MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/tools/misp-backup/misp-restore.sh

245 lines
7.9 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# Inspired from daverstephens@gmail.com and @alexanderjaeger work on misp-backup.sh
#
# Apache, MISP and mariaDB/MySQL should be installed before running this script
#
# Only works with a database on localhost
#
# This script restores following file/DB from an archive created with misp-backup.sh:
# - app/Config PHP files
# - app/webroot/img orgs and custom files
# - app/webroot/files
# - GPG files
# - MYSQL User used in archive or its password if exists
# - MISP database
#
#
# This script does not restore:
# - Apache configuration files
# - SSL certificates used by the web server
#
#
# sudo sh ./misp-restore.sh PATH_TO_ARCHIVE.tar.gz
#
# TODO: Make script UNATTENDEDable
# TODO: Move DB, check DB?
# TODO: Check db user exists.
# This makes use of the standard variables used by the installer
eval "$(curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/docs/generic/globalVariables.md | awk '/^# <snippet-begin/,0' | grep -v \`\`\`)"
MISPvars > /dev/null 2>&1
# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
DEBUG=
case "$-" in
*x*) NO_PROGRESS=1; DEBUG=1 ;;
*) NO_PROGRESS=0 ;;
esac
## Functions
# Dynamic horizontal spacer
space () {
if [[ "$NO_PROGRESS" == "1" ]]; then
return
fi
# Check terminal width
num=`tput cols`
for i in `seq 1 $num`; do
echo -n "-"
done
echo ""
}
# Make sure the target has enough free space
checkDiskFree () {
if [[ ! -e $1 ]]; then
echo "$1 does not exist, creating"
mkdir -p $1
fi
threshhold=90
free=$(df -l --sync --output=pcent $1 |tail -1|cut -f 1 -d% | tr -d \ )
if [[ "$free" > "$threshhold" ]]; then
space
echo "Your destination folder is $threshhold% full."
space
exit 1
fi
}
# Check if variable is empty
checkVar () {
[[ -z $1 ]] && echo "$1 is empty, please investigate." && exit 1
}
# Small function to import SQL export
mysqlImport () {
myDB=$(mysqlshow |grep -o $MISPDB)
if [[ "$myDB" == "$MISPDB" ]]; then
echo -n "$myDB detected, I can remove this if wanted. (y/n) "
read REMOVE
REMOVE=$(echo $REMOVE |tr [A-Z] [a-z])
[[ "$REMOVE" == "y" ]] && mysqladmin drop $myDB
fi
mysql -h $MISPDBHost -u $MySQLRUser -p -Bse "CREATE DATABASE IF NOT EXISTS $MISPDB ;\
GRANT USAGE ON *.* TO '$MySQLUUser'@'localhost' IDENTIFIED BY '$MySQLUPass';\
GRANT ALL PRIVILEGES ON $MISPDB.* TO '$MySQLUUser'@'localhost' ; \
FLUSH PRIVILEGES;"
mysql -s -h $MISPDBHost -u $MySQLUUser -p$MySQLUPass $MISPDB < $BackupDir/MISPbackupfile.sql
}
echo '-- Starting MISP restore process'
FILE=./misp-backup.conf
# Extract base directory where this script is and cd into it
cd "${0%/*}"
# Set to the current webroot owner
WWW_USER=$(ls -l $0 |awk {'print $3'}|tail -1)
MySQLRUser="root"
# In most cases the owner of the cake script is also the user as which it should be executed.
if [[ "$USER" != "$WWW_USER" ]]; then
echo "You run this script as $USER and the owner of the backup script is $WWW_USER, this should be your web server user. FYI."
fi
# Check if run as root
if [[ "$EUID" != "0" ]]; then
echo "Please run the backup script as root"
exit 1
fi
if [ ! -z $1 ] && [ -f $1 ]; then
BackupFile=$1
else
echo 'Specify backup file by running ./misp-restore.sh PATH_TO_ARCHIVE.tar.gz'
exit 1
fi
# Source configuration file
if [ -f $FILE ]; then
echo "--- File $(pwd)$FILE exists."
. $FILE
else
echo "--- Config File $FILE does not exist. Please enter values manually"
echo -n '--- Where would you like to decompress backup files (Eg. /tmp)? '
read OutputDirName
fi
checkDiskFree OutputDirName
# Decompress archive
BackupDir=$OutputDirName/$(basename -s ".tar.gz" $BackupFile)
mkdir $BackupDir
echo '--- Decompressing files'
tar zxpf $BackupFile -C $BackupDir
# Fill in any missing values with defaults
# MISP path detector
if [[ -z $UNATTENDED ]]; then
if [[ -z $PATH_TO_MISP ]]; then
if [[ "$(locate > /dev/null 2> /dev/null ; echo $?)" != "127" ]]; then
if [[ "$(locate MISP/app/webroot/index.php |wc -l)" > 1 ]]; then
echo "We located more then 1 MISP/app/webroot, reverting to manual"
PATH_TO_MISP=${PATH_TO_MISP:-$(locate MISP/app/webroot/index.php|sed 's/\/app\/webroot\/index\.php//')}
echo -n 'Please enter the base path of your MISP install (e.g /var/www/MISP): '
read PATH_TO_MISP
fi
fi
fi
if [[ -d $PATH_TO_MISP ]] && [[ -f $PATH_TO_MISP/VERSION.json ]]; then
echo "$PATH_TO_MISP exists and seems to include an existing install."
echo "We can move it out of the way, or leave as is."
echo -n "Move $PATH_TO_MISP to $OutputDirName/MISP-$(date +%Y%m%d)?"
read MOVE
MOVE=$(echo $MOVE |tr [A-Z] [a-z])
[[ "$MOVE" == "y" ]] && mv $PATH_TO_MISP $OutputDirName/MISP-$(date +%Y%m%d) && mkdir $PATH_TO_MISP
fi
fi
# database.php
MySQLUUser=$(grep -o -P "(?<='login' => ').*(?=')" $BackupDir/Config/database.php) ; checkVar MySQLUUser
MySQLUPass=$(grep -o -P "(?<='password' => ').*(?=')" $BackupDir/Config/database.php) ; checkVar MySQLUPass
MISPDB=$(grep -o -P "(?<='database' => ').*(?=')" $BackupDir/Config/database.php) ; checkVar MISPDB
DB_Port=$(grep -o -P "(?<='port' => ).*(?=,)" $BackupDir/Config/database.php) ; checkVar DB_Port
MISPDBHost=$(grep -o -P "(?<='host' => ').*(?=')" $BackupDir/Config/database.php) ; checkVar MISPDBHost
# config.php
Salt=$(grep -o -P "(?<='salt' => ').*(?=')" $BackupDir/Config/config.php) ; checkVar Salt
BaseURL=$(grep -o -P "(?<='baseurl' => ').*(?=')" $BackupDir/Config/config.php) # BaseURL can be empty
OrgName=$(grep -o -P "(?<='org' => ').*(?=')" $BackupDir/Config/config.php) ; checkVar OrgName
LogEmail=$(grep -o -P "(?<='email' => ').*(?=')" $BackupDir/Config/config.php|head -1) ; checkVar LogEmail
AdminEmail=$(grep -o -P "(?<='contact' => ').*(?=')" $BackupDir/Config/config.php) ; checkVar AdminEmail
GnuPGEmail=$(sed -n -e '/GnuPG/,$p' $BackupDir/Config/config.php|grep -o -P "(?<='email' => ').*(?=')") ; checkVar GnuPGEmail
GnuPGHomeDir=$(grep -o -P "(?<='homedir' => ').*(?=')" $BackupDir/Config/config.php) ; checkVar GnuPGHomeDir
GnuPGPass=$(grep -o -P "(?<='password' => ').*(?=')" $BackupDir/Config/config.php) ; checkVar GnuPGPass
if [[ -f /tmp/MISPbackupfile.sql ]]; then
mysqlImport
rm /tmp/MISPbackupfile.sql
exit
fi
# Restore backup files
echo "--- Copy of GnuPG files"
mkdir -p $GnuPGHomeDir
cp $BackupDir/*.gpg $GnuPGHomeDir/
cp $BackupDir/random_seed $GnuPGHomeDir/
echo "--- Copy of org and images and files"
cp -pr $BackupDir/orgs $PATH_TO_MISP/app/webroot/img/
cp -pr $BackupDir/custom $PATH_TO_MISP/app/webroot/img/
cp -pr $BackupDir/files $PATH_TO_MISP/app/
# Restore MISP Config files
echo "--- Copy of app/Config files"
cp -p $BackupDir/Config/bootstrap.php $PATH_TO_MISP/app/Config
cp -p $BackupDir/Config/config.php $PATH_TO_MISP/app/Config
cp -p $BackupDir/Config/core.php $PATH_TO_MISP/app/Config
cp -p $BackupDir/Config/database.php $PATH_TO_MISP/app/Config
# Permissions
echo "--- Setting persmissions"
chown -R $WWW_USER:$WWW_USER /var/www/MISP
chmod -R 750 /var/www/MISP
chmod -R g+ws /var/www/MISP/app/tmp
chmod -R g+ws /var/www/MISP/app/files
chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
# Restore DB
echo "--- Starting MySQL database Restore"
echo -n '---- Please enter your MySQL root account username: '
read MySQLRUser
echo "---- Creating database and user if not exists with data found in MISP configuration files"
mysqlImport
##if [[ "$returnCode" != "0" ]]; then
## echo "Something went wrong, MySQL returned: $returnCode"
## echo "The MISPbackupfile.sql will be copied to: /tmp for you to handle this situation manually."
## echo "You can also run this script again and we will retry to import the SQL."
## cp $BackupDir/MISPbackupfile.sql /tmp > /dev/null 2> /dev/null
## rm -rf $BackupDir
## exit $returnCode
##fi
rm -rf $BackupDir
if [[ ! -z $BaseURL ]]; then
echo "-- MISP Restore Complete! URL: $BaseURL"
else
echo "-- MISP Restore Complete!"
fi
Reference in New Issue View Git Blame Copy Permalink