From 04bfe9d71a4f66031a58ec51c1804edb841d5eb3 Mon Sep 17 00:00:00 2001 From: bugspencor Date: Tue, 5 Dec 2023 12:05:18 +0100 Subject: [PATCH 1/4] backup file should only be readable by owner Backup includes private key and passwords, so the archive should only be readable by the owner. --- backup.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/backup.sh b/backup.sh index 315ae55..a801312 100644 --- a/backup.sh +++ b/backup.sh @@ -61,6 +61,7 @@ cp /etc/passbolt/gpg/serverkey.asc $backup_dir_date/. echo "Creating archive of $backup_dir_date" echo "+------------------------------------------------------------------------------------------+" tar -czvf $backup_dir_date.tar.gz -C $backup_dir_date . +chmod 0600 $backup_dir_date.tar.gz echo "+------------------------------------------------------------------------------------------+" echo "Cleaning up $backup_dir" echo "+------------------------------------------------------------------------------------------+" From eb532b85200d68aafcdf0ecc567dab884217da02 Mon Sep 17 00:00:00 2001 From: itvexesme <1412213+itvexesme@users.noreply.github.com> Date: Sun, 31 Mar 2024 10:06:49 +0400 Subject: [PATCH 2/4] Added exit code 1 for cases when script failed to create backup --- backup.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup.sh b/backup.sh index a801312..126b56e 100644 --- a/backup.sh +++ b/backup.sh @@ -9,7 +9,7 @@ then echo "| mysqldump is required to run this script |" echo "| Try installing either mysql-server or mariadb-server to correct this |" echo "+------------------------------------------------------------------------------------------+" - exit + exit 1 fi # Set this to the location you'd like backups placed, be sure to leave off the trailing / backup_dir="/tmp" @@ -38,7 +38,7 @@ else echo "| You don't have the webserver_user set in the backup.sh file |" echo "| Please correct this and then re-run this script |" echo "+------------------------------------------------------------------------------------------+" - exit + exit 1 fi echo "+------------------------------------------------------------------------------------------+" echo "Docker not detected" From 1206c9de79ab4cb4be6b16476f4aacd5711f2adb Mon Sep 17 00:00:00 2001 From: itvexesme <1412213+itvexesme@users.noreply.github.com> Date: Sun, 31 Mar 2024 10:36:33 +0400 Subject: [PATCH 3/4] Export backup_file var for runing ouside purposes --- backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backup.sh b/backup.sh index a801312..7980242 100644 --- a/backup.sh +++ b/backup.sh @@ -15,7 +15,7 @@ fi backup_dir="/tmp" # If you want to change how the date is displayed edit this line backup_dir_date=$backup_dir/backup-$(date +"%Y-%m-%d--%H-%M-%S") -backup_file=$backup_dir/backup-$(date +"%Y-%m-%d--%H-%M-%S").tar.gz +export backup_file=$backup_dir/backup-$(date +"%Y-%m-%d--%H-%M-%S").tar.gz if [ -f /.dockerenv ] From 10c6504618fb6c733242e796824a55231b3faf44 Mon Sep 17 00:00:00 2001 From: Antony Bartolomucci Date: Fri, 17 May 2024 11:11:36 +0200 Subject: [PATCH 4/4] PB-33213 - Update the backup script to support the new database export implementation due to mariadb deprecation --- README.md | 2 +- backup.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index ae3bff4..a010808 100644 --- a/README.md +++ b/README.md @@ -2,4 +2,4 @@ This repository is meant to hold various scripts that passbolt users might find useful. ## backup.sh -This script takes a database dump, copies the server GPG keys, and then `tar`s them in a designated location so that it is easier to implement a good backup plan. This backup script requires the ability to run mysqldump on the host you are running it on. This means that for Docker installs you'll need to install mariadb-server. Additionally the user you run this as will need the correct permissions to access the `/etc/passbolt` directory and wherever you select as the backup directory(currently set to `/tmp`). \ No newline at end of file +This script takes a database dump, copies the server GPG keys, and then `tar`s them in a designated location so that it is easier to implement a good backup plan. This backup script requires the ability to run mysqldump or mariadb-dump if you are running MariaDB > 10.4.6, on the host you are running it on. This means that for Docker installs you'll need to install mariadb-server. Additionally the user you run this as will need the correct permissions to access the `/etc/passbolt` directory and wherever you select as the backup directory(currently set to `/tmp`). \ No newline at end of file diff --git a/backup.sh b/backup.sh index 2ad5a74..8270722 100644 --- a/backup.sh +++ b/backup.sh @@ -26,7 +26,7 @@ then su -s /bin/bash -c "mkdir $backup_dir_date" www-data echo "Taking database backup and storing in $backup_dir_date" - su -s /bin/bash -c "./bin/cake passbolt mysql_export --dir $backup_dir_date" www-data + su -s /bin/bash -c "./bin/cake passbolt sql_export --dir $backup_dir_date" www-data echo "+------------------------------------------------------------------------------------------+" echo "Copying /etc/environment to $backup_dir_date" echo "+------------------------------------------------------------------------------------------+" @@ -46,7 +46,7 @@ else su -s /bin/bash -c "mkdir $backup_dir_date" $webserver_user echo "Taking database backup and storing in $backup_dir_date" echo "+------------------------------------------------------------------------------------------+" - su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt mysql_export --dir $backup_dir_date" $webserver_user + su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt sql_export --dir $backup_dir_date" $webserver_user echo "+------------------------------------------------------------------------------------------+" echo "Copying /etc/passbolt/passbolt.php to $backup_dir_date" echo "+------------------------------------------------------------------------------------------+"