fix backup/restore

This commit is contained in:
wh1te909 2020-10-18 23:45:21 +00:00
parent ad47cb6c61
commit 83b5409b1b
4 changed files with 45 additions and 18 deletions

View File

@ -131,7 +131,7 @@ During the install you can opt out of using the Let's Encrypt certificate. If yo
If you are migrating from Let's Encrypt to another certificate provider, you can create the /certs directory and copy your certificates there. It is recommended to do this because this directory will be backed up with the backup script provided. Then modify the nginx configurations to use your new certificates If you are migrating from Let's Encrypt to another certificate provider, you can create the /certs directory and copy your certificates there. It is recommended to do this because this directory will be backed up with the backup script provided. Then modify the nginx configurations to use your new certificates
The cert that is generated in a wildcard certificate and is used in the nginx configurations: rmm.conf, api.conf, and mesh.conf. If you can't generate wildcard certificates you can create a cert for each subdomain and configure each nginx configuration file to use it's own certificate. Then restart nginx: The cert that is generated is a wildcard certificate and is used in the nginx configurations: rmm.conf, api.conf, and mesh.conf. If you can't generate wildcard certificates you can create a cert for each subdomain and configure each nginx configuration file to use its own certificate. Then restart nginx:
``` ```
sudo systemctl restart nginx sudo systemctl restart nginx

View File

@ -1,21 +1,41 @@
#!/bin/bash #!/bin/bash
SCRIPT_VERSION="1"
SCRIPT_URL='https://raw.githubusercontent.com/wh1te909/tacticalrmm/develop/backup.sh'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m'
TMP_FILE=$(mktemp -p "" "rmmbackup_XXXXXXXXXX")
curl -s -L "${SCRIPT_URL}" > ${TMP_FILE}
NEW_VER=$(grep "^SCRIPT_VERSION" "$TMP_FILE" | awk -F'[="]' '{print $3}')
if [ "${SCRIPT_VERSION}" -ne "${NEW_VER}" ]; then
printf >&2 "${YELLOW}A newer version of this backup script is available.${NC}\n"
printf >&2 "${YELLOW}Please download the latest version from ${GREEN}${SCRIPT_URL}${YELLOW} and re-run.${NC}\n"
rm -f $TMP_FILE
exit 1
fi
if [ $EUID -eq 0 ]; then if [ $EUID -eq 0 ]; then
echo -ne "\033[0;31mDo NOT run this script as root. Exiting.\e[0m\n" echo -ne "\033[0;31mDo NOT run this script as root. Exiting.\e[0m\n"
exit 1 exit 1
fi fi
GREEN='\033[0;32m' #####################################################
NC='\033[0m'
POSTGRES_USER="changeme"
POSTGRES_PW="hunter2"
#####################################################
if [ ! -d /rmmbackups ]; then if [ ! -d /rmmbackups ]; then
sudo mkdir /rmmbackups sudo mkdir /rmmbackups
sudo chown ${USER}:${USER} /rmmbackups sudo chown ${USER}:${USER} /rmmbackups
fi fi
POSTGRES_USER="changeme"
POSTGRES_PW="hunter2"
dt_now=$(date '+%Y_%m_%d__%H_%M_%S') dt_now=$(date '+%Y_%m_%d__%H_%M_%S')
tmp_dir=$(mktemp -d -t tacticalrmm-XXXXXXXXXXXXXXXXXXXXX) tmp_dir=$(mktemp -d -t tacticalrmm-XXXXXXXXXXXXXXXXXXXXX)
sysd="/etc/systemd/system" sysd="/etc/systemd/system"
@ -38,8 +58,12 @@ mongodump --gzip --out=${tmp_dir}/meshcentral/mongo
sudo tar -czvf ${tmp_dir}/salt/etc-salt.tar.gz -C /etc/salt . sudo tar -czvf ${tmp_dir}/salt/etc-salt.tar.gz -C /etc/salt .
tar -czvf ${tmp_dir}/salt/srv-salt.tar.gz -C /srv/salt . tar -czvf ${tmp_dir}/salt/srv-salt.tar.gz -C /srv/salt .
sudo tar -czvf ${tmp_dir}/certs/etc-letsencrypt.tar.gz -C /etc/letsencrypt . if [ -d "/certs" ]; then
sudo tar -czvf ${tmp_dir}/certs/certs.tar.gz -C /certs . sudo tar -czvf ${tmp_dir}/certs/certs.tar.gz -C /certs .
else
sudo tar -czvf ${tmp_dir}/certs/etc-letsencrypt.tar.gz -C /etc/letsencrypt .
fi
sudo tar -czvf ${tmp_dir}/nginx/etc-nginx.tar.gz -C /etc/nginx . sudo tar -czvf ${tmp_dir}/nginx/etc-nginx.tar.gz -C /etc/nginx .

View File

@ -139,8 +139,6 @@ sudo apt install -y software-properties-common
sudo apt update sudo apt update
sudo apt install -y certbot openssl sudo apt install -y certbot openssl
sudo mkdir /certs
until [[ $LETS_ENCRYPT =~ (y|n) ]]; do until [[ $LETS_ENCRYPT =~ (y|n) ]]; do
echo -ne "${YELLOW}Do you want to generate a Let's Encrypt certificate?[y,n]${NC}: " echo -ne "${YELLOW}Do you want to generate a Let's Encrypt certificate?[y,n]${NC}: "
read LETS_ENCRYPT read LETS_ENCRYPT
@ -163,7 +161,7 @@ else
echo -ne "\n${GREEN}We will generate a self-signed certificate for you.${NC}\n" echo -ne "\n${GREEN}We will generate a self-signed certificate for you.${NC}\n"
echo -ne "\n${GREEN}You can replace this certificate later by generating the certificates and editing the nginx configuration${NC}\n" echo -ne "\n${GREEN}You can replace this certificate later by generating the certificates and editing the nginx configuration${NC}\n"
read -n 1 -s -r -p "Press any key to continue..." read -n 1 -s -r -p "Press any key to continue..."
sudo mkdir /certs/${rootdomain} sudo mkdir -p /certs/${rootdomain}
sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out /certs/${rootdomain}/pubkey.pem -keyout /certs/${rootdomain}/privkey.pem -subj "/C=US/ST=Some-State/L=city/O=Internet Widgits Pty Ltd/CN=*.${rootdomain}" sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out /certs/${rootdomain}/pubkey.pem -keyout /certs/${rootdomain}/privkey.pem -subj "/C=US/ST=Some-State/L=city/O=Internet Widgits Pty Ltd/CN=*.${rootdomain}"
CERT_PRIV_KEY=/certs/${rootdomain}/privkey.pem CERT_PRIV_KEY=/certs/${rootdomain}/privkey.pem

View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
SCRIPT_VERSION="1" SCRIPT_VERSION="2"
SCRIPT_URL='https://raw.githubusercontent.com/wh1te909/tacticalrmm/develop/restore.sh' SCRIPT_URL='https://raw.githubusercontent.com/wh1te909/tacticalrmm/develop/restore.sh'
GREEN='\033[0;32m' GREEN='\033[0;32m'
@ -118,12 +118,17 @@ fi
print_green 'Restoring certbot' print_green 'Restoring certbot'
sudo apt install -y software-properties-common sudo apt install -y software-properties-common
sudo apt install -y certbot sudo apt install -y certbot openssl
sudo rm -rf /etc/letsencrypt
sudo mkdir /etc/letsencrypt if [ -f "${tmp_dir}/certs/certs.tar.gz" ]; then
sudo tar -xzf $tmp_dir/certs/etc-letsencrypt.tar.gz -C /etc/letsencrypt sudo mkdir /certs
sudo mkdir /certs sudo tar -xzf $tmp_dir/certs/certs.tar.gz -C /certs
sudo tar -xzf $tmp_dir/certs/certs.tar.gz -C /certs else
sudo rm -rf /etc/letsencrypt
sudo mkdir /etc/letsencrypt
sudo tar -xzf $tmp_dir/certs/etc-letsencrypt.tar.gz -C /etc/letsencrypt
fi
print_green 'Restoring celery configs' print_green 'Restoring celery configs'