202 lines
4.7 KiB
Bash
202 lines
4.7 KiB
Bash
|
#!/usr/bin/env bash
|
||
|
|
||
|
|
||
|
## ## ## ## ## ## ## ## ## ## ## ## ## ##
|
||
|
## ##
|
||
|
## restic-repos.sh ##
|
||
|
## ##
|
||
|
## Repository/user management script for ##
|
||
|
## Restic's REST server ##
|
||
|
## ##
|
||
|
## ## ## ## ## ## ## ## ## ## ## ## ## ##
|
||
|
|
||
|
|
||
|
# Information
|
||
|
NAME="rest-repos.sh"
|
||
|
DESCRIPTION="Repository/user management script for Restic's REST server"
|
||
|
VERSION="0.1.0"
|
||
|
AUTHOR="david@socialnerds.org"
|
||
|
LICENSE="MIT"
|
||
|
WEBSITE="https://git.socialnerds.org/david/scripts"
|
||
|
|
||
|
|
||
|
# Configuration
|
||
|
RR_DATA_PATH="/srv/backup/rest-server"
|
||
|
RR_NGINX_PATH="/etc/nginx/rest-server.conf.d"
|
||
|
RR_NGINX_TEMPLATE="$RR_NGINX_PATH/rest-server.conf.template"
|
||
|
RR_LOG_FILE="/var/log/rest-repos.log"
|
||
|
RR_HOST="backup.socialnerds.org"
|
||
|
RR_PROTOCOL="https"
|
||
|
|
||
|
|
||
|
# Initialization
|
||
|
RR_DEPS="htpasswd tr head systemctl find awk sed sort"
|
||
|
|
||
|
|
||
|
# Text formatting
|
||
|
CLEAR="\e[0m"
|
||
|
BOLD="\e[1m"
|
||
|
RED="\e[31m"
|
||
|
|
||
|
|
||
|
# Functions
|
||
|
function rr_output() {
|
||
|
# Print text/messages to screen
|
||
|
if [[ "$1" =~ ^\! ]]; then
|
||
|
printf "$RED%b$CLEAR\n" "${1#\!}"
|
||
|
else
|
||
|
if [[ "$RR_Q" -ne 1 ]]; then
|
||
|
printf "%b\n" "$1"
|
||
|
fi
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
function rr_help() {
|
||
|
# Print help information
|
||
|
rr_output "$DESCRIPTION\n\nUsage:\n$NAME <options> <repo>\n\nOptions:
|
||
|
-l, --list\t\tList repositories
|
||
|
-r, --remove\t\tRemove repository
|
||
|
-h, --help\t\tHelp screen
|
||
|
-v, --version\t\tVersion information
|
||
|
-q, --quiet\t\tNo output except errors"
|
||
|
exit 0
|
||
|
}
|
||
|
|
||
|
function rr_version() {
|
||
|
# Print version information
|
||
|
rr_output "Version: $BOLD$VERSION$CLEAR\nAuthor: $AUTHOR\nLicense: $LICENSE"
|
||
|
exit 0
|
||
|
}
|
||
|
|
||
|
function rr_passwd() {
|
||
|
# Generate random password
|
||
|
LC_ALL=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 16; echo
|
||
|
}
|
||
|
|
||
|
function rr_list() {
|
||
|
# List all existing repositories
|
||
|
for RR_REPO in $(find $RR_DATA_PATH -maxdepth 1 -mindepth 1 -type d -printf "%f\n" | sort); do
|
||
|
local RR_SIZE=$(du -s -h $RR_DATA_PATH/$RR_REPO | awk '{print $1}')
|
||
|
if [[ -f $RR_NGINX_PATH/$RR_REPO.conf && -f $RR_NGINX_PATH/$RR_REPO.htpasswd ]]; then
|
||
|
rr_output "$BOLD$RR_REPO$CLEAR[$RR_SIZE]"
|
||
|
else
|
||
|
local RR_DISABLED="$RR_DISABLED $RR_REPO[$RR_SIZE]"
|
||
|
fi
|
||
|
done
|
||
|
for RR_REPO in $RR_DISABLED; do
|
||
|
rr_output "$RR_REPO"
|
||
|
done
|
||
|
}
|
||
|
|
||
|
function rr_add() {
|
||
|
# Enable or create a repository
|
||
|
if [ -n "$1" ]; then
|
||
|
if [[ ! -d "$RR_DATA_PATH/$1" ]]; then
|
||
|
mkdir "$RR_DATA_PATH/$1"
|
||
|
chown rest-server:rest-server "$RR_DATA_PATH/$1"
|
||
|
chmod 700 "$RR_DATA_PATH/$1"
|
||
|
fi
|
||
|
if [[ ! -f "$RR_NGINX_PATH/$1.conf" && ! -f "$RR_NGINX_PATH/$1.htpasswd" ]]; then
|
||
|
sed "s/RR_REPO/$1/g" $RR_NGINX_TEMPLATE > "$RR_NGINX_PATH/$1.conf"
|
||
|
RR_PASSWD="$(rr_passwd)"
|
||
|
htpasswd -n -b "$1" "$RR_PASSWD" > "$RR_NGINX_PATH/$1.htpasswd"
|
||
|
rr_output "Repository has been added [$1]\nRepository URL:$BOLD rest:$RR_PROTOCOL://$1:$RR_PASSWD@$RR_HOST/$1/$CLEAR"
|
||
|
else
|
||
|
rr_output "!Repository does already exist and is enabled\nTry removing it first with -r or --remove"
|
||
|
exit 1
|
||
|
fi
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
function rr_remove() {
|
||
|
# Remove a repository
|
||
|
if [[ -n "$1" ]]; then
|
||
|
rm $RR_NGINX_PATH/$1.conf &>/dev/null
|
||
|
rm $RR_NGINX_PATH/$1.htpasswd &>/dev/null
|
||
|
if [[ -d $RR_DATA_PATH/$1 ]]; then
|
||
|
rr_output "Repository has been removed [$1]\nThe data needs to be deleted manually [$RR_DATA_PATH/$1]"
|
||
|
else
|
||
|
rr_output "!Repository does not exist [$1]"
|
||
|
exit 1
|
||
|
fi
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
|
||
|
# Preflight
|
||
|
for RR_DEP in $RR_DEPS; do
|
||
|
if ! $(command -v $RR_DEP &>/dev/null); then
|
||
|
RR_MISS="$RR_MISS, $RR_DEP"
|
||
|
fi
|
||
|
done
|
||
|
if [[ -n $RR_MISS ]]; then
|
||
|
rr_output "!One or more missing dependencies [${RR_MISS#, }]\nTry installing them with your package manager"
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
#TODO: check if nginx path and data path exists and both are writeable
|
||
|
|
||
|
|
||
|
# Option handler
|
||
|
while [[ "$1" =~ ^- && ! "$1" == "--" ]]; do
|
||
|
case $1 in
|
||
|
-v|--version)
|
||
|
RR_V=1
|
||
|
;;
|
||
|
-h|--help)
|
||
|
RR_H=1
|
||
|
;;
|
||
|
-l|--list)
|
||
|
RR_L=1
|
||
|
;;
|
||
|
-r|--remove)
|
||
|
RR_R=1
|
||
|
;;
|
||
|
-q|--quiet)
|
||
|
RR_Q=1
|
||
|
;;
|
||
|
*)
|
||
|
rr_output "!Unknown option [$1]\nTry --help or -h for available options"
|
||
|
exit 1
|
||
|
;;
|
||
|
esac
|
||
|
shift
|
||
|
done
|
||
|
|
||
|
if [[ "$1" == '--' ]]; then
|
||
|
shift
|
||
|
fi
|
||
|
|
||
|
if [[ $RR_L -eq 1 ]]; then
|
||
|
rr_list
|
||
|
exit 0
|
||
|
elif [[ $RR_H -eq 1 ]]; then
|
||
|
rr_help
|
||
|
exit 0
|
||
|
elif [[ $RR_V -eq 1 ]]; then
|
||
|
rr_version
|
||
|
exit 0
|
||
|
fi
|
||
|
|
||
|
if [[ -z "$1" ]]; then
|
||
|
rr_list
|
||
|
exit 0
|
||
|
else
|
||
|
if [[ "$1" =~ ^[a-zA-Z0-9_-]{3,20}$ ]]; then
|
||
|
if [[ $RR_R -eq 1 ]]; then
|
||
|
rr_remove "$1"
|
||
|
else
|
||
|
rr_add "$1"
|
||
|
fi
|
||
|
# Reloading Nginx after config changes
|
||
|
systemctl reload nginx.service
|
||
|
else
|
||
|
rr_output "!Invalid repository name [$1]\nMust be an alphanumeric string between 3 and 20 characters"
|
||
|
exit 1
|
||
|
fi
|
||
|
fi
|
||
|
|
||
|
|
||
|
# Here be dragons
|
||
|
exit 0
|