backup: Rewrite backup script

The old script was quite messy and written in perl although
it was only calling shell commands.

This version is now written in shell although keeping the .pl
file suffix and is a drop-in replacement.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index ce89116356408ce0aa5e596d479c8d848f0cb327..ddf2bf2b1697629f9f53b7cdfe1c7c3d7f588c0e 100644 (file)
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/bin/bash
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
@@ -19,148 +19,199 @@
 #                                                                             #
 ###############################################################################
 
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-use File::Path;
-my $debug = 1;
-my @include = "";
-my ($Sekunden, $Minuten, $Stunden, $Monatstag, $Monat, $Jahr, $Wochentag, $Jahrestag, $Sommerzeit) = localtime(time);
-$Jahr = $Jahr + 1900;$Monat = $Monat + 1;
-$Monat = sprintf("%02d", $Monat);
-$Monatstag = sprintf("%02d", $Monatstag);
-$Stunden = sprintf("%02d", $Stunden);
-$Minuten = sprintf("%02d", $Minuten);
-
-if (($ARGV[0] eq 'include') || ($ARGV[0] eq 'iso')) {
-  &createinclude;
-    my @files = `find / -name *.log* 2>/dev/null`;
-    foreach (@files){
-      push(@include,$_);
-     }
-    my @files = `find /var/log/ -name *messages* 2>/dev/null`;
-    foreach (@files){
-      push(@include,$_);
-     }
-  open(DATEI, ">/tmp/include") || die "Could not save temp include file";
-  print DATEI @include;
-  print "/var/log/messages";
-  close(DATEI);
-  system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten.ipf --exclude-from='/var/ipfire/backup/exclude' --exclude-from='/var/ipfire/backup/exclude.user' --files-from='/tmp/include' --files-from='/var/ipfire/backup/include.user'");
-  system("rm /tmp/include");
-  if ($ARGV[0] eq 'iso') {
-       system("/usr/local/bin/backupiso $Jahr$Monat$Monatstag-$Stunden$Minuten &");
-  }
-}
-elsif ($ARGV[0] eq 'exclude') {
-  &createinclude;
-  open(DATEI, ">/tmp/include") || die "Could not save temp include file";
-  print DATEI @include;
-  close(DATEI);
-  system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten.ipf --exclude-from='/var/ipfire/backup/exclude' --exclude-from='/var/ipfire/backup/exclude.user' --files-from='/tmp/include' --files-from='/var/ipfire/backup/include.user'");
-  system("rm /tmp/include");
-}
-elsif ($ARGV[0] eq 'restore') {
-  system("cd / && tar -xvz -p -f /tmp/restore.ipf");
-  #Here some converter scripts to correct old Backups (before core 65)
-  system("/usr/sbin/ovpn-ccd-convert");
-  #OUTGOINGFW CONVERTER
-  if( -d "${General::swroot}/outgoing"){
-         if( -f "${General::swroot}/firewall/config" ){
-                 unlink("${General::swroot}/firewall/config");
-                 system("touch ${General::swroot}/firewall/config");
-                 chown 99,99,"${General::swroot}/firewall/config";
-         }
-         if( -f "${General::swroot}/firewall/outgoing" ){
-                 unlink("${General::swroot}/firewall/outgoing");
-                 system("touch ${General::swroot}/firewall/outgoing");
-                 chown 99,99,"${General::swroot}/firewall/outgoing";
-         }
-         unlink("${General::swroot}/fwhosts/customgroups");
-         unlink("${General::swroot}/fwhosts/customhosts");
-         unlink("${General::swroot}/fwhosts/customgroups");
-         unlink("${General::swroot}/fwhosts/customnetworks");
-         unlink("${General::swroot}/fwhosts/customservicegrp");
-         unlink("${General::swroot}/fwhosts/customnetworks");
-         system("touch ${General::swroot}/fwhosts/customgroups");
-         system("touch ${General::swroot}/fwhosts/customhosts");
-         system("touch ${General::swroot}/fwhosts/customnetworks");
-         system("touch ${General::swroot}/fwhosts/customservicegrp");
-         #START CONVERTER "OUTGOINGFW"
-         system("/usr/sbin/convert-outgoingfw");
-         chown 99,99,"${General::swroot}/fwhosts/customgroups";
-         chown 99,99,"${General::swroot}/fwhosts/customhosts";
-         chown 99,99,"${General::swroot}/fwhosts/customnetworks";
-         chown 99,99,"${General::swroot}/fwhosts/customservicegrp";
-         #START CONVERTER "OUTGOINGFW"
-         rmtree("${General::swroot}/outgoing");
-  }
-  #XTACCESS CONVERTER
-  if( -d "${General::swroot}/xtaccess"){
-         if( -f "${General::swroot}/firewall/input" ){
-                 unlink("${General::swroot}/firewall/input");
-                 system("touch ${General::swroot}/firewall/input");
-         }
-         #START CONVERTER "XTACCESS"
-         system("/usr/sbin/convert-xtaccess");
-         chown 99,99,"${General::swroot}/firewall/input";
-         rmtree("${General::swroot}/xtaccess");
-  }
-  #DMZ-HOLES CONVERTER
-  if( -d "${General::swroot}/dmzholes" || -d "${General::swroot}/portfw"){
-         if( -f "${General::swroot}/firewall/config" ){
-                 unlink("${General::swroot}/firewall/config");
-                 system("touch ${General::swroot}/firewall/config");
-         }
-         #START CONVERTER "DMZ-HOLES"
-         system("/usr/sbin/convert-dmz");
-         chown 99,99,"${General::swroot}/firewall/config";
-         rmtree("${General::swroot}/dmzholes");
-  }
-  #PORTFORWARD CONVERTER
-  if( -d "${General::swroot}/portfw"){
-       #START CONVERTER "PORTFW"
-       system("/usr/sbin/convert-portfw");
-       rmtree("${General::swroot}/portfw");
-  }
-  system("/usr/local/bin/firewallctrl");
-
-  # Convert old OpenVPN CCD files (CN change, core 75).
-  system("/usr/local/bin/convert-ovpn");
+NOW="$(date "+%Y-%m-%d-%H:%M")"
+
+list_addons() {
+       local file
+       for file in /var/ipfire/backup/addons/includes/*; do
+               if [ -f "${file}" ]; then
+                       basename "${file}"
+               fi
+       done
+
+       return 0
 }
-elsif ($ARGV[0] eq 'restoreaddon') {
-  if ( -e "/tmp/$ARGV[1]" ){system("mv /tmp/$ARGV[1] /var/ipfire/backup/addons/backup/$ARGV[1]");}
-  system("cd / && tar -xvz -p -f /var/ipfire/backup/addons/backup/$ARGV[1]");
+
+process_includes() {
+       local include
+
+       for include in $@; do
+               local file
+               while read -r file; do
+                       while read file; do
+                               if [ -e "${file}" ]; then
+                                       echo "${file}"
+                               fi
+                       done <<< ${file}
+               done < "${include}"
+       done | sort -u
 }
-elsif ($ARGV[0] eq 'cli') {
-  system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten-$ARGV[1].ipf --files-from='$ARGV[2]' --exclude-from='$ARGV[3]'");
+
+make_backup() {
+       local filename="${1}"
+       shift
+
+       # Backup all addons first
+       local addon
+       for addon in $(list_addons); do
+               make_addon_backup "${addon}"
+       done
+
+       tar cvzf "${filename}" \
+               --exclude-from="/var/ipfire/backup/exclude" \
+               --exclude-from="/var/ipfire/backup/exclude.user" \
+               $(process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user") \
+               "$@"
+
+       return 0
 }
-elsif ($ARGV[0] eq 'addonbackup') {
-  system("tar -cvzf /var/ipfire/backup/addons/backup/$ARGV[1].ipf --files-from='/var/ipfire/backup/addons/includes/$ARGV[1]'");
+
+restore_backup() {
+       local filename="${1}"
+
+       tar xvzpf "${filename}" -C /
+
+       # Run converters
+
+       # Outgoing Firewall
+       if [ -d "/var/ipfire/outgoing" ]; then
+               # Reset files
+               local file
+               for file in /var/ipfire/firewall/{config,outgoing} \
+                               /var/ipfire/fwhosts/custom{hosts,groups,networks}; do
+                       : > "${file}"
+                       chown nobody:nobody "${file}"
+               done
+
+               # Run converter
+               convert-outgoingfw
+
+               # Remove old configuration
+               rm -rf "/var/ipfire/outgoing"
+       fi
+
+       # External Access
+       if [ -d "/var/ipfire/xtaccess" ]; then
+               : > /var/ipfire/firewall/config
+               chown nobody:nobody "/var/ipfire/firewall/config"
+
+               # Run converter
+               convert-xtaccess
+
+               # Remove old configuration
+               rm -rf "/var/ipfire/xtaccess"
+       fi
+
+       # DMZ Holes
+       if [ -d "/var/ipfire/dmzholes" ] || [ -d "/var/ipfire/portfw" ]; then
+               : > /var/ipfire/firewall/config
+               chown nobody:nobody "/var/ipfire/firewall/config"
+
+               # Run converter
+               convert-dmz
+
+               # Remove old configuration
+               rm -rf "/var/ipfire/dmzholes"
+       fi
+
+       # Port Forwardings
+       if [ -d "/var/ipfire/portfw" ]; then
+               # Run converter
+               convert-portfw
+
+               # Remove old configuration
+               rm -rf "/var/ipfire/portfw"
+       fi
+
+       # Reload firewall
+       firewallctrl
+
+       # Convert old OpenVPN CCD files (CN change, Core Update 75)
+       convert-ovpn
+
+       return 0
 }
-elsif ($ARGV[0] =~ /\.(iso|ipf)$/ ) {
-  unlink("$ARGV[0]");
+
+find_logfiles() {
+       local filelist=( /var/log/messages* /var/log/*.log /var/log/**/*.log )
+
+       echo "${filelist[@]}"
 }
-elsif ($ARGV[0] eq '') {
- printf "No argument given, please use <include><exclude><cli>\n"
+
+make_addon_backup() {
+       local name="${1}"
+       shift
+
+       if [ ! -f "/var/ipfire/backup/addons/includes/${name}" ]; then
+               echo "${name} does not have any backup includes" >&2
+               return 1
+       fi
+
+       local filename="/var/ipfire/backup/addons/backup/${name}.ipf"
+
+       tar cvzf "${filename}" \
+               $(process_includes "/var/ipfire/backup/addons/includes/${name}")
 }
-elsif ($ARGV[0] eq 'makedirs') {
- system("mkdir -p /var/ipfire/backup/addons");
- system("mkdir -p /var/ipfire/backup/addons/backup");
- system("mkdir -p /var/ipfire/backup/addons/includes");
+
+restore_addon_backup() {
+       local name="${1}"
+
+       if [ -d "/tmp/${name}.ipf" ]; then
+               mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf"
+       fi
+
+       tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C /
 }
 
-sub createinclude(){
+main() {
+       local command="${1}"
+       shift
+
+       # Desired backup filename
+       local filename="/var/ipfire/backup/${NOW}.ipf"
+
+       case "${command}" in
+               include)
+                       make_backup "${filename}" $(find_logfiles)
+                       ;;
+
+               exclude)
+                       make_backup "${filename}"
+                       ;;
+
+               restore)
+                       restore_backup "/tmp/restore.ipf"
+                       ;;
+
+               addonbackup)
+                       make_addon_backup "$@"
+                       ;;
 
-  open(DATEI, "<${General::swroot}/backup/include") || die "Can not open include file";
-  my @Zeilen = <DATEI>;
-  close(DATEI);
+               restoreaddon)
+                       restore_addon_backup "${1/.ipf/}"
+                       ;;
 
-  foreach (@Zeilen){
-    chomp($_);
-    my @files = `find $_ -maxdepth 0 2>/dev/null`;
-    foreach (@files){
-      push(@include,$_);
-    }
-  }
+               iso)
+                       if make_backup "${filename}"; then
+                               /usr/local/bin/backupiso "${NOW}" &
+                       fi
+                       ;;
+
+               makedirs)
+                       mkdir -p /var/ipfire/backup/addons/{backup,includes}
+                       ;;
+
+               /var/ipfire/backup/*.ipf|/var/ipfire/backup/addons/backup/*.ipf|/var/tmp/backupiso/*.iso)
+                       unlink "${command}"
+                       ;;
+
+               *)
+                       echo "${0}: [include|exclude|restore|addonbackup <addon>|restoreaddon <addon>|iso]" >&2
+                       return 2
+                       ;;
+       esac
+
+       return $?
 }
+
+main "$@" || exit $?

diff --git a/config/rootfiles/core/125/filelists/files b/config/rootfiles/core/125/filelists/files
index d019c0c0a93a8a1dc1bf4ef500cbb01248f4e973..59de4346077e7b81902f2b2608464e8e5ec10cfb 100644 (file)
--- a/config/rootfiles/core/125/filelists/files
+++ b/config/rootfiles/core/125/filelists/files
@@ -7,5 +7,6 @@ srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
 srv/web/ipfire/cgi-bin/media.cgi
 srv/web/ipfire/cgi-bin/pakfire.cgi
 usr/local/bin/makegraphs
+var/ipfire/backup/bin/backup.pl
 var/ipfire/backup/include
 var/ipfire/langs