests.toml
Normal file
25
tests.toml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
|
||||||
|
|
||||||
|
test_format = 1.0
|
||||||
|
|
||||||
|
[default]
|
||||||
|
|
||||||
|
args.server = "dst.domain.tld"
|
||||||
|
args.ssh_user = "sam"
|
||||||
|
args.passphrase = "APassphrase"
|
||||||
|
args.conf = 1
|
||||||
|
args.port = 2222
|
||||||
|
args.backup_path = "src.domain.tld"
|
||||||
|
args.data = 1
|
||||||
|
args.app = "all"
|
||||||
|
args.allow_extra_space_use = 1
|
||||||
|
args.on_calendar = "Daily"
|
||||||
|
args.check_on_calendar = "*-*-8,15,22 3:15"
|
||||||
|
args.check_read_data_on_calendar = "*-*-1 3:15"
|
||||||
|
|
||||||
|
|
||||||
|
[default.test_upgrade_from.526944051f68f4149e415be4e862ce3c69d69f18]
|
||||||
|
name = "0.12.0~ynh9"
|
||||||
|
|
||||||
|
[default.test_upgrade_from.075ce5d9b56f89649623e803e741b36ff5e481df]
|
||||||
|
name = "last packaging v1"
|
Loading…
Add table
Reference in a new issue