mirror of https://github.com/MISP/MISP
chg: [tools] Various changes to the misp-backup script to make it more stable. Still WIP.
parent
a5ec453f40
commit
6d11d6a3cb
|
@ -1,5 +1,5 @@
|
||||||
# Path to your MISP installation
|
# Path to your MISP installation
|
||||||
MISPPath=/var/www/MISP
|
PATH_TO_MISP=/var/www/MISP
|
||||||
|
|
||||||
# First part of output file name
|
# First part of output file name
|
||||||
# Name of output file for default would be e.g. MISP-Backup-20170601_215628.tar.gz
|
# Name of output file for default would be e.g. MISP-Backup-20170601_215628.tar.gz
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
#@IgnoreInspection BashAddShebang
|
#!/usr/bin/env bash
|
||||||
#!/bin/sh
|
|
||||||
## $Id: misp-backup.sh 07.04.2016 $
|
## $Id: misp-backup.sh 07.04.2016 $
|
||||||
##
|
##
|
||||||
## script to backup MISP on debian/ubuntu 18.04.1
|
## script to backup MISP on debian/ubuntu 18.04.2
|
||||||
##
|
##
|
||||||
## Authored by daverstephens@gmail.com
|
## Authored by daverstephens@gmail.com
|
||||||
## https://github.com/daverstephens/The-SOC-Shop
|
## https://github.com/daverstephens/The-SOC-Shop
|
||||||
|
@ -15,22 +14,31 @@
|
||||||
|
|
||||||
##
|
##
|
||||||
## This script can be used to backup a complete MISP
|
## This script can be used to backup a complete MISP
|
||||||
## DB and config to restore onto a freshly
|
## MySQL DB and config to restore onto a freshly
|
||||||
## built system. This is not intended as an upgrade script
|
## built system. This is not intended as an upgrade script
|
||||||
## to move between MISP versions - But it might work ;).
|
## to move between MISP versions - But it might work ;).
|
||||||
##
|
##
|
||||||
## Tested against MISP 2.4.101
|
## Tested against MISP 2.4.102
|
||||||
##
|
##
|
||||||
## Run the script as the standard user with the command below
|
## Run the script as the standard web user with the command below
|
||||||
##
|
##
|
||||||
## cp misp-backup.conf.sample misp-backup.conf
|
## cp misp-backup.conf.sample misp-backup.conf
|
||||||
## vi misp-backup.conf # adjust values
|
## vi misp-backup.conf # adjust values
|
||||||
## sudo sh -x misp-backup.sh 2>&1 | tee misp-backup.log
|
## sudo bash misp-backup.sh 2>&1 | tee misp-backup.log
|
||||||
##
|
##
|
||||||
## TODO: Target directory, rudimentary free space check: stat -f --format="%a" OutputDirName
|
## TODO: Target directory, rudimentary free space check: stat -f --format="%a" OutputDirName
|
||||||
## TODO: Make sure no directories are blank
|
## TODO: Make sure no directories are blank
|
||||||
|
## TODO: Review how much sense it makes to ask fo MySQL credentials when most of the script does auto detection anyway.
|
||||||
##
|
##
|
||||||
|
|
||||||
|
# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
|
||||||
|
DEBUG=
|
||||||
|
|
||||||
|
case "$-" in
|
||||||
|
*x*) NO_PROGRESS=1; DEBUG=1 ;;
|
||||||
|
*) NO_PROGRESS=0 ;;
|
||||||
|
esac
|
||||||
|
|
||||||
## Functions
|
## Functions
|
||||||
|
|
||||||
# Dynamic horizontal spacer
|
# Dynamic horizontal spacer
|
||||||
|
@ -48,89 +56,128 @@ space () {
|
||||||
|
|
||||||
# Make sure the target has enough free space
|
# Make sure the target has enough free space
|
||||||
checkDiskFree () {
|
checkDiskFree () {
|
||||||
|
if [[ ! -e $1 ]]; then
|
||||||
|
echo "$1 does not exist, creating"
|
||||||
|
mkdir -p $1
|
||||||
|
fi
|
||||||
threshhold=90
|
threshhold=90
|
||||||
free=$(df -l --sync --output=pcent $1 |tail -1|cut -f 1 -d% | tr -d \ )
|
free=$(df -l --sync --output=pcent $1 |tail -1|cut -f 1 -d% | tr -d \ )
|
||||||
if [ $free > $threshhold ]; then
|
if [[ "$free" > "$threshhold" ]]; then
|
||||||
|
space
|
||||||
echo "Your destination folder is $threshhold% full."
|
echo "Your destination folder is $threshhold% full."
|
||||||
|
space
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Check if variable is empty
|
||||||
|
checkVar () {
|
||||||
|
[[ -z $1 ]] && echo "$1 is empty, please investigate." && exit 1
|
||||||
|
}
|
||||||
|
|
||||||
## Time to set some variables
|
## Time to set some variables
|
||||||
##
|
##
|
||||||
|
|
||||||
FILE=./misp-backup.conf
|
FILE=./misp-backup.conf
|
||||||
|
|
||||||
|
# Extract base directory where this script is and cd into it
|
||||||
|
cd "${0%/*}"
|
||||||
|
|
||||||
|
# Set to the current webroot owner
|
||||||
|
WWW_USER=$(ls -l $0 |awk {'print $3'}|tail -1)
|
||||||
|
|
||||||
|
# In most cases the owner of the cake script is also the user as which it should be executed.
|
||||||
|
if [[ "$USER" != "$WWW_USER" ]]; then
|
||||||
|
echo "You run this script as $USER and the owner of the backup script is $WWW_USER. FYI."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if run as root
|
||||||
|
if [[ "$EUID" != "0" ]]; then
|
||||||
|
echo "Please run the backup script as root"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# Source configuration file
|
# Source configuration file
|
||||||
if [ -f $FILE ];
|
if [ -f $FILE ];
|
||||||
then
|
then
|
||||||
echo "File $FILE exists."
|
echo "File $(pwd)$FILE exists."
|
||||||
. $FILE
|
. $FILE
|
||||||
else
|
else
|
||||||
echo "Config File $FILE does not exist. Please enter values manually"
|
echo "Config File $FILE does not exist. Please enter values manually"
|
||||||
## MySQL stuff
|
space
|
||||||
echo 'Please enter your MySQL root account username'
|
echo -n 'Please enter your MySQL root account username: '
|
||||||
read MySQLRUser
|
read MySQLRUser
|
||||||
echo 'Please enter your MySQL root account password'
|
echo -n 'Please enter your MySQL root account password: '
|
||||||
read MySQLRPass
|
read MySQLRPass
|
||||||
echo 'What would you like to call the backup archive?'
|
echo -n 'Please enter a name for the backup archive (e.g MISPBackup): '
|
||||||
echo 'Eg. MISPBackup'
|
|
||||||
read OutputFileName
|
read OutputFileName
|
||||||
echo 'Where would you like to save the file?'
|
echo -n 'Please enter the destination for the archive (e.g /tmp): '
|
||||||
echo 'Eg. /tmp'
|
|
||||||
read OutputDirName
|
read OutputDirName
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
# Fill in any missing values with defaults
|
# Fill in any missing values with defaults
|
||||||
|
|
||||||
# MISP path
|
# MISP path detector
|
||||||
MISPPath=${MISPPath:-$(locate MISP/app/webroot/index.php|sed 's/\/app\/webroot\/index\.php//')}
|
if [[ -z $PATH_TO_MISP ]]; then
|
||||||
|
if [[ "$(locate > /dev/null 2> /dev/null ; echo $?)" != "127" ]]; then
|
||||||
|
if [[ "$(locate MISP/app/webroot/index.php |wc -l)" > 1 ]]; then
|
||||||
|
echo "We located more then 1 MISP/app/webroot, reverting to manual"
|
||||||
|
PATH_TO_MISP=${PATH_TO_MISP:-$(locate MISP/app/webroot/index.php|sed 's/\/app\/webroot\/index\.php//')}
|
||||||
|
echo -n 'Please enter the base path of your MISP install (e.g /var/www/MISP): '
|
||||||
|
read PATH_TO_MISP
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Output
|
# Output
|
||||||
OutputFileName=${OutputFileName:-MISP-Backup}
|
OutputFileName=${OutputFileName:-MISP-Backup}
|
||||||
OutputDirName=${OutputDirName:-/tmp}
|
OutputDirName=${OutputDirName:-/tmp}
|
||||||
OutputFull="${OutputDirName}/${OutputFileName}-$(date '+%Y%m%d_%H%M%S').tar.gz"
|
OutputFull="${OutputDirName}/${OutputFileName}-$(date '+%Y%m%d_%H%M%S').tar.gz"
|
||||||
# database.php
|
|
||||||
MySQLUUser=$(grep -o -P "(?<='login' => ').*(?=')" $MISPPath/app/Config/database.php)
|
|
||||||
MySQLUPass=$(grep -o -P "(?<='password' => ').*(?=')" $MISPPath/app/Config/database.php)
|
|
||||||
MISPDB=$(grep -o -P "(?<='database' => ').*(?=')" $MISPPath/app/Config/database.php)
|
|
||||||
DB_Port=$(grep -o -P "(?<='port' => ).*(?=,)" $MISPPath/app/Config/database.php)
|
|
||||||
MISPDBHost=$(grep -o -P "(?<='host' => ').*(?=')" $MISPPath/app/Config/database.php)
|
|
||||||
# config.php
|
|
||||||
Salt=$(grep -o -P "(?<='salt' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
BaseURL=$(grep -o -P "(?<='baseurl' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
OrgName=$(grep -o -P "(?<='org' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
LogEmail=$(grep -o -P "(?<='email' => ').*(?=')" $MISPPath/app/Config/config.php|head -1)
|
|
||||||
AdminEmail=$(grep -o -P "(?<='contact' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
GnuPGEmail=$(sed -n -e '/GnuPG/,$p' $MISPPath/app/Config/config.php|grep -o -P "(?<='email' => ').*(?=')")
|
|
||||||
GnuPGHomeDir=$(grep -o -P "(?<='homedir' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
GnuPGPass=$(grep -o -P "(?<='password' => ').*(?=')" $MISPPath/app/Config/config.php)
|
|
||||||
|
|
||||||
## Folders to be checked for useable space: OutputDirName
|
# database.php
|
||||||
## To be checked for emptiness: all?
|
MySQLUUser=$(grep -o -P "(?<='login' => ').*(?=')" $PATH_TO_MISP/app/Config/database.php) ; checkVar MySQLUUser
|
||||||
|
MySQLUPass=$(grep -o -P "(?<='password' => ').*(?=')" $PATH_TO_MISP/app/Config/database.php) ; checkVar MySQLUPass
|
||||||
|
MISPDB=$(grep -o -P "(?<='database' => ').*(?=')" $PATH_TO_MISP/app/Config/database.php) ; checkVar MISPDB
|
||||||
|
DB_Port=$(grep -o -P "(?<='port' => ).*(?=,)" $PATH_TO_MISP/app/Config/database.php) ; checkVar DB_Port
|
||||||
|
MISPDBHost=$(grep -o -P "(?<='host' => ').*(?=')" $PATH_TO_MISP/app/Config/database.php) ; checkVar MISPDBHost
|
||||||
|
|
||||||
|
# config.php
|
||||||
|
Salt=$(grep -o -P "(?<='salt' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) ; checkVar Salt
|
||||||
|
BaseURL=$(grep -o -P "(?<='baseurl' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) # BaseURL can be empty
|
||||||
|
OrgName=$(grep -o -P "(?<='org' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) ; checkVar OrgName
|
||||||
|
LogEmail=$(grep -o -P "(?<='email' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php|head -1) ; checkVar LogEmail
|
||||||
|
AdminEmail=$(grep -o -P "(?<='contact' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) ; checkVar AdminEmail
|
||||||
|
GnuPGEmail=$(sed -n -e '/GnuPG/,$p' $PATH_TO_MISP/app/Config/config.php|grep -o -P "(?<='email' => ').*(?=')") ; checkVar GnuPGEmail
|
||||||
|
GnuPGHomeDir=$(grep -o -P "(?<='homedir' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) ; checkVar GnuPGHomeDir
|
||||||
|
GnuPGPass=$(grep -o -P "(?<='password' => ').*(?=')" $PATH_TO_MISP/app/Config/config.php) ; checkVar GnuPGPass
|
||||||
|
|
||||||
|
checkDiskFree $OutputDirName
|
||||||
|
|
||||||
# Create backup files
|
# Create backup files
|
||||||
TmpDir="$(mktemp --tmpdir=$OutputDirName -d)"
|
TmpDir="$(mktemp --tmpdir=$OutputDirName -d)"
|
||||||
cp -r $GnuPGHomeDir/* $TmpDir/
|
cp -rp $GnuPGHomeDir/* $TmpDir/
|
||||||
echo "copy of org images and other custom images"
|
echo "copy of org images and other custom images"
|
||||||
cp -r $MISPPath/app/webroot/img/orgs $TmpDir/
|
cp -rp $PATH_TO_MISP/app/webroot/img/orgs $TmpDir/
|
||||||
cp -r $MISPPath/app/webroot/img/custom $TmpDir/
|
cp -rp $PATH_TO_MISP/app/webroot/img/custom $TmpDir/
|
||||||
cp -r $MISPPath/app/files $TmpDir
|
cp -rp $PATH_TO_MISP/app/files $TmpDir
|
||||||
|
|
||||||
# MISP Config files
|
# MISP Config files
|
||||||
mkdir -p $TmpDir/Config
|
mkdir -p $TmpDir/Config
|
||||||
cp $MISPPath/app/Config/bootstrap.php $TmpDir/Config
|
cp -p $PATH_TO_MISP/app/Config/bootstrap.php $TmpDir/Config
|
||||||
cp $MISPPath/app/Config/config.php $TmpDir/Config
|
cp -p $PATH_TO_MISP/app/Config/config.php $TmpDir/Config
|
||||||
cp $MISPPath/app/Config/core.php $TmpDir/Config
|
cp -p $PATH_TO_MISP/app/Config/core.php $TmpDir/Config
|
||||||
cp $MISPPath/app/Config/database.php $TmpDir/Config
|
cp -p $PATH_TO_MISP/app/Config/database.php $TmpDir/Config
|
||||||
|
|
||||||
echo "MySQL Dump"
|
echo "MySQL Dump"
|
||||||
MySQLRUser=${MySQLRUser:-$MySQLUUser}
|
MySQLRUser=${MySQLRUser:-$MySQLUUser}
|
||||||
MySQLRPass=${MySQLRPass:-$MySQLUPass}
|
MySQLRPass=${MySQLRPass:-$MySQLUPass}
|
||||||
mysqldump --opt -u $MySQLRUser -p$MySQLRPass $MISPDB > $TmpDir/MISPbackupfile.sql
|
mysqldump --opt -u $MySQLRUser -p$MySQLRPass $MISPDB > $TmpDir/MISPbackupfile.sql
|
||||||
|
if [[ "$?" != "0" ]]; then
|
||||||
|
echo "MySQLdump failed, abort." && exit 1
|
||||||
|
fi
|
||||||
# Create compressed archive
|
# Create compressed archive
|
||||||
cd $TmpDir
|
cd $TmpDir
|
||||||
tar -zcf $OutputFull ./*
|
tar -pzcf $OutputFull ./*
|
||||||
cd -
|
cd -
|
||||||
rm -rf $TmpDir
|
rm -rf $TmpDir
|
||||||
echo "MISP Backup Completed, OutputDir: ${OutputDirName}"
|
echo "MISP Backup Completed, OutputDir: ${OutputDirName}"
|
||||||
|
|
Loading…
Reference in New Issue