Skip to content
Snippets Groups Projects
Commit 7331600e authored by Bob Mottram's avatar Bob Mottram
Browse files

Daemon function for backup and restore of keys via webadmin

parent 0df1c655
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 416 additions and 11 deletions
src/freedombone-installer
+ 68
5
View file @ 7331600e
......@@ -64,14 +64,18 @@ webadmin_prev_hour=99
# temporary backup and restore scripts
backup_script=/root/.webadmin_backup.sh
backup_keys_script=/root/.webadmin_backup_keys.sh
restore_script=/root/.webadmin_restore.sh
restore_keys_script=/root/.webadmin_restore_keys.sh
format_script=/root/.webadmin_format.sh
new_user_script=/root/.webadmin_new_user.sh
remove_user_script=/root/.webadmin_remove_user.sh
# Files used to initiate backup or restore manually from the web UI
backup_file="$webadmin_install_dir/.start_backup"
backup_keys_file="$webadmin_install_dir/.start_backup_keys"
restore_file="$webadmin_install_dir/.start_restore"
restore_keys_file="$webadmin_install_dir/.start_restore_keys"
format_file="$webadmin_install_dir/.start_format"
# These files contain the percentage progress
......@@ -499,7 +503,9 @@ function check_for_existing_processes {
echo 'exit_if_process_is_running fbone_installer.sh';
echo 'exit_if_process_is_running webadmin_format.sh';
echo 'exit_if_process_is_running webadmin_backup.sh';
echo 'exit_if_process_is_running webadmin_backup_keys.sh';
echo 'exit_if_process_is_running webadmin_restore.sh';
echo 'exit_if_process_is_running webadmin_restore_keys.sh';
echo 'exit_if_process_is_running webadmin_new_user.sh';
echo 'exit_if_process_is_running webadmin_remove_user.sh';
echo ''; } > "$script_name"
......@@ -512,7 +518,7 @@ function run_setup_command {
check_for_existing_processes $installer_script
{ echo "echo \"Beginning install $(date)\" > $webadmin_install_dir/log.txt";
{ echo "echo \"Beginning install \$(date)\" > $webadmin_install_dir/log.txt";
echo "chown www-data:www-data $webadmin_install_dir/log.txt";
echo '';
echo "/usr/local/bin/freedombone -c \"$CONFIGURATION_FILE\" >> $webadmin_install_dir/log.txt;";
......@@ -920,14 +926,14 @@ function backup_and_restore {
if [ -f "$restore_file" ]; then
rm "$restore_file"
check_for_existing_processes $restore_script
{ echo "echo \"Beginning webadmin restore $(date)\" > $webadmin_install_dir/restore.txt";
{ echo "echo \"Beginning webadmin restore \$(date)\" > $webadmin_install_dir/restore.txt";
echo "chown www-data:www-data $webadmin_install_dir/restore.txt";
echo '';
echo "cp $webadmin_install_dir/restore_progress_template.html $webadmin_install_dir/restore_progress.html";
echo "chown www-data:www-data $webadmin_install_dir/restore_progress.html";
echo '';
echo "if /usr/local/bin/${PROJECT_NAME}-restore-local simple >> $webadmin_install_dir/restore.txt; then";
echo " echo \"Completed $(date)\" >> $webadmin_install_dir/restore.txt";
echo " echo \"Completed \$(date)\" >> $webadmin_install_dir/restore.txt";
echo " cp $webadmin_install_dir/restore_complete.html $webadmin_install_dir/restore_progress.html";
echo 'else';
echo " cp $webadmin_install_dir/restore_failed.html $webadmin_install_dir/restore_progress.html";
......@@ -948,14 +954,14 @@ function backup_and_restore {
rm "$backup_file"
check_for_existing_processes $backup_script
{ echo "echo \"Beginning webadmin backup $(date)\" > $webadmin_install_dir/backup.txt";
{ echo "echo \"Beginning webadmin backup \$(date)\" > $webadmin_install_dir/backup.txt";
echo "chown www-data:www-data $webadmin_install_dir/backup.txt";
echo '';
echo "cp $webadmin_install_dir/backup_progress_template.html $webadmin_install_dir/backup_progress.html";
echo "chown www-data:www-data $webadmin_install_dir/backup_progress.html";
echo '';
echo "if /usr/local/bin/${PROJECT_NAME}-backup-local simple >> $webadmin_install_dir/backup.txt; then";
echo " echo \"Completed $(date)\" >> $webadmin_install_dir/backup.txt";
echo " echo \"Completed \$(date)\" >> $webadmin_install_dir/backup.txt";
echo " cp $webadmin_install_dir/backup_complete.html $webadmin_install_dir/backup_progress.html";
echo 'else';
echo " cp $webadmin_install_dir/backup_failed.html $webadmin_install_dir/backup_progress.html";
......@@ -995,6 +1001,62 @@ function backup_and_restore {
fi
}
function backup_and_restore_keys {
if [ -f "$restore_keys_file" ]; then
rm "$restore_keys_file"
admin_username=$(grep 'MY_USERNAME=' "$CONFIGURATION_FILE" | head -n 1 | awk -F '=' '{print $2}')
check_for_existing_processes $restore_keys_script
{ echo "echo \"Beginning webadmin restore keys \$(date)\" > $webadmin_install_dir/restore.txt";
echo "chown www-data:www-data $webadmin_install_dir/restore.txt";
echo '';
echo "cp $webadmin_install_dir/restore_keys_progress_template.html $webadmin_install_dir/restore_keys_progress.html";
echo "chown www-data:www-data $webadmin_install_dir/restore_keys_progress.html";
echo '';
echo "if /usr/local/bin/${PROJECT_NAME}-recoverkey -u \"$admin_username\" -d \"simple\" >> $webadmin_install_dir/restore.txt; then";
echo " echo \"Completed \$(date)\" >> $webadmin_install_dir/restore.txt";
echo " cp $webadmin_install_dir/restore_keys_complete.html $webadmin_install_dir/restore_keys_progress.html";
echo 'else';
echo " cp $webadmin_install_dir/restore_keys_failed.html $webadmin_install_dir/restore_keys_progress.html";
echo 'fi';
echo '';
echo "chown www-data:www-data $webadmin_install_dir/restore.txt";
echo "chown www-data:www-data $webadmin_install_dir/restore_keys_progress.html";
echo '';
echo "exit 0"; } >> $restore_keys_script
chmod +x $restore_keys_script
# run in a separate process
./$restore_keys_script &
else
if [ -f "$backup_keys_file" ]; then
rm "$backup_keys_file"
admin_username=$(grep 'MY_USERNAME=' "$CONFIGURATION_FILE" | head -n 1 | awk -F '=' '{print $2}')
check_for_existing_processes $backup_keys_script
{ echo "echo \"Beginning webadmin backup keys \$(date)\" > $webadmin_install_dir/backup.txt";
echo "chown www-data:www-data $webadmin_install_dir/backup.txt";
echo '';
echo "cp $webadmin_install_dir/backup_keys_progress_template.html $webadmin_install_dir/backup_keys_progress.html";
echo "chown www-data:www-data $webadmin_install_dir/backup_keys_progress.html";
echo '';
echo "if /usr/local/bin/${PROJECT_NAME}-keydrive -u \"$admin_username\" --master 'yes' -d \"simple\" >> $webadmin_install_dir/backup.txt; then";
echo " echo \"Completed \$(date)\" >> $webadmin_install_dir/backup.txt";
echo " cp $webadmin_install_dir/backup_keys_complete.html $webadmin_install_dir/backup_keys_progress.html";
echo 'else';
echo " cp $webadmin_install_dir/backup_keys_failed.html $webadmin_install_dir/backup_keys_progress.html";
echo 'fi';
echo '';
echo "chown www-data:www-data $webadmin_install_dir/backup.txt";
echo "chown www-data:www-data $webadmin_install_dir/backup_keys_progress.html";
echo '';
echo "exit 0"; } >> $backup_keys_script
chmod +x $backup_keys_script
# run in a separate process
./$backup_keys_script &
fi
fi
}
function is_valid_user {
USRNAME="$1"
if [[ "$USRNAME" != "turtl" && "$USRNAME" != "znc" && "$USRNAME" != "pihole" && "$USRNAME" != "fbone" && "$USRNAME" != "go" && "$USRNAME" != "gogs" && "$USRNAME" != "git" && "$USRNAME" != "sync" && "$USRNAME" != "tahoelafs" ]]; then
......@@ -1118,6 +1180,7 @@ do
else
if [ $install_state -eq $INSTALL_STATE_COMMAND_SUCCESS ]; then
backup_and_restore
backup_and_restore_keys
add_remove_users
install_apps_from_webadmin
sleep 1
......
src/freedombone-keydrive
+ 18
5
View file @ 7331600e
......@@ -31,6 +31,8 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-keydrive
export TEXTDOMAINDIR="/usr/share/locale"
source "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-backup"
USB_DRIVE=/dev/sdb1
USB_MOUNT=/mnt/usb
KEY_FRAGMENTS=3
......@@ -38,6 +40,7 @@ FRAGMENTS_DIR=$USB_MOUNT/.gnupg_fragments
MY_USERNAME=$USER
MASTER_DRIVE="no"
FORMAT="no"
simple_backup=
function show_help {
echo ''
......@@ -60,10 +63,18 @@ do
;;
-d|--dev)
shift
if [[ "${1}" != '/dev/'* ]]; then
USB_DRIVE=/dev/${1}1
backup_device="$1"
if [[ "$backup_device" == 'simple' || "$backup_device" == 'auto'* ]]; then
backup_device=$(detect_connected_drives)
if [ ! "$backup_device" ]; then
exit 358635
fi
simple_backup=1
fi
if [[ "$backup_device" != '/dev/'* ]]; then
USB_DRIVE=/dev/${backup_device}1
else
USB_DRIVE=${1}
USB_DRIVE=${backup_device}
fi
;;
-m|--master)
......@@ -116,8 +127,10 @@ if [[ $FORMAT == "yes" ]]; then
fi
fi
if cryptsetup open --type luks "$USB_DRIVE" encrypted_usb; then
USB_DRIVE=/dev/mapper/encrypted_usb
if [ ! $simple_backup ]; then
if cryptsetup open --type luks "$USB_DRIVE" encrypted_usb; then
USB_DRIVE=/dev/mapper/encrypted_usb
fi
fi
if ! mount $USB_DRIVE $USB_MOUNT; then
echo $"There was a problem mounting the USB drive to $USB_MOUNT"
......
src/freedombone-recoverkey
+ 8
0
View file @ 7331600e
......@@ -42,6 +42,7 @@ done
FRIENDS_SERVERS_LIST=
MY_USERNAME=
simple_backup=
function show_help {
echo ''
......@@ -63,6 +64,13 @@ do
shift
MY_USERNAME="$1"
;;
-d|--dev)
shift
if [[ "$1" == 'simple' ]]; then
import_gpg_from_master_keydrive
exit 0
fi
;;
# backup list filename
# typically /home/$USER/backup.list
-l|--list)
......
src/freedombone-utils-keys
+ 22
1
View file @ 7331600e
......@@ -26,6 +26,27 @@
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
function import_gpg_from_master_keydrive {
USB_DRIVE=/dev/sdb1
USB_MOUNT=/mnt/usb
backup_device=$(detect_connected_drives)
if [ ! "$backup_device" ]; then
exit 357832
fi
if [[ "$backup_device" != 'sd'* ]]; then
exit 463636
fi
read_config_param MY_USERNAME
backup_mount_drive "$backup_device"
if [ -d "$USB_MOUNT/.gnupg" ]; then
# shellcheck disable=SC2086
cp -rf $USB_MOUNT/.gnupg /home/$MY_USERNAME/
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.gnupg"
cp -rf $USB_MOUNT/.gnupg /root/
fi
backup_unmount_drive $USB_DRIVE $USB_MOUNT
}
function interactive_gpg_from_usb {
dialog --title $"Recover Encryption Keys" \
--msgbox $'Plug in a USB keydrive containing a copy of your full key or key fragment' 6 70
......@@ -117,7 +138,7 @@ function interactive_gpg_from_usb {
if [ -d "$HOME_DIR/.gnupg_old" ]; then
rm -rf "$HOME_DIR/.gnupg_old"
fi
cp -r "$HOME_DIR/.gnupg $HOME_DIR/.gnupg_old"
cp -r "$HOME_DIR/.gnupg" "$HOME_DIR/.gnupg_old"
chmod 700 "$HOME_DIR/.gnupg_old"
chmod -R 600 "$HOME_DIR/.gnupg_old/"*
chown -R "$MY_USERNAME":"$MY_USERNAME" "$HOME_DIR/.gnupg_old"
......
webadmin/EN/backup_keys_complete.html 0 → 100644
+ 74
0
View file @ 7331600e
<!DOCTYPE html>
<html>
<head>
<style>
#headerpic {
width: 60%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 220px;
}
.header {
text-align: center;
padding: 32px;
}
#iconpic {
width: 20%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 120px;
}
.appurl {
color: grey;
font-size: 100%;
}
.appdesc {
color: black;
font-size: 65%;
}
button {
border: none;
outline: 0;
display: inline-block;
padding: 8px;
color: white;
background-color: #000;
text-align: center;
cursor: pointer;
width: 100%;
font-size: 18px;
}
a {
text-decoration: none;
color: black;
}
button:hover, a:hover {
opacity: 0.7;
}
</style>
</head>
<body>
<div class="header">
<a href="backup.html"><img id="headerpic" class="img-responsive" src="images/logo.png"></a>
<h3>Backup of keys is complete</h3>
<h4>You may now remove the USB drive</h4>
<form action="backup.html">
<input type="submit" value="Go Back" />
</form>
</div>
</body>
</html>
webadmin/EN/backup_keys_failed.html 0 → 100644
+ 76
0
View file @ 7331600e
<!DOCTYPE html>
<html>
<head>
<style>
#headerpic {
width: 60%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 220px;
}
.header {
text-align: center;
padding: 32px;
}
#iconpic {
width: 20%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 120px;
}
.appurl {
color: grey;
font-size: 100%;
}
.appdesc {
color: black;
font-size: 65%;
}
button {
border: none;
outline: 0;
display: inline-block;
padding: 8px;
color: white;
background-color: #000;
text-align: center;
cursor: pointer;
width: 100%;
font-size: 18px;
}
a {
text-decoration: none;
color: black;
}
button:hover, a:hover {
opacity: 0.7;
}
</style>
</head>
<body>
<div class="header">
<a href="backup.html"><img id="headerpic" class="img-responsive" src="images/logo.png"></a>
<h3>Backup of keys failed</h3>
<p>For details see the <a href="backup.txt">diagnostics</a></p>
<h4>You may now remove the USB drive</h4>
<form action="backup.html">
<input type="submit" value="Go Back" />
</form>
</div>
</body>
</html>
webadmin/EN/restore_keys_complete.html 0 → 100644
+ 74
0
View file @ 7331600e
<!DOCTYPE html>
<html>
<head>
<style>
#headerpic {
width: 60%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 220px;
}
.header {
text-align: center;
padding: 32px;
}
#iconpic {
width: 20%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 120px;
}
.appurl {
color: grey;
font-size: 100%;
}
.appdesc {
color: black;
font-size: 65%;
}
button {
border: none;
outline: 0;
display: inline-block;
padding: 8px;
color: white;
background-color: #000;
text-align: center;
cursor: pointer;
width: 100%;
font-size: 18px;
}
a {
text-decoration: none;
color: black;
}
button:hover, a:hover {
opacity: 0.7;
}
</style>
</head>
<body>
<div class="header">
<a href="backup.html"><img id="headerpic" class="img-responsive" src="images/logo.png"></a>
<h3>Restore of keys is complete</h3>
<h4>You may now remove the USB drive</h4>
<form action="backup.html">
<input type="submit" value="Go Back" />
</form>
</div>
</body>
</html>
webadmin/EN/restore_keys_failed.html 0 → 100644
+ 76
0
View file @ 7331600e
<!DOCTYPE html>
<html>
<head>
<style>
#headerpic {
width: 60%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 220px;
}
.header {
text-align: center;
padding: 32px;
}
#iconpic {
width: 20%;
height: auto;
margin-right : auto;
margin-left : auto;
min-width : 120px;
}
.appurl {
color: grey;
font-size: 100%;
}
.appdesc {
color: black;
font-size: 65%;
}
button {
border: none;
outline: 0;
display: inline-block;
padding: 8px;
color: white;
background-color: #000;
text-align: center;
cursor: pointer;
width: 100%;
font-size: 18px;
}
a {
text-decoration: none;
color: black;
}
button:hover, a:hover {
opacity: 0.7;
}
</style>
</head>
<body>
<div class="header">
<a href="backup.html"><img id="headerpic" class="img-responsive" src="images/logo.png"></a>
<h3>Restore of keys failed</h3>
<p>For details see the <a href="restore.txt">diagnostics</a></p>
<h4>You may now remove the USB drive</h4>
<form action="backup.html">
<input type="submit" value="Go Back" />
</form>
</div>
</body>
</html>
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment