bero/test
1
0
Fork 0
Code Issues52 Pull Requests3 Actions Packages Projects Releases Wiki Activity

Compare commits

..

10 Commits
e895f20211 ... 37dd1d8d95

Author SHA1 Message Date
Bernhard Rosenkränzer
37dd1d8d95 Move versioning to service directories so auto-update MRs don't conflict 2025-02-23 23:55:36 +01:00
Bernhard Rosenkränzer
808e7e3a87 Create tmp directory if it doesn't exist already 2025-02-22 21:52:40 +01:00
Bernhard Rosenkränzer
def419a7cd Don't use a lot of space on / if /federated is external storage 2025-02-22 20:08:59 +00:00
Bernhard Rosenkränzer
a6b38d08b2 Update b2, make backuptool compatible with b2 4.x, fix backuptool on ARM 2025-02-22 19:54:48 +00:00
Bernhard Rosenkränzer
02cfee3708 Enable cronie, install b2 2025-02-22 20:39:36 +01:00
Bernhard Rosenkränzer
24df35ac8b Drop docker workarounds 2025-02-21 21:24:43 +01:00
Derek Crudgington
ebe3a80794 Added check for pdnsmysql in backuptool 2025-02-21 15:09:11 +00:00
Bernhard Rosenkränzer
37860c415a docker bisection 2025-02-21 15:51:54 +01:00
Bernhard Rosenkränzer
34478ad3ae docker bisection 2025-02-21 14:42:19 +01:00
saint
197526a355 functions.sh - try docker-28.0.0-2-ovm2590.znver1.rpm instead 2025-02-21 22:25:35 +11:00
35 changed files with 199 additions and 65 deletions
bin
b2-linuxbackuptoolinstall-federated
lib
functions.sh
services
authelia
service
autodiscover
service
baserow
service
bookstack
service
caddy
service
calcom
service
castopod
service
collabora
service
coturn
service
discourse
service
element
service
espocrm
service
freescout
service
gitea
service
jitsi
service
ldap
service
listmonk
service
mail
service
matrix
service
msp
service
nextcloud
service
panel
service
pdnsadmin
service
plane
service
postgresql
service
redis
service
roundcube
service
traefik
service
vaultwarden
service
wireguard
service
wordpress
service

BIN
bin/b2-linux

Binary file not shown.

90
bin/backuptool

@ -3,6 +3,9 @@
# Federated Backup / Restore Tool to B2 Backblaze
. /federated/lib/functions.sh
B2="$(command b2)"
[ -z "$B2" ] && B2=/federated/bin/b2-linux
usage() {
cat << EOF
Backup / Restore for Backblaze
@ -28,26 +31,26 @@ exit 2;
}
createbucket() {
if [ ! -f "/federated/bin/.b2init" ]; then
B2_APPLICATION_KEY_ID="$B2_APPLICATION_KEY_ID" B2_APPLICATION_KEY="$B2_APPLICATION_KEY" /federated/bin/b2-linux create_bucket $UUID allPrivate
B2_APPLICATION_KEY_ID="$B2_APPLICATION_KEY_ID" B2_APPLICATION_KEY="$B2_APPLICATION_KEY" $B2 bucket create $UUID allPrivate
echo "$UUID" > /federated/bin/.b2init
fi
}
listbackup_system() {
echo "* Listing backup system files for /federated/{bin,certs,lib,logs}.."
echo "* Listing backup system files for /federated/bin.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
echo "* Listing backup system files for /federated/certs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
echo "* Listing backup system files for /federated/lib.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
echo "* Listing backup system files for /federated/logs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/logs/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/logs/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
}
listbackup_allservices() {
@ -55,13 +58,13 @@ listbackup_allservices() {
for i in "${SERVICES[@]}"; do
[ ! -d "/federated/apps/$i" ] && echo "$i not installed, skipping." && continue
echo "* Listing backup files for /federated/apps/$i.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
done
}
listbackup_service() {
echo "* Listing backup files for /federated/apps/$SERVICE.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't list backup files"
}
backup_service() {
@ -82,7 +85,7 @@ backup_service() {
fi
done
docker exec postgresql /bin/bash -c "pg_dumpall --globals-only -c -U postgres | gzip -9 > /docker-entrypoint-initdb.d/dump_$SERVICE.sql.gz"
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/postgresql/data/docker-entrypoint-initdb.d/dump_*
@ -103,42 +106,42 @@ backup_service() {
# Backup mysql user table
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} mysql user | gzip -9 > /federated/apps/pdnsmysql/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdnsmysql/dump_*
elif [ "$SERVICE" = "pdns" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} pdns | gzip -9 > /federated/apps/pdns/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdns/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "pdnsadmin" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} pdns | gzip -9 > /federated/apps/pdnsadmin/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdnsadmin/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "castopod" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} castopod | gzip -9 > /federated/apps/castopod/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/castopod/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "wordpress" -o "$SERVICE" = "wordpressshop" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} ${SERVICE} | gzip -9 > /federated/apps/${SERVICE}/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/wordpress/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "bookstack" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} bookstack | gzip -9 > /federated/apps/bookstack/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/bookstack/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "espocrm" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} espocrm | gzip -9 > /federated/apps/espocrm/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/espocrm/dump_$SERVICE.sql.gz
elif [ "$SERVICE" = "roundcube" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} roundcube | gzip -9 > /federated/apps/roundcube/dump_$SERVICE.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/espocrm/dump_$SERVICE.sql.gz
else
@ -149,7 +152,7 @@ backup_service() {
[ $? -ne 0 ] && failcheck "* Couldn't pg_dump files"
mv /federated/apps/postgresql/data/docker-entrypoint-initdb.d/dump_$SERVICE.sql.gz /federated/apps/$SERVICE/
fi
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/apps/$SERVICE b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
[ -f "/federated/apps/$SERVICE/dump_$SERVICE.sql.gz" ] && rm /federated/apps/$SERVICE/dump_$SERVICE.sql.gz
fi
@ -160,19 +163,19 @@ backup_system() {
echo "* Backing up system files in /federated/{bin,certs,lib,logs}.."
echo "* Backing up system files in /federated/bin.."
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/bin b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/bin b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
echo "* Backing up system files in /federated/certs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/certs b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/certs b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
echo "* Backing up system files in /federated/lib.."
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/lib b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/lib b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
echo "* Backing up system files in /federated/logs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity /federated/logs b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/logs/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp /federated/logs b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/logs/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
}
backup_allservices() {
@ -200,7 +203,7 @@ backup_allservices() {
# Dump postgresql global objects only, no databases, then send everything to Backblaze
docker exec postgresql /bin/bash -c "pg_dumpall --globals-only -c -U postgres | gzip -9 > /docker-entrypoint-initdb.d/dump_$i.sql.gz"
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/postgresql/data/docker-entrypoint-initdb.d/dump_*
elif [ "$i" = "pdnsmysql" ]; then
@ -219,42 +222,42 @@ backup_allservices() {
# Backup pdnsmysql mysql user table and send to backblaze
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} mysql user | gzip -9 > /federated/apps/pdnsmysql/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdnsmysql/dump_*
elif [ "$i" = "pdns" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} pdns | gzip -9 > /federated/apps/pdns/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdns/dump_$i.sql.gz
elif [ "$i" = "pdnsadmin" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} pdns | gzip -9 > /federated/apps/pdnsadmin/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/pdnsadmin/dump_$i.sql.gz
elif [ "$i" = "castopod" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} castopod | gzip -9 > /federated/apps/castopod/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/castopod/dump_$i.sql.gz
elif [ "$i" = "wordpress" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} wordpress | gzip -9 > /federated/apps/wordpress/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/wordpress/dump_$i.sql.gz
elif [ "$i" = "bookstack" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} bookstack | gzip -9 > /federated/apps/bookstack/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/bookstack/dump_$i.sql.gz
elif [ "$i" = "espocrm" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} espocrm | gzip -9 > /federated/apps/espocrm/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/espocrm/dump_$i.sql.gz
elif [ "$i" = "roundcube" ]; then
docker exec pdnsmysql mariadb-dump -uroot -p${MYSQL_PASSWORD} roundcube | gzip -9 > /federated/apps/roundcube/dump_$i.sql.gz
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
rm /federated/apps/roundcube/dump_$i.sql.gz
else
@ -264,7 +267,7 @@ backup_allservices() {
[ $? -ne 0 ] && failcheck "* Couldn't pg_dump files"
mv /federated/apps/postgresql/data/docker-entrypoint-initdb.d/dump_$i.sql.gz /federated/apps/$i/
fi
PASSPHRASE=$GPG_PASSPHRASE duplicity --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --full-if-older-than 1M /federated/apps/$i b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/
[ $? -ne 0 ] && failcheck "* Couldn't backup files"
[ -f "/federated/apps/$i/dump_$i.sql.gz" ] && rm /federated/apps/$i/dump_$i.sql.gz
fi
@ -278,7 +281,7 @@ backup_nfsmounts() {
else
echo "* NFS mount found: $NFSMOUNT"
echo "* Backing up NFS.."
PASSPHRASE=$GPG_PASSPHRASE duplicity $NFSMOUNT b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp $NFSMOUNT b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/
[ $? -ne 0 ] && failcheck "* Couldn't backup NFS mount"
fi
}
@ -290,45 +293,45 @@ listbackup_nfsmounts() {
else
echo "* NFS mount found: $NFSMOUNT"
echo "* Listing NFS.."
PASSPHRASE=$GPG_PASSPHRASE duplicity list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp list-current-files b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/
[ $? -ne 0 ] && failcheck "* Couldn't list NFS mount"
fi
}
delete_backup() {
echo "* Deleting backup files for /federated/apps/$SERVICE.."
mkdir -p /federated/tmp/empty
cd /federated/tmp/empty && B2_APPLICATION_KEY_ID="$B2_APPLICATION_KEY_ID" B2_APPLICATION_KEY="$B2_APPLICATION_KEY" /federated/bin/b2-linux sync --allowEmptySource --delete . b2://fed-customers/$UUID/federated/apps/$SERVICE/
cd /federated/tmp/empty && B2_APPLICATION_KEY_ID="$B2_APPLICATION_KEY_ID" B2_APPLICATION_KEY="$B2_APPLICATION_KEY" $B2 sync --allow-empty-source --delete . b2://fed-customers/$UUID/federated/apps/$SERVICE/
[ $? -ne 0 ] && failcheck "* Couldn't delete files"
cd /federated && rm -rf /federated/tmp/empty
}
restorebackup_system() {
echo "* Restoring system files to /federated.restore/{bin,certs,lib,logs}.."
echo "* Restoring system files to /federated.restore/bin.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/ /federated.restore/bin
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/bin/ /federated.restore/bin
[ $? -ne 0 ] && failcheck "* Couldn't restore files"
echo "* Restoring system files to /federated.restore/certs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/ /federated.restore/certs
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/certs/ /federated.restore/certs
[ $? -ne 0 ] && failcheck "* Couldn't restore files"
echo "* Restoring system files to /federated.restore/lib.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/ /federated.restore/lib
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/ /federated.restore/lib
[ $? -ne 0 ] && failcheck "* Couldn't restore files"
echo "* Restoring system files to /federated.restore/logs.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/ /federated.restore/logs
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/lib/ /federated.restore/logs
[ $? -ne 0 ] && failcheck "* Couldn't restore files"
}
restorebackup_service() {
echo "* Restoring $SERVICE to /federated.restore/apps/$SERVICE.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/ /federated.restore/apps/$SERVICE
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$SERVICE/ /federated.restore/apps/$SERVICE
[ $? -ne 0 ] && failcheck "* Couldn't restore files"
}
restorebackup_allservices() {
echo "* Restoring all services.."
for i in "${SERVICES[@]}"; do
echo "** Restoring $i to /federated.restore/apps/$i.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/ /federated.restore/apps/$i
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/federated/apps/$i/ /federated.restore/apps/$i
done
}
restorebackup_nfsmounts() {
@ -339,13 +342,13 @@ restorebackup_nfsmounts() {
else
echo "* NFS mount found: $NFSMOUNT"
echo "* Restoring NFS.."
PASSPHRASE=$GPG_PASSPHRASE duplicity --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/ /federated.restore/$NFSMOUNT
PASSPHRASE=$GPG_PASSPHRASE duplicity --tempdir /federated/tmp --force b2://$B2_APPLICATION_KEY_ID:$B2_APPLICATION_KEY@fed-customers/$UUID/$NFSMOUNT/ /federated.restore/$NFSMOUNT
[ $? -ne 0 ] && failcheck "* Couldn't restore NFS mount"
fi
}
check_freedisk() {
# Check if there is enough free disk space (needs 15G minimum)
FREEDISK=$(df / | awk 'NR==2{print int($4/1024/1024)}')
FREEDISK=$(df /federated | awk 'NR==2{print int($4/1024/1024)}')
if [ $FREEDISK -lt 15 ]; then
send_alert_backups
failcheck "Disk is below 15G, can't backup."
@ -398,7 +401,8 @@ else
fi
# Grab the MySQL pass we need for dumping backups
MYSQL_PASSWORD=`cat /federated/apps/pdnsmysql/.env | grep MYSQL_ROOT_PASSWORD | awk -F= '{ print $2 }'`
[ -d "/federated/apps/pdnsmysql" ] && MYSQL_PASSWORD=`cat /federated/apps/pdnsmysql/.env | grep MYSQL_ROOT_PASSWORD | awk -F= '{ print $2 }'`
mkdir -p /federated/tmp
# If -d is specified then run delete backup
[ $RUN_DELETE ] && delete_backup

1
bin/install-federated

@ -77,6 +77,7 @@ elif [[ "$ID" = "openmandriva" ]]; then
command -v dig &>/dev/null || dnf -y install bind-utils
command -v git &>/dev/null || dnf -y install git-core
command -v crontab &>/dev/null || dnf -y install cronie
systemctl enable --now cronie
# Make cronie happy
mkdir -p /root/.cache || :
command -v nc &>/dev/null || dnf -y install netcat-openbsd

41
lib/functions.sh

@ -143,12 +143,25 @@ upgrade_federated() {
echo -ne "\n* Checking installed app versions with latest-versions."
[ ! -f "/federated/lib/latest-versions" ] && fail "File /federated/lib/latest-version doesn't exist."
APP_DOTS='......................'
for i in `cat /federated/lib/latest-versions`; do
SERVICE=(${i//=/ });
APP="${SERVICE[0]}"
VERSION="${SERVICE[1]}"
for i in /federated/apps/*; do
APP=$(basename $i)
VERSION=""
if [ -e /federated/services/${APP}/service ]; then
. /federated/services/${APP}/service
if [ -z "$VERSION" ]; then
echo "WARNING: No service file in ${APP} service file" >&2
VERSION="$(cat /federated/lib/latest-versions |grep ^${APP}= |cut -d= -f2-)"
fi
else
echo "WARNING: No service file for ${APP} found" >&2
VERSION="$(cat /federated/lib/latest-versions |grep ^${APP}= |cut -d= -f2-)"
fi
if [ -z "$VERSION" ]; then
echo "WARNING: No version information for ${APP} found" >&2
continue
fi
printf "\n%s %s" "$APP" "${APP_DOTS:${#APP}} "
if [ -f "/federated/apps/$APP/.env" ]; then
@ -1447,7 +1460,7 @@ EOF
elif [ "$OSRELEASE" = "openmandriva" ]; then
dnf -y --refresh install curl traefik-certs-dumper duplicity duplicity-backend-b2 duplicity-backend-local duplicity-backend-s3_boto3 duplicity-backend-ssh_paramiko
dnf -y --refresh install curl traefik-certs-dumper duplicity duplicity-backend-b2 duplicity-backend-local duplicity-backend-s3_boto3 duplicity-backend-ssh_paramiko python-b2
if [ "$USE_PODMAN" = "true" ]; then
dnf -y --refresh install podman podman-compose crun iptables
# We want to run a real DNS, can't block port 53
@ -1459,21 +1472,7 @@ EOF
mkdir -p /var/run
ln -s /run/user/0/podman/podman.sock /var/run/docker.sock
else
# Grab an older version of docker instead of just "dnf install docker"
# because 28.0.0 is potentially dangerous, see
# https://github.com/moby/moby/issues/49513
# https://github.com/moby/moby/issues/49511
# https://github.com/moby/moby/issues/49498
if [ "$(uname -m)" = "aarch64" ]; then
wget https://file-store.openmandriva.org/api/v1/file_stores/b435b807ff1b6bc0eabcc5792e9e652b427b438a
elif cat /proc/cpuinfo |grep -q AuthenticAMD; then
wget https://file-store.openmandriva.org/api/v1/file_stores/142e76f40a398c59aaafa727bdf889fb1511d715
else
wget https://file-store.openmandriva.org/api/v1/file_stores/dd69c9573a9c945fdb8dcfdbfc6ba823b914bc24
fi
sudo dnf -y install docker-*.rpm
echo 'exclude=docker' >>/etc/dnf/dnf.conf
dnf -y --refresh install docker-compose
dnf -y --refresh install docker docker-compose
sed -i -e "s,^OPTIONS=.*,OPTIONS=''," /etc/sysconfig/docker
echo 'DOCKER_STORAGE_OPTIONS = --storage-driver btrfs' >>/etc/sysconfig/docker-storage
# Put in log rotation fix for docker container logs

5
services/authelia/service Normal file

@ -0,0 +1,5 @@
CONTAINER=authelia/authelia
VERSION=4.38.8
INTERNAL_IP=192.168.0.42
PORTS=9091
PUBLICPORTS=""

9
services/autodiscover/service Normal file

@ -0,0 +1,9 @@
if [ "$(uname -m)" = "x86_64" ]; then
CONTAINER=monogramm/autodiscover-email-settings
else
CONTAINER=federatedcomputer/autodiscover-email-settings
fi
VERSION=620af02
DEPENDS=mail
INTERNAL_IP=192.168.0.32
PORTS=8000

4
services/baserow/service Normal file

@ -0,0 +1,4 @@
CONTAINER=baserow/baserow
VERSION=1.30.1
INTERNAL_IP=192.168.0.29
DEPENDS="postgresql mail"

4
services/bookstack/service Normal file

@ -0,0 +1,4 @@
CONTAINER=lscr.io/linuxserver/bookstack
VERSION=24.05.3
INTERNAL_IP=192.168.0.36
DEPENDS=pdnsmysql

3
services/caddy/service Normal file

@ -0,0 +1,3 @@
CONTAINER=federatedcomputer/caddy
VERSION=latest
INTERNAL_IP=192.168.0.31

5
services/calcom/service Normal file

@ -0,0 +1,5 @@
CONTAINER=calcom/cal.com
VERSION=v4.7.8
INTERNAL_IP=192.168.0.48
PORTS=3000
DEPENDS=postgresql

5
services/castopod/service Normal file

@ -0,0 +1,5 @@
CONTAINER=castopod/castopod
VERSION=1.6.5
INTERNAL_IP=192.168.0.33
PORTS=8000
DEPENDS=pdnsmysql

4
services/collabora/service Normal file

@ -0,0 +1,4 @@
CONTAINER=collabora/code
VERSION=24.04.12.2.1
INTERNAL_IP=192.168.0.17
PORTS=9980

4
services/coturn/service Normal file

@ -0,0 +1,4 @@
CONTAINER=coturn/coturn
VERSION=4.6.2
INTERNAL_IP=192.168.0.35
PORTS="3478 3479 5349 5350"

2
services/discourse/service

@ -1,6 +1,6 @@
CONTAINER=docker.io/bitnami/discourse
VERSION=3.3.3
DEPENDS=redis
DEPENDS="redis postgresql"
INTERNAL_IP=192.168.0.43
# sidekiq
EXTRA_IPS=192.168.0.44

3
services/element/service Normal file

@ -0,0 +1,3 @@
CONTAINER=vectorim/element-web
VERSION=v1.11.92
INTERNAL_IP=192.168.0.20

4
services/espocrm/service Normal file

@ -0,0 +1,4 @@
CONTAINER=espocrm/espocrm
VERSION=8.4.0-apache
INTERNAL_IP=192.168.0.39
DEPENDS="ldap pdnsmysql"

4
services/freescout/service Normal file

@ -0,0 +1,4 @@
CONTAINER=ghcr.io/tiredofit/docker-freescout
VERSION=latest_php8.3
INTERNAL_IP=192.168.0.37
DEPENDS=postgresql

5
services/gitea/service Normal file

@ -0,0 +1,5 @@
CONTAINER=gitea/gitea
VERSION=1.23.3
INTERNAL_IP=192.168.0.30
PORTS=3000
DEPENDS=postgresql

5
services/jitsi/service Normal file

@ -0,0 +1,5 @@
CONTAINER=jitsi/web
VERSION=stable-9955
INTERNAL_IP=192.168.0.25
PORTS="5222 5347 5280"
EXTRA_IPS="192.168.0.26 192.168.0.27 192.168.0.28"

4
services/ldap/service Normal file

@ -0,0 +1,4 @@
CONTAINER=osixia/openldap
VERSION=1.5.0
INTERNAL_IP=192.168.0.15
PORTS="389 636"

5
services/listmonk/service Normal file

@ -0,0 +1,5 @@
CONTAINER=listmonk/listmonk
VERSION=v4.1.0
INTERNAL_IP=192.168.0.21
DEPENDS=postgresql
PORTS=9000

5
services/mail/service Normal file

@ -0,0 +1,5 @@
CONTAINER=docker.io/mailserver/docker-mailserver
VERSION=14.0
INTERNAL_IP=192.168.0.16
DEPENDS=ldap
PUBLIC_PORTS="25 143 465 587 993 4190"

4
services/matrix/service Normal file

@ -0,0 +1,4 @@
CONTAINER=matrixdotorg/synapse
VERSION=v1.124.0
INTERNAL_IP=192.168.0.19
DEPENDS=postgresql

3
services/msp/service Normal file

@ -0,0 +1,3 @@
CONTAINER=thebells1111/federated-msp
VERSION=latest
INTERNAL_IP=192.168.0.38

4
services/nextcloud/service Normal file

@ -0,0 +1,4 @@
CONTAINER=nextcloud
VERSION=30.0.5
INTERNAL_IP=192.168.0.18
DEPENDS=postgresql

3
services/panel/service Normal file

@ -0,0 +1,3 @@
CONTAINER=wheelybird/ldap-user-manager
VERSION=v1.11
INTERNAL_IP=192.168.0.23

4
services/pdnsadmin/service Normal file

@ -0,0 +1,4 @@
CONTAINER=pschiffe/pdns-admin
VERSION=0.4.1
INTERNAL_IP=192.168.0.12
DEPENDS="pdnsmysql pdns"

6
services/plane/service Normal file

@ -0,0 +1,6 @@
CONTAINER=makeplane/plane-frontend
VERSION=v0.24.1
DEPENDS=postgresql
INTERNAL_IP=192.168.0.50
EXTRA_IPS=192.168.0.51
PORTS=3000

4
services/postgresql/service Normal file

@ -0,0 +1,4 @@
CONTAINER=postgres
VERSION=14
INTERNAL_IP=192.168.0.14
PORT=5432

4
services/redis/service Normal file

@ -0,0 +1,4 @@
CONTAINER=bitnami/redis
VERSION=7.0.15
INTERNAL_IP=192.168.0.45
PORTS=6379

4
services/roundcube/service Normal file

@ -0,0 +1,4 @@
CONTAINER=roundcube/roundcubemail
VERSION=1.6.9-apache
INTERNAL_IP=192.168.0.47
DEPENDS="pdnsmysql mail"

3
services/traefik/service Normal file

@ -0,0 +1,3 @@
CONTAINER=traefik
VERSION=v2.11.16
INTERNAL_IP=192.168.0.13

4
services/vaultwarden/service Normal file

@ -0,0 +1,4 @@
CONTAINER=vaultwarden/server
VERSION=1.32.7
INTERNAL_IP=192.168.0.22
DEPENDS=postgresql

4
services/wireguard/service Normal file

@ -0,0 +1,4 @@
CONTAINER=linuxserver/wireguard
VERSION=1.0.20210914
INTERNAL_IP=192.168.0.24
PORTS="51820/udp"

5
services/wordpress/service Normal file

@ -0,0 +1,5 @@
CONTAINER=bitnami/wordpress
VERSION=6.2.2
INTERNAL_IP=192.168.0.34
PORTS=8080
DEPENDS=pdnsmysql