2020-07-24 01:23:58 +02:00
|
|
|
#!/bin/bash
|
2017-04-19 23:14:33 +02:00
|
|
|
set -e
|
|
|
|
|
2018-09-12 14:37:59 +02:00
|
|
|
BACKUPPC_UUID="${BACKUPPC_UUID:-1000}"
|
|
|
|
BACKUPPC_GUID="${BACKUPPC_GUID:-1000}"
|
2020-07-24 01:23:58 +02:00
|
|
|
BACKUPPC_USERNAME=$(getent passwd "$BACKUPPC_UUID" | cut -d: -f1)
|
|
|
|
BACKUPPC_GROUPNAME=$(getent group "$BACKUPPC_GUID" | cut -d: -f1)
|
2017-11-15 11:58:01 +01:00
|
|
|
|
2017-04-19 23:14:33 +02:00
|
|
|
if [ -f /firstrun ]; then
|
|
|
|
echo 'First run of the container. BackupPC will be installed.'
|
|
|
|
echo 'If exist, configuration and data will be reused and upgraded as needed.'
|
|
|
|
|
2018-10-09 17:21:42 +02:00
|
|
|
# Executable bzip2 seems to have been moved into /usr/bin in latest Alpine version. Fix that.
|
2020-07-24 01:23:58 +02:00
|
|
|
if [ ! -f /bin/bzip2 ]; then
|
|
|
|
ln -s /usr/bin/bzip2 /bin/bzip2
|
|
|
|
fi
|
2018-10-09 17:21:42 +02:00
|
|
|
|
2017-08-02 10:15:42 +02:00
|
|
|
# Configure timezone if needed
|
2017-09-02 18:45:26 +02:00
|
|
|
if [ -n "$TZ" ]; then
|
2017-08-02 10:15:42 +02:00
|
|
|
cp /usr/share/zoneinfo/$TZ /etc/localtime
|
|
|
|
fi
|
|
|
|
|
2017-11-15 11:24:53 +01:00
|
|
|
# Create backuppc user/group if needed
|
|
|
|
if [ -z "$BACKUPPC_GROUPNAME" ]; then
|
2018-09-12 14:37:59 +02:00
|
|
|
groupadd -r -g "$BACKUPPC_GUID" backuppc
|
2017-11-15 11:24:53 +01:00
|
|
|
BACKUPPC_GROUPNAME="backuppc"
|
|
|
|
fi
|
|
|
|
if [ -z "$BACKUPPC_USERNAME" ]; then
|
2018-09-12 14:37:59 +02:00
|
|
|
useradd -r -d /home/backuppc -g "$BACKUPPC_GUID" -u "$BACKUPPC_UUID" -M -N backuppc
|
2017-11-15 11:24:53 +01:00
|
|
|
BACKUPPC_USERNAME="backuppc"
|
|
|
|
else
|
|
|
|
usermod -d /home/backuppc "$BACKUPPC_USERNAME"
|
|
|
|
fi
|
|
|
|
chown "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" /home/backuppc
|
2017-04-19 23:14:33 +02:00
|
|
|
|
|
|
|
# Generate cryptographic key
|
|
|
|
if [ ! -f /home/backuppc/.ssh/id_rsa ]; then
|
2017-11-15 11:24:53 +01:00
|
|
|
su "$BACKUPPC_USERNAME" -s /bin/sh -c "ssh-keygen -t rsa -N '' -f /home/backuppc/.ssh/id_rsa"
|
2017-04-19 23:14:33 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Extract BackupPC
|
|
|
|
cd /root
|
2020-07-24 01:23:58 +02:00
|
|
|
tar xf "BackupPC-$BACKUPPC_VERSION.tar.gz"
|
|
|
|
cd "/root/BackupPC-$BACKUPPC_VERSION"
|
2017-04-19 23:14:33 +02:00
|
|
|
|
2023-10-30 16:46:57 +01:00
|
|
|
# Fix BackupPC code to make it run with Data::Dumper >= 2.182.
|
|
|
|
# TODO: Remove this patch once https://github.com/backuppc/backuppc/issues/466 has been merged in a new BackupPC release.
|
|
|
|
patch -p1 < /datadumper.patch && rm -f /datadumper.patch
|
|
|
|
|
2017-06-08 17:52:12 +02:00
|
|
|
# Configure WEB UI access
|
|
|
|
configure_admin=""
|
|
|
|
if [ ! -f /etc/backuppc/htpasswd ]; then
|
|
|
|
htpasswd -b -c /etc/backuppc/htpasswd "${BACKUPPC_WEB_USER:-backuppc}" "${BACKUPPC_WEB_PASSWD:-password}"
|
|
|
|
configure_admin="--config-override CgiAdminUsers='${BACKUPPC_WEB_USER:-backuppc}'"
|
2020-07-24 01:23:58 +02:00
|
|
|
elif [[ -n "$BACKUPPC_WEB_USER" && -n "$BACKUPPC_WEB_PASSWD" ]]; then
|
2017-06-08 17:52:12 +02:00
|
|
|
touch /etc/backuppc/htpasswd
|
|
|
|
htpasswd -b /etc/backuppc/htpasswd "${BACKUPPC_WEB_USER}" "${BACKUPPC_WEB_PASSWD}"
|
|
|
|
configure_admin="--config-override CgiAdminUsers='$BACKUPPC_WEB_USER'"
|
|
|
|
fi
|
|
|
|
|
2017-04-19 23:14:33 +02:00
|
|
|
# Install BackupPC (existing configuration will be reused and upgraded)
|
2017-04-22 20:17:38 +02:00
|
|
|
perl configure.pl \
|
2017-04-19 23:14:33 +02:00
|
|
|
--batch \
|
|
|
|
--config-dir /etc/backuppc \
|
|
|
|
--cgi-dir /var/www/cgi-bin/BackupPC \
|
|
|
|
--data-dir /data/backuppc \
|
2017-06-26 22:28:07 +02:00
|
|
|
--log-dir /data/backuppc/log \
|
2018-12-06 13:49:01 +01:00
|
|
|
--hostname "$HOSTNAME" \
|
2017-04-19 23:14:33 +02:00
|
|
|
--html-dir /var/www/html/BackupPC \
|
|
|
|
--html-dir-url /BackupPC \
|
2017-05-21 13:14:38 +02:00
|
|
|
--install-dir /usr/local/BackupPC \
|
2017-11-15 12:06:58 +01:00
|
|
|
--backuppc-user "$BACKUPPC_USERNAME" \
|
2017-06-08 17:52:12 +02:00
|
|
|
$configure_admin
|
2017-04-19 23:14:33 +02:00
|
|
|
|
|
|
|
# Prepare lighttpd
|
|
|
|
if [ "$USE_SSL" = true ]; then
|
2018-11-27 01:23:38 +01:00
|
|
|
# Do not generate a certificate if user already mapped the file with docker --volume
|
|
|
|
if [ ! -e /etc/lighttpd/server.pem ]; then
|
|
|
|
# Generate certificate file as needed
|
|
|
|
cd /etc/lighttpd
|
2019-03-10 20:58:06 +01:00
|
|
|
openssl genrsa -des3 -passout pass:1234 -out server.pass.key 2048
|
|
|
|
openssl rsa -passin pass:1234 -in server.pass.key -out server.key
|
2018-11-27 01:23:38 +01:00
|
|
|
openssl req -new -key server.key -out server.csr \
|
|
|
|
-subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=IT Department/CN=example.com"
|
|
|
|
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
|
|
|
|
cat server.key server.crt > server.pem
|
|
|
|
chown "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" server.pem
|
|
|
|
chmod 0600 server.pem
|
|
|
|
rm -f server.pass.key server.key server.csr server.crt
|
|
|
|
fi
|
2017-04-19 23:14:33 +02:00
|
|
|
# Reconfigure lighttpd to use ssl
|
|
|
|
echo "ssl.engine = \"enable\"" >> /etc/lighttpd/lighttpd.conf
|
|
|
|
echo "ssl.pemfile = \"/etc/lighttpd/server.pem\"" >> /etc/lighttpd/lighttpd.conf
|
2021-06-28 23:32:33 +02:00
|
|
|
sed -i -r '/^server\.modules/s# \)#, "mod_openssl" \)#' /etc/lighttpd/lighttpd.conf
|
2017-04-19 23:14:33 +02:00
|
|
|
fi
|
2020-04-12 13:15:31 +02:00
|
|
|
|
|
|
|
if [ "$AUTH_METHOD" == "ldap" ]; then
|
|
|
|
|
|
|
|
sed -i 's#LDAP_HOSTNAME#'"$LDAP_HOSTNAME"'#g' /etc/lighttpd/auth-ldap.conf
|
|
|
|
sed -i 's#LDAP_BASE_DN#'"$LDAP_BASE_DN"'#g' /etc/lighttpd/auth-ldap.conf
|
2021-08-05 00:10:58 +02:00
|
|
|
LDAP_FILTER=$(sed 's#&#\\&#g' <<< "$LDAP_FILTER")
|
2020-04-12 13:15:31 +02:00
|
|
|
sed -i 's#LDAP_FILTER#'"$LDAP_FILTER"'#g' /etc/lighttpd/auth-ldap.conf
|
|
|
|
sed -i 's#LDAP_BIND_DN#'"$LDAP_BIND_DN"'#g' /etc/lighttpd/auth-ldap.conf
|
|
|
|
sed -i 's#LDAP_BIND_PW#'"$LDAP_BIND_PW"'#g' /etc/lighttpd/auth-ldap.conf
|
|
|
|
sed -ie "s#^\$Conf{CgiAdminUsers}\s*=\s*'\w*'#\$Conf{CgiAdminUsers} = '$LDAP_BACKUPPC_ADMIN'#g" /etc/backuppc/config.pl
|
|
|
|
|
|
|
|
echo "include \"auth-ldap.conf\"" >> /etc/lighttpd/lighttpd.conf
|
|
|
|
else
|
|
|
|
echo "include \"auth.conf\"" >> /etc/lighttpd/lighttpd.conf
|
|
|
|
fi
|
|
|
|
|
2017-11-15 11:24:53 +01:00
|
|
|
touch /var/log/lighttpd/error.log && chown -R "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" /var/log/lighttpd
|
2017-04-19 23:14:33 +02:00
|
|
|
|
2017-04-21 23:57:14 +02:00
|
|
|
# Configure standard mail delivery parameters (may be overriden by backuppc user-wide config)
|
2020-11-06 14:40:29 +01:00
|
|
|
if [ ! -f /etc/msmtprc ]; then
|
|
|
|
echo "account default" > /etc/msmtprc
|
|
|
|
echo "logfile /var/log/msmtp.log" >> /etc/msmtprc
|
|
|
|
echo "host ${SMTP_HOST:-mail.example.org}" >> /etc/msmtprc
|
|
|
|
if [ "${SMTP_MAIL_DOMAIN:-}" != "" ]; then
|
|
|
|
echo "from %U@${SMTP_MAIL_DOMAIN}" >> /etc/msmtprc
|
|
|
|
fi
|
|
|
|
touch /var/log/msmtp.log
|
|
|
|
chown "${BACKUPPC_USERNAME}:${BACKUPPC_GROUPNAME}" /var/log/msmtp.log
|
2017-06-08 13:20:45 +02:00
|
|
|
fi
|
2017-04-21 23:57:14 +02:00
|
|
|
|
2017-04-19 23:14:33 +02:00
|
|
|
# Clean
|
Fix firstrun flag (#40)
Fixes #31
Credit to @tadr0 for spotting it[1]. Problem introduced when adding quotes here[2].
I tested this from my branch, and my container can now restart cleanly again:
```
2020-08-12 23:30:42,646 WARN received SIGTERM indicating exit request
2020-08-12 23:30:42,647 INFO waiting for backuppc, lighttpd, watchmails to die
2020-08-12 23:30:42,648 INFO stopped: watchmails (terminated by SIGTERM)
2020-08-12 23:30:42,650 INFO stopped: lighttpd (exit status 0)
2020-08-12 23:30:43,652 INFO stopped: backuppc (exit status 0)
2020-08-12 23:30:46,304 INFO Set uid to user 0 succeeded
2020-08-12 23:30:46,309 INFO RPC interface 'supervisor' initialized
2020-08-12 23:30:46,310 INFO supervisord started with pid 1
2020-08-12 23:30:47,314 INFO spawned: 'backuppc' with pid 13
2020-08-12 23:30:47,317 INFO spawned: 'lighttpd' with pid 14
2020-08-12 23:30:47,319 INFO spawned: 'watchmails' with pid 15
2020-08-12 23:30:48,426 INFO success: backuppc entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
```
[1] https://github.com/adferrand/docker-backuppc/issues/31#issuecomment-672891314
[2] https://github.com/adferrand/docker-backuppc/commit/95034418c1a378dc6a437aa969865016240457c6#diff-46bd948566ee03504c6421cadd8047faR119
2020-08-13 17:41:39 +02:00
|
|
|
rm -rf "/root/BackupPC-$BACKUPPC_VERSION.tar.gz" "/root/BackupPC-$BACKUPPC_VERSION" /firstrun
|
2017-04-19 23:14:33 +02:00
|
|
|
fi
|
|
|
|
|
2018-09-12 14:37:59 +02:00
|
|
|
export BACKUPPC_UUID
|
|
|
|
export BACKUPPC_GUID
|
2017-11-15 11:58:01 +01:00
|
|
|
export BACKUPPC_USERNAME
|
|
|
|
export BACKUPPC_GROUPNAME
|
|
|
|
|
2017-04-19 23:14:33 +02:00
|
|
|
# Exec given CMD in Dockerfile
|
2018-09-12 14:37:59 +02:00
|
|
|
cd /home/backuppc
|
2017-04-19 23:14:33 +02:00
|
|
|
exec "$@"
|