From b9eab3658523cd1882acfd6f07a9d3be22af6837 Mon Sep 17 00:00:00 2001 From: gyurix Date: Mon, 21 Jul 2025 14:00:56 +0200 Subject: [PATCH] Implement backup service management and network scanning functionality in entrypoint and backup challenge scripts --- scripts/scheduler/backup_challenge_clients.sh | 89 ++++++++++ scripts/scheduler/entrypoint.sh | 152 ++++++++++++++++++ 2 files changed, 241 insertions(+) create mode 100644 scripts/scheduler/backup_challenge_clients.sh diff --git a/scripts/scheduler/backup_challenge_clients.sh b/scripts/scheduler/backup_challenge_clients.sh new file mode 100644 index 0000000..4bcbfd0 --- /dev/null +++ b/scripts/scheduler/backup_challenge_clients.sh @@ -0,0 +1,89 @@ +# Get MY IP + +# Get VPN network if exists + +# Define port + +# Define local IP range + +# Define VPN IP range + +# Store results + + +scan_network(){ + MyIP=$(ifconfig ${Interface}|grep inet |awk '{ print $2 }'); + TargetIP=$(echo $MyIP|cut -d . -f1-3); + X=0 + OpenIP="" + for i in $(seq 1 255); do + nc -w 1 -z $TargetIP.$i 60022; + if [ $? -eq 0 ] + then + if [ $MyIP != $TargetIP.$i ] + then + if [ $X = 1 ] + then + # tobb nyitott IP + echo "Found more than one IP addresses" + echo "MAILKULDES" + echo "">OpenIP.txt; + # TODO mailkuldes ahova kell + exit 1; + else + OpenIP=$TargetIP.$i; + fi + X=1; + fi + fi + done + if [ $X = 1 ] + then + echo $OpenIP>OpenIP.txt; + echo "start LVM SYNC"; + echo "OpenIP mukodik = "$OpenIP; + lvm_sync_create $OpenIP; + else + echo "No available local IP address found!" + try_target_VPN; + fi + + +} + +try_target_IP(){ + MyIP=$(ifconfig ${Interface}|grep inet |awk '{ print $2 }'); + nc -w 1 -z $OpenIP 60022; + if [ $? -eq 0 ] + then + if [ $MyIP = $OpenIP ] + then + echo "Only own IP address found = "$OpenIP + scan_network; + fi + else + scan_network; + fi +} + +try_target_VPN(){ + nc -w 1 -z $VPN 60022; + if [ $? -eq 0 ] + then + for i in {0..99}; do + MyVPN=$(ifconfig tun$i 2>/dev/null |grep inet |awk '{ print $2 }'); + echo "My VPN="$MyVPN; + echo "Found VPN="$VPN; + if [ $VPN != $MyVPN ] + then + echo "VPN accessible="$VPN; + lvm_sync_create $VPN; + else + echo "Only own VPN accessible="$VPN; + exit 1; + fi + done + else + echo "No available server" + fi +} diff --git a/scripts/scheduler/entrypoint.sh b/scripts/scheduler/entrypoint.sh index e668b8f..5947114 100644 --- a/scripts/scheduler/entrypoint.sh +++ b/scripts/scheduler/entrypoint.sh @@ -100,6 +100,116 @@ if [ -d /etc/user/config/services ]; then done fi +backup_query_state() { + +} + +backup_set_service() { + +} + +backup_set_client() { + + NAME="$1" + SIZE="$2" + VPN="$3" + SSH_PORT="$4" + SSH_USER="$5" + SSH_PASSWORD="$6" + OPERATION="$7" + VPN_KEY="$8" + + if [ "$OPERATION" == "DELETE" ]; then + # delete service + if [ -f "/etc/user/config/services/service-backup-client-$NAME.json" ]; then + + debug "service-backup-client-$NAME.json stop force dns-remove" + $service_exec service-backup-client-$NAME.json stop force dns-remove + rm -f /etc/user/config/services/service-backup-client-$NAME.json + debug "Service backup client $NAME deleted." + + fi + + else + + if [ -z "$SSH_PORT" ] ; then + SSH_PORT=20022 + fi + + if [ "$VPN" == "true" ]; then + NETWORK=$NAME + PORT='"PORTS": [{"SOURCE":"null","DEST":"'$SSH_PORT'","TYPE":"tcp"}],' + else + NETWORK="host" + PORT='"PORTS": [{"SOURCE":"'$SSH_PORT'","DEST":"'$SSH_PORT'","TYPE":"tcp"}],' + fi + + ADDITIONAL="" + ADDITIONAL='"EXTRA": "--label logging=promtail_user --label logging_jobname=containers --restart=always", "PRE_START": [], "DEPEND": [], "CMD": ""' + ENVS='"ENVS": [{"SSH_USER":"'$SSH_USER'"},{"SSH_PORT":"'$SSH_PORT'"},{"SSH_PASSWORD":"'$SSH_PASSWORD'"},{"VPN_CLIENT_KEY":"'$VPN_KEY'"}],' + + echo '{ + "main": { + "SERVICE_NAME": "'$NAME'" + }, + "containers": [ + { + "IMAGE": "alpine:latest", + "NAME": "'$NAME'-init", + "UPDATE": "true", + "MEMORY": "64M", + "EXTRA": "--rm", + "VOLUMES":[ + { + "SOURCE": "USER_DATA", + "DEST": "/etc/user/data/", + "TYPE": "rw" + } + ], + "ENTRYPOINT": "sh -c", + "CMD": "mkdir -p /etc/user/data/backup/clients/'$NAME'/backup && /etc/user/data/backup/clients/'$NAME'/ssh", + "POST_START": [] + }, + { + "IMAGE": "safebox/backup-client:latest", + "NAME": "'$NAME'", + "UPDATE": "true", + "MEMORY": "64M", + "NETWORK": "'$NETWORK'", + '$ADDITIONAL', + '$ENVS' + '$PORT' + "VOLUMES":[ + { + "SOURCE": "/etc/user/data/backup/clients/'$NAME'/backup", + "DEST": "/backup", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/data/backup/clients/'$NAME'/ssh", + "DEST": "/home/'$SSH_USER'/", + "TYPE": "rw" + } + ], + "POST_START": [] + } + ] + }' | jq -r . >/etc/user/config/services/service-backup-client-$NAME.json + + debug "service-backup-client-$NAME.json stop force dns-remove" + $service_exec service-backup-client-$NAME.json start & + + fi + +} + +backup_challenge_clients() { +} + +restore_from_backup() { + +} + create_htpasswd_file() { local USER="$1" @@ -985,6 +1095,48 @@ execute_task() { RESULT=$(echo "$CONTAINERS" | base64 -w0) JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0) + elif [ "$TASK_NAME" == "backup" ]; then + + TASK_TYPE=$(echo $B64_JSON | base64 -d | jq -r '.TASK_TYPE)') + + if [ "$TASK_TYPE" == "backup_query_state" ]; then + echo "task type is backup_query_state" + + elif [ "$TASK_TYPE" == "backup_set_service" ]; then + echo "task type is backup_set_service" + + elif [ "$TASK_TYPE" == "backup_set_client" ]; then + + NAME="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_NAME')" + SIZE="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SIZE')" + VPN="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_VPN')" + SSH_PORT="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_PORT')" + SSH_USER="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_USER')" + SSH_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_PASSWORD')" + OPERATION="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_OPERATION')" + debug "task type is backup_set_client for $NAME" + debug " size: $SIZE" + debug " vpn: $VPN" + debug " ssh_port: $SSH_PORT" + debug " ssh_user: $SSH_USER" + debug " ssh_password: $SSH_PASSWORD" + debug " operation: $OPERATION" + + backup_set_client "$NAME" "$SIZE" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION" + + elif [ "$TASK_TYPE" == "backup_challenge_clients" ]; then + echo "task type is backup_challenge_clients" + + elif [ "$TASK_TYPE" == "restore_from_backup" ]; then + echo "task type is restore_from_backup" + + else + echo "Unknown task type: $TASK_TYPE" + fi + + RESULT=$(echo "$CONTAINERS" | base64 -w0) + JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0) + elif [ "$TASK_NAME" == "upgrade" ]; then JSON="$(echo $B64_JSON | base64 -d)" NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')