]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - config/backup/backup.pl
projects / people / pmueller / ipfire-2.x.git / blob
? search:


768b3550886c0e433e1dcb417d8827b05063f222
[people/pmueller/ipfire-2.x.git] / config / backup / backup.pl
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 NOW="$(date "+%Y-%m-%d-%H:%M")"
23
24 list_addons() {
25 local file
26 for file in /var/ipfire/backup/addons/includes/*; do
27 if [ -f "${file}" ]; then
28 basename "${file}"
29 fi
30 done
31
32 return 0
33 }
34
35 process_includes() {
36 local include
37
38 for include in $@; do
39 local file
40 while read -r file; do
41 for file in ${file}; do
42 if [ -e "${file}" ]; then
43 echo "${file}"
44 fi
45 done
46 done < "${include}"
47 done | sort -u
48 }
49
50 make_backup() {
51 local filename="${1}"
52 shift
53
54 # Backup all addons first
55 local addon
56 for addon in $(list_addons); do
57 make_addon_backup "${addon}"
58 done
59
60 # Backup using global exclude/include definitions
61 tar cvfz "${filename}" \
62 --exclude-from="/var/ipfire/backup/exclude" \
63 --exclude-from="/var/ipfire/backup/exclude.user" \
64 $(process_includes "/var/ipfire/backup/include") \
65 $(process_includes "/var/ipfire/backup/include.user") \
66 "$@"
67
68 return 0
69 }
70
71 restore_backup() {
72 local filename="${1}"
73
74 # Extract backup
75 if ! tar xvzpf "${filename}" -C /; then
76 echo "Could not extract backup" >&2
77 return 1
78 fi
79
80 # Restart syslogd, httpd and suricata in case we've just loaded old logs
81 apachectl -k graceful
82 /bin/kill -HUP `cat /var/run/suricata.pid 2> /dev/null` 2> /dev/null
83 /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null
84
85 # remove wrong vnstat tag file
86 rm -f /var/log/vnstat/tag
87
88 # create dhcpcd user
89 groupadd -g 52 dhcpcd
90 useradd -c 'dhcpcd privsep user' \
91 -d /run/dhcpcd/chroot \
92 -g dhcpcd \
93 -s /bin/false \
94 -u 52 dhcpcd
95
96 # Run converters
97
98 # Outgoing Firewall
99 if [ -d "/var/ipfire/outgoing" ]; then
100 # Reset files
101 local file
102 for file in /var/ipfire/firewall/{config,outgoing} \
103 /var/ipfire/fwhosts/custom{hosts,groups,networks}; do
104 : > "${file}"
105 chown nobody:nobody "${file}"
106 done
107
108 # Run converter
109 convert-outgoingfw
110
111 # Remove old configuration
112 rm -rf "/var/ipfire/outgoing"
113 fi
114
115 # External Access
116 if [ -d "/var/ipfire/xtaccess" ]; then
117 : > /var/ipfire/firewall/config
118 chown nobody:nobody "/var/ipfire/firewall/config"
119
120 # Run converter
121 convert-xtaccess
122
123 # Remove old configuration
124 rm -rf "/var/ipfire/xtaccess"
125 fi
126
127 # DMZ Holes
128 if [ -d "/var/ipfire/dmzholes" ] || [ -d "/var/ipfire/portfw" ]; then
129 : > /var/ipfire/firewall/config
130 chown nobody:nobody "/var/ipfire/firewall/config"
131
132 # Run converter
133 convert-dmz
134
135 # Remove old configuration
136 rm -rf "/var/ipfire/dmzholes"
137 fi
138
139 # Port Forwardings
140 if [ -d "/var/ipfire/portfw" ]; then
141 # Run converter
142 convert-portfw
143
144 # Remove old configuration
145 rm -rf "/var/ipfire/portfw"
146 fi
147
148 # Convert location
149 convert-to-location
150
151 # Reload firewall
152 firewallctrl
153
154 # Convert old OpenVPN CCD files (CN change, Core Update 75)
155 convert-ovpn
156
157 # Snort to suricata converter.
158 if [ -d "/var/ipfire/snort" ]; then
159 # Run converter
160 convert-snort
161
162 # Remove old configuration directory.
163 rm -rf "/var/ipfire/snort"
164 fi
165
166 # IDS multiple providers converter.
167 if [ -e "/var/ipfire/suricata/rules-settings" ]; then
168 # Run the converter
169 convert-ids-multiple-providers
170 fi
171
172 # Convert DNS settings
173 convert-dns-settings
174
175 # move nobeeps if exist
176 [ -e "/var/ipfire/ppp/nobeeps" ] && mv /var/ipfire/ppp/nobeeps /var/ipfire/red/nobeeps
177
178 return 0
179 }
180
181 find_logfiles() {
182 local filelist=( /var/log/messages* /var/log/*.log /var/log/**/*.log )
183
184 echo "${filelist[@]}"
185 }
186
187 make_addon_backup() {
188 local name="${1}"
189 shift
190
191 if [ ! -f "/var/ipfire/backup/addons/includes/${name}" ]; then
192 echo "${name} does not have any backup includes" >&2
193 return 1
194 fi
195
196 local filename="/var/ipfire/backup/addons/backup/${name}.ipf"
197
198 tar cvzf "${filename}" \
199 $(process_includes "/var/ipfire/backup/addons/includes/${name}")
200 }
201
202 restore_addon_backup() {
203 local name="${1}"
204
205 if [ -d "/tmp/${name}.ipf" ]; then
206 mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf"
207 fi
208
209 # Extract backup
210 if ! tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /; then
211 echo "Could not extract backup" >&2
212 return 1
213 fi
214 }
215
216 main() {
217 local command="${1}"
218 shift
219
220 case "${command}" in
221 include)
222 local filename="${1}"
223
224 if [ -z "${filename}" ]; then
225 filename="/var/ipfire/backup/${NOW}.ipf"
226 fi
227
228 make_backup "${filename}" $(find_logfiles)
229 ;;
230
231 exclude)
232 local filename="${1}"
233
234 if [ -z "${filename}" ]; then
235 filename="/var/ipfire/backup/${NOW}.ipf"
236 fi
237
238 make_backup "${filename}"
239 ;;
240
241 restore)
242 local filename="${1}"
243
244 if [ -z "${filename}" ]; then
245 filename="/tmp/restore.ipf"
246 fi
247
248 restore_backup "${filename}"
249 ;;
250
251 addonbackup)
252 make_addon_backup "$@"
253 ;;
254
255 restoreaddon)
256 restore_addon_backup "${1/.ipf/}"
257 ;;
258
259 iso)
260 # Desired backup filename
261 local filename="/var/ipfire/backup/${NOW}.ipf"
262
263 if make_backup "${filename}"; then
264 /usr/local/bin/backupiso "${NOW}"
265 fi
266 ;;
267
268 makedirs)
269 mkdir -p /var/ipfire/backup/addons/{backup,includes}
270 ;;
271
272 list)
273 process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user"
274 ;;
275
276 /var/ipfire/backup/*.ipf|/var/ipfire/backup/addons/backup/*.ipf|/var/tmp/backupiso/*.iso)
277 unlink "${command}"
278 ;;
279
280 *)
281 echo "${0}: [include|exclude|restore|addonbackup <addon>|restoreaddon <addon>|iso]" >&2
282 return 2
283 ;;
284 esac
285
286 return $?
287 }
288
289 main "$@" || exit $?
Peter's tree of IPFire 2.x