diff --git a/check_encryption_scan_legacy-format b/check_encryption_scan_legacy-format new file mode 100755 index 0000000..e14b30c --- /dev/null +++ b/check_encryption_scan_legacy-format @@ -0,0 +1,640 @@ +#!/usr/bin/env bash + +script_name="$(basename $(realpath $0))" +script_dir="$(dirname $(realpath $0))" + +conf_dir="${script_dir}/conf" + +declare -a unsorted_website_arr +declare -a website_arr + +log_file="$(mktemp)" + +backup_date=$(date +%Y-%m-%d-%H%M) + + +# ============= +# --- Some functions +# ============= + +clean_up() { + + + if [[ -f "$_backup_crontab_file" ]]; then + + echononl " (Re)Install previously saved crontab .." + + crontab $_backup_crontab_file >> $log_file 2>&1 + + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi + + fi + + # Perform program exit housekeeping + rm -f $log_file + blank_line + exit $1 +} + +is_number() { + + return $(test ! -z "${1##*[!0-9]*}" > /dev/null 2>&1); + + # - also possible + # - + #[[ ! -z "${1##*[!0-9]*}" ]] && return 0 || return 1 + #return $([[ ! -z "${1##*[!0-9]*}" ]]) +} + +echononl(){ + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n "$*\\c" 1>&2 + else + echo -e -n "$*" 1>&2 + fi + rm /tmp/shprompt$$ +} +echo_done() { + if $terminal ; then + echo -e "\033[75G[ \033[32mdone\033[m ]" + else + echo " [ done ]" + fi +} +echo_ok() { + if $terminal ; then + echo -e "\033[75G[ \033[32mok\033[m ]" + else + echo " [ ok ]" + fi +} +echo_warning() { + if $terminal ; then + echo -e "\033[75G[ \033[33m\033[1mwarn\033[m ]" + else + echo " [ warning ]" + fi +} +echo_failed(){ + if $terminal ; then + echo -e "\033[75G[ \033[1;31mfailed\033[m ]" + else + echo ' [ failed! ]' + fi +} +echo_skipped() { + if $terminal ; then + echo -e "\033[75G[ \033[37mskipped\033[m ]" + else + echo " [ skipped ]" + fi +} +fatal (){ + echo "" + echo "" + if $terminal ; then + echo -e "\t[ \033[31m\033[1mFatal\033[m ]: \033[37m\033[1m$*\033[m" + echo "" + echo -e "\t\033[31m\033[1m Script will be interrupted..\033[m\033[m" + else + echo "fatal: $*" + echo "Script will be interrupted.." + fi + clean_up 1 +} + +error(){ + echo "" + if $terminal ; then + echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*" + else + echo "Error: $*" + fi + echo "" +} + +warn (){ + echo "" + if $terminal ; then + echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*" + else + echo "Warning: $*" + fi + echo "" +} + +info (){ + echo "" + if $terminal ; then + echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*" + else + echo "Info: $*" + fi + echo "" +} + +## - Check if a given array (parameter 2) contains a given string (parameter 1) +## - +containsElement () { + local e + for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done + return 1 +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + + + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +## - +while IFS='' read -r -d '' _conf_file ; do + source $_conf_file + if [[ -n "$WEBSITE" ]] ; then + unsorted_website_arr+=("${WEBSITE}:$_conf_file") + fi + WEBSITE="" +done < <(find "${conf_dir}" -maxdepth 1 -type f -name "*.conf" -print0) +#done < <(find "${conf_dir}" -maxdepth 1 -type f -name "create_missing_indices_*.conf" -print0) + +#if [[ ${#unsorted_website_arr} -eq 0 ]]; then +# fatal "No configuration files found in '${script_dir}/conf' or no website configured!" +#fi + +# - Sort array +# - +IFS=$'\n' website_arr=($(sort <<<"${unsorted_website_arr[*]}")) + + +# ============= +# --- Some +# ============= + +# - Support systemd ? +# - +if [[ "X$(which systemd)" = "X" ]]; then + SYSTEMD_EXISTS=false +else + SYSTEMD_EXISTS=true +fi + +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + terminal=false +fi + +clear + +echo "" +echo -e "\033[32m-----\033[m" +echo "Create missing indices" +echo -e "\033[32m-----\033[m" + + +WEBSITE= +_OK=false +echo "" +echo "Which site would you like to update?" +echo "" +declare -i i=0 +for _site in ${website_arr[@]} ; do + IFS=':' read -a _arr <<< ${_site} + echo " [$i] ${_arr[0]}" + ((i++)) +done +echo +echononl " Eingabe: " +while ! $_OK ; do +read _IN + if is_number "$_IN" && [[ -n ${website_arr[$_IN]} ]]; then + IFS=':' read -a _arr <<< ${website_arr[$_IN]} + conf_file=${_arr[1]} + DEFAULT_WEBSITE="${_arr[0]}" + _OK=true + else + echo "" + echo -e "\tFalsche Eingabe !" + echo "" + echononl " Eingabe: " + fi +done + + +echo "" +echononl " Include Configuration file.." +if [[ ! -f $conf_file ]]; then + echo_failed + fatal "Missing configuration file '$conf_file'." +else + source $conf_file + echo_ok +fi +echo "" + + + +# ============= +# --- Some checks +# ============= + +DEFAULT_SRC_BASE_DIR="/usr/local/src/nextcloud" +DEFAULT_HTTP_USER="www-data" +DEFAULT_HTTP_GROUP="www-data" +DEFAULT_PHP_ENGINE='FPM' + + +if [[ -z ${WEBSITE} ]] ; then + WEBSITE="$DEFAULT_WEBSITE" +fi + +DEFAULT_WEB_BASE_DIR="/var/www/$WEBSITE" + +[[ -n "$WEB_BASE_DIR" ]] || WEB_BASE_DIR=$DEFAULT_WEB_BASE_DIR + +if [[ ! -d ${WEB_BASE_DIR} ]] ; then + fatal "Web base directory not found (parameter 'WEB_BASE_DIR')" +fi + +DATA_DIR="$(realpath ${WEB_BASE_DIR}/data)" +INSTALL_DIR="$(realpath ${WEB_BASE_DIR}/nextcloud)" +CURRENT_VERSION="$(basename $INSTALL_DIR | cut -d"-" -f2)" + +[[ -n "$PHP_ENGINE" ]] || PHP_ENGINE=$DEFAULT_PHP_ENGINE + +# Check PHP Version +# +if [[ "$PHP_ENGINE" = "FPM" ]] ; then + if [[ -z "$PHP_VERSION" ]] ; then + if [[ -z "$VHOST_CONFIG_FILE" ]] ; then + if [[ -f "/usr/local/apache2/conf/vhosts/${WEBSITE}.conf.php-fpm" ]] ; then + VHOST_CONFIG_FILE="/usr/local/apache2/conf/vhosts/${WEBSITE}.conf.php-fpm" + elif [[ -f "/usr/local/apache2/conf/vhosts/${WEBSITE}.conf" ]] ; then + VHOST_CONFIG_FILE="/usr/local/apache2/conf/vhosts/${WEBSITE}.conf" + elif [[ -f "/etc/apache2/sites-enabled/${WEBSITE}.conf" ]] ; then + VHOST_CONFIG_FILE="/etc/apache2/sites-enabled/${WEBSITE}.conf" + fi + fi + PHP_VERSION="$(grep -o -E "php-?.{1}\..{1}-fpm" $VHOST_CONFIG_FILE | grep -o -E ".{1}\..{1}")" + if [[ -z "$PHP_VERSION" ]] ; then + fatal "PHP Version must be givven if running PHP-FPM engine (parameter 'PHP_VERSION')" + fi + fi +fi + +# - Determin user/group of the webserver +# - +httpd_binary="`which httpd`" +if [ -z "$httpd_binary" ]; then + httpd_binary="$(ps -axu | grep httpd | grep -e "^root" | grep -v grep | awk '{print$11}')" + if [ -z "$httpd_binary" ]; then + if [ -x "/usr/local/apache2/bin/httpd" ]; then + httpd_binary="/usr/local/apache2/bin/httpd" + fi + fi +fi +if [ -x "$httpd_binary" ];then + + # - Determin websever user + # - + _HTTP_USER="`$httpd_binary -t -D DUMP_RUN_CFG | grep -i -e "^User" | awk '{print$2}' | cut -d\"=\" -f2 | tr -d '"'`" + _HTTP_GROUP="`$httpd_binary -t -D DUMP_RUN_CFG | grep -i -e "^Group" | awk '{print$2}' | cut -d\"=\" -f2 | tr -d '"'`" + + # - Is webserver running ? + # - + PID=$(ps aux | grep "$(realpath $httpd_binary)" | grep -e "^root" | grep -v grep | awk '{print$2}') + if [[ "X${PID}X" = "XX" ]] ;then + IS_HTTPD_RUNNING=false + else + IS_HTTPD_RUNNING=true + fi +fi + +if [[ -n "$_HTTP_USER" ]] ; then + if [[ -n "$HTTP_USER" ]] && [[ "$_HTTP_USER" != "$HTTP_USER" ]]; then + warn "The script has determined \033[1;37m${_HTTP_USER}\033[m as Webservers user. This\n value differs from the value given in your configuration file, \n which is \033[1;37m${HTTP_USER}\033[m and takes precedence." + else + HTTP_USER=$_HTTP_USER + fi +else + [[ -n "$HTTP_USER" ]] || HTTP_USER=$DEFAULT_HTTP_USER +fi +if [[ -n "$_HTTP_GROUP" ]] ; then + if [[ -n "$HTTP_GROUP" ]] && [[ "$_HTTP_GROUP" != "$HTTP_GROUP" ]]; then + warn "The script has determined \033[1;37m${_HTTP_GROUP}\033[m as Webservers group. This\n value differs from the value given in your configuration file, \n which is \033[1;37m${HTTP_GROUP}\033[m and takes precedence." + else + HTTP_GROUP=$_HTTP_GROUP + fi +else + [[ -n "$HTTP_GROUP" ]] || HTTP_GROUP=$DEFAULT_HTTP_GROUP +fi + +if [[ -x "$(realpath /usr/local/php/bin/php)" ]]; then + PHP_BIN="/usr/local/php/bin/php" +else + PHP_BIN="$(which php)" +fi + +if [[ ! -x "$PHP_BIN" ]]; then + fatal "No PHP binary found!" +fi + + +echo "" +echo -e "\033[1;32mStarting Script $script_name for \033[1;37m${WEBSITE}\033[m" +echo "" +echo -e " Website to update....................: $WEBSITE" +echo "" +echo -e " Nextcloud version....................: $CURRENT_VERSION" +echo "" +echo -e " Web base directory...................: $WEB_BASE_DIR" +echo -e " Install directory....................: $INSTALL_DIR" +echo -e " Data directory.......................: $DATA_DIR" +echo "" +echo -e " Webserver user.......................: $HTTP_USER" +echo -e " Webserver group......................: $HTTP_GROUP" +echo "" +echo -e " PHP command..........................: $PHP_BIN" +echo "" +echo -e " PHP version..........................: $PHP_VERSION" +echo -e " PHP Engine...........................: $PHP_ENGINE" + +echo "" +echo -n " Type upper case 'YES' to continue executing with this parameters: " +read OK +if [[ "$OK" = "YES" ]] ; then + echo "" + echo "" + echo -e "\033[1;32mGoing to update Nextcloud on \033[1;37m$WEBSITE \033[m" + echo "" +else + fatal "Abort by user request - Answer as not 'YES'" +fi + + +echo "" + + +# ----- +# - Do some pre-update tasks.. +# ----- + +echo "" +echo "" +echo -e "\033[37m\033[1mDo some pre-update tasks..\033[m" +echo "" + +# - Deaktiviere Cronjobs +# - +_backup_crontab_file=/tmp/crontab_root.${backup_date} +echononl " Backup Crontab to '$_backup_crontab_file'" +crontab -l > $_backup_crontab_file 2> $log_file +if [[ $? -eq 0 ]]; then + echo_ok +else + echo_failed + fatal "$(cat $log_file)" +fi + +echononl " Remove crontab for root.." +crontab -r > $log_file 2>&1 +if [[ $? -eq 0 ]]; then + echo_ok +else + echo_failed + fatal "$(cat $log_file)" +fi + + +# - Stop Apache Webserver +# - +echo "" +echononl " Stop Apache Webserver.." +if $SYSTEMD_EXISTS ; then + systemctl stop apache2 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +else + /etc/init.d/apache2 stop + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +fi + +echo "" + +# - Backup Database +# - +echononl " Backup MySQL database '$DATABASE_NAME'.." +if [[ "$DATABASE_TYPE" = 'mysql' ]]; then + mysqldump $MYSQL_CREDENTIALS --opt $DATABASE_NAME > \ + ${WEB_BASE_DIR}/${DATABASE_NAME}-v${CURRENT_VERSION}.${backup_date}.sql 2> $log_file + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +elif [[ "$DATABASE_TYPE" = 'postgres' ]]; then + PGPASSWORD=$PSQL_PASS \ + pg_dump $DATABASE_NAME -h $PSQL_SERVER -U $PSQL_USER \ + -f ${WEB_BASE_DIR}/${DATABASE_NAME}-v${CURRENT_VERSION}.${backup_date}.sql 2> $log_file + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + fatal "$(cat $log_file)" + fi +fi + +echo + + +# ----- +# - Main part of the script +# ----- + +echo "" +echo "" +echo -e "\033[37m\033[1mMain part of the script\033[m" +echo "" + + +# - Create missing indices +# - +echononl " Running 'occ encryption:scan:legacy-format' .." +echo 'y' | su -c "$PHP_BIN ${WEB_BASE_DIR}/htdocs/occ encryption:scan:legacy-format" -s /bin/bash $HTTP_USER +if [[ $? -eq 0 ]]; then + echo_ok +else + echo_failed + error "$(cat $log_file)" +fi + + + + +# ----- +# - Doing some post-update tasks +# ----- + +echo "" +echo "" +echo -e "\033[37m\033[1mDoing some post-update tasks..\033[m" + +echo "" +echononl " Restart PHP engine.." +if [[ "$PHP_ENGINE" = "FPM" ]]; then + if $SYSTEMD_EXISTS ; then + systemctl restart php-${PHP_VERSION}-fpm > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted by user." + fi + else + /etc/init.d/php-${PHP_VERSION}-fpm restart > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted by user." + fi + fi +else + echo_skipped +fi + +# - Start Apache Webserver +# - +echo "" +echononl " Start Apache Webserver.." +if $IS_HTTPD_RUNNING ; then + if $SYSTEMD_EXISTS ; then + systemctl start apache2 > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted by user." + + fi + else + /etc/init.d/apache2 start > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted by user." + fi + fi +else + echo_skipped + warn "The webserver was not running, so it will be keept down!" +fi + +_redis_cli_bin="$(which redis-cli)" +if [[ -z "$_redis_cli_bin" ]]; then + if [[ -x "/usr/local/bin/redis-cli" ]]; then + _redis_cli_bin="/usr/local/bin/redis-cli" + fi +fi + + +echononl " Flush redis cache.." +if [[ -x "$_redis_cli_bin" ]]; then + $_redis_cli_bin flushall > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +else + echo_skipped +fi + + +echononl " Restart redis server.." +if $SYSTEMD_EXISTS ; then + systemctl restart redis-server > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +else + /etc/init.d/redis-server restart > $log_file 2>&1 + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + fi +fi + +blank_line +clean_up 0