Merge pull request 'USB device backup removed from easyinstall folder' (#39) from dragondaddy/streams:easyinstall into dev

Reviewed-on: https://codeberg.org/streams/streams/pulls/39

contrib/easyinstall/README.md

@@ -18,7 +18,6 @@ Before you start, make sure you have the following:
 + Create a database for your website
 + Run certbot to have a secure connection (http*s*)
 + Create a script for daily maintenance:
-  - backup to external disk (certificates, database, /var/www/) - Optional
   - renew certfificate (Let’s Encrypt)
   - update of your website software (git)
   - update of your Debian operating system
@@ -40,12 +39,6 @@ If you plan to run your website on a computer at home, you may have to deal with
 
 - selfHOST.de is a german (and german speaking only) registrar. If you have an account and buy a domain there, you will need to provide an ID & password to use the setup script’s DDNS configuration.
 
-### USB drive backup
-
-As of April 2022, this is the only automated backup system you can configure with the setup-script. It is only accessible if you use the manually edited config file method (hopefully it should soon be available in the beginner-friendly interface).
-
-This only works if you have physical access to the machine where your website is running, you can not use this backup system with a distant computer/server. A solution for distant backups would certainly be a good idea, feel free to work on this if you have the skills to do so.
-
 ### Note on Rasperry Pi install
 
 It is recommended to run the Raspi without graphical frontend. Use the following command to boot the Raspi in console mode only:

contrib/easyinstall/server-config.txt.template

@@ -71,63 +71,6 @@ ddns_id=
 ddns_password=
 
 
-###############################################
-### OPTIONAL - Backup to external device ######
-#
-# The script can use an external device for the daily backup.
-# The file system of the device (USB stick for example) must be compatible with
-#
-# - encrypted LUKS + ext4, or
-# - ext4
-#
-# You should test to mount the device before you run the script
-# (server-setup.sh).
-# How to find your (pluged-in) devices?
-#
-#     fdisk -l
-#
-# Provided your device was listed as is /dev/sdb1. You could check with:
-#
-#     blkid | grep /dev/sdb1
-#
-# Try to decrypt
-# (You might install cryptsetup befor using apt-get install.
-#
-#     apt-get install cryptsetup
-#     cryptsetup luksOpen /dev/sdb1 cryptobackup
-#
-# Try to mount
-# You might create the directory /media/hubzilla_backup it it does not exist
-# using mkdir.
-#
-#     mkdir /media/hubzilla_backup
-#     mount /dev/mapper/cryptobackup /media/hubzilla_backup
-# 
-# Unmounting device goes like this
-# 
-#     umount /media/hubzilla_backup
-#     cryptsetup luksClose cryptobackup
-#
-# To check if still mounted
-#
-#     lsof /media/hubzilla_backup
-#
-# If you leave the following parameters
-#
-# - "backup_device_name" and
-# - "backup_device_pass"
-#
-# empty the script will create daily backups on the internal disk (which could
-# save you as well).
-#
-#   Example: backup_device_name=/dev/sdc1
-#
-# Leave "backup_device_pass=" empty if the external device is not encrypted.
-#
-backup_device_name=
-backup_device_pass=
-
-
 ###############################################
 ### OPTIONAL - do not mess with things below ##
 #              (...if you are not certain)

contrib/easyinstall/server-setup.sh

@@ -34,7 +34,6 @@
 #        * "Run.php" for regular background processes of your website
 #        * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date
 #        * optionally run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org
-#        * optionally backup your server's database and files (rsync)
 # - run letsencrypt to create, register and use a certifacte for https
 #
 #
@@ -45,25 +44,6 @@
 # - The script runs into installation errors for phpmyadmin if it uses
 #   different passwords. For the sake of simplicity one single password.
 #
-# Daily backup
-# ------------
-#
-# The installation
-# - writes a shell script in /var/www/
-# - creates a daily cron that runs this script
-#
-# The script makes a (daily) backup of all relevant files
-# - /var/lib/mysql/ > database
-# - /var/www/ > your websites
-# - /etc/letsencrypt/ > certificates
-#
-# The backup will be written on an external disk compatible to LUKS+ext4 (see server-config.txt)
-#
-# How to restore from backup
-# --------------------------
-#
-# (Some explanations here would certainly be useful)
-#
 #
 # Credits
 # -------
@@ -108,47 +88,6 @@ function check_config {
     then
         die "le_domain not set in $configfile"
     fi
-    # backup is important and should be checked
-	if [ -n "$backup_device_name" ]
-	then
-		if [ ! -d "$backup_mount_point" ]
-		then
-			mkdir "$backup_mount_point"
-		fi
-		device_mounted=0
-		if fdisk -l | grep -i "$backup_device_name.*linux"
-		then
-		    print_info "ok - filesystem of external device is linux"
-	        if [ -n "$backup_device_pass" ]
-	        then
-	            echo "$backup_device_pass" | cryptsetup luksOpen $backup_device_name cryptobackup
-	            if mount /dev/mapper/cryptobackup /media/server_backup
-	            then
-                    device_mounted=1
-	                print_info "ok - could encrypt and mount external backup device"
-                	umount /media/server_backup
-	            else
-            		print_warn "backup to external device will fail because encryption failed"
-	            fi
-                cryptsetup luksClose cryptobackup
-            else
-	            if mount $backup_device_name /media/server_backup
-	            then
-                    device_mounted=1
-	                print_info "ok - could mount external backup device"
-                	umount /media/server_backup
-	            else
-            		print_warn "backup to external device will fail because mount failed"
-	            fi
-            fi
-		else
-        	print_warn "backup to external device will fail because filesystem is either not linux or 'backup_device_name' is not correct in $configfile"
-		fi
-        if [ $device_mounted == 0 ]
-        then
-            die "backup device not ready"
-        fi
-	fi
 }
 
 function die {
@@ -560,16 +499,6 @@ function install_website {
     print_info "installed addons"
 }
 
-function install_rsync {
-    print_info "installing rsync..."
-    nocheck_install "rsync"
-}
-
-function install_cryptosetup {
-    print_info "installing cryptsetup..."
-    nocheck_install "cryptsetup"
-}
-
 function configure_daily_update {
     echo "#!/bin/sh" >> /var/www/$daily_update
     echo "#" >> /var/www/$daily_update
@@ -596,7 +525,6 @@ function configure_cron_daily {
     # Run external script daily at 05:30
     # - stop apache/nginx and mysql-server
     # - renew the certificate of letsencrypt
-    # - backup db, files ($install_path), certificates if letsencrypt
     # - update repository core and addon
     # - update and upgrade linux
     # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system
@@ -618,59 +546,6 @@ function configure_cron_daily {
     echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$cron_job
     echo "certbot renew --noninteractive" >> /var/www/$cron_job
     echo "#" >> /var/www/$cron_job
-    echo "# backup" >> /var/www/$cron_job
-    echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$cron_job
-    echo "backup_device_name=$backup_device_name" >> /var/www/$cron_job
-    echo "backup_device_pass=$backup_device_pass" >> /var/www/$cron_job
-    echo "backup_mount_point=$backup_mount_point" >> /var/www/$cron_job
-    echo "device_mounted=0" >> /var/www/$cron_job
-    echo "if [ -n \"\$backup_device_name\" ]" >> /var/www/$cron_job
-    echo "then" >> /var/www/$cron_job
-    echo "    if blkid | grep $backup_device_name" >> /var/www/$cron_job
-    echo "    then" >> /var/www/$cron_job
-    if [ -n "$backup_device_pass" ]
-    then
-        echo "        echo \"decrypting backup device...\"" >> /var/www/$cron_job
-        echo "        echo "\"$backup_device_pass\"" | cryptsetup luksOpen $backup_device_name cryptobackup" >> /var/www/$cron_job
-    fi
-    echo "        if [ ! -d $backup_mount_point ]" >> /var/www/$cron_job
-    echo "        then" >> /var/www/$cron_job
-    echo "            mkdir $backup_mount_point" >> /var/www/$cron_job
-    echo "        fi" >> /var/www/$cron_job
-    echo "        echo \"mounting backup device...\"" >> /var/www/$cron_job
-    if [ -n "$backup_device_pass" ]
-    then
-        echo "        if mount /dev/mapper/cryptobackup $backup_mount_point" >> /var/www/$cron_job
-    else
-        echo "        if mount $backup_device_name $backup_mount_point" >> /var/www/$cron_job
-    fi
-    echo "        then" >> /var/www/$cron_job
-    echo "            device_mounted=1" >> /var/www/$cron_job
-    echo "            echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$cron_job
-    echo "            rsync -a --delete /var/lib/mysql/ /media/repository_backup/mysql" >> /var/www/$cron_job
-    echo "            rsync -a --delete /var/www/ /media/repository_backup/www" >> /var/www/$cron_job
-    echo "            rsync -a --delete /etc/letsencrypt/ /media/repository_backup/letsencrypt" >> /var/www/$cron_job
-    echo "            echo \"\$(date) - disk sizes...\"" >> /var/www/$cron_job
-    echo "            df -h" >> /var/www/$cron_job
-    echo "            echo \"\$(date) - db size...\"" >> /var/www/$cron_job
-    echo "            du -h $backup_mount_point | grep mysql/repository" >> /var/www/$cron_job
-    echo "            echo \"unmounting backup device...\"" >> /var/www/$cron_job
-    echo "            umount $backup_mount_point" >> /var/www/$cron_job
-    echo "        else" >> /var/www/$cron_job
-    echo "            echo \"failed to mount device $backup_device_name\"" >> /var/www/$cron_job
-    echo "        fi" >> /var/www/$cron_job
-    if [ -n "$backup_device_pass" ]
-    then
-        echo "        echo \"closing decrypted backup device...\"" >> /var/www/$cron_job
-        echo "        cryptsetup luksClose cryptobackup" >> /var/www/$cron_job
-    fi
-    echo "    fi" >> /var/www/$cron_job
-    echo "fi" >> /var/www/$cron_job
-    echo "if [ \$device_mounted == 0 ]" >> /var/www/$cron_job
-    echo "then" >> /var/www/$cron_job
-    echo "    echo \"device could not be mounted $backup_device_name. No backup written.\"" >> /var/www/$cron_job
-    echo "fi" >> /var/www/$cron_job
-    echo "#" >> /var/www/$cron_job
     echo "echo \"\$(date) - db size...\"" >> /var/www/$cron_job
     echo "du -h /var/lib/mysql/ | grep mysql/" >> /var/www/$cron_job
     echo "#" >> /var/www/$cron_job
@@ -678,7 +553,7 @@ function configure_cron_daily {
     echo "for f in *-daily.sh; do \"./\${f}\"; done" >> /var/www/$cron_job
     echo "echo \"\$(date) - updating linux...\"" >> /var/www/$cron_job
     echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$cron_job
-    echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$cron_job
+    echo "echo \"\$(date) - Update finished. Rebooting...\"" >> /var/www/$cron_job
     echo "#" >> /var/www/$cron_job
     echo "shutdown -r now" >> /var/www/$cron_job
 
@@ -727,7 +602,6 @@ selfhostdir=/etc/selfhost
 selfhostscript=selfhost-updater.sh
 cron_job="cron_job.sh"
 daily_update="${le_domain}-daily.sh"
-backup_mount_point="/media/repository_backup"
 
 #set -x    # activate debugging from here
 
@@ -808,9 +682,6 @@ if [[ "$le_domain" =~ $domain_regex ]]
 then
     install_letsencrypt
     check_https
-
-    install_cryptosetup
-    install_rsync
 else
     print_info "Local domain is used - skipped https configuration, and installation of cryptosetup"
 fi