From 0a244894eb04e8b7cf161efb20b310669be39bcd Mon Sep 17 00:00:00 2001 From: Eric Morino Date: Wed, 26 Jan 2022 11:06:36 +0100 Subject: [PATCH 1/8] Add fix repository in source.list for bullseye --- lxc-php/tasks/php74.yml | 6 ++++++ lxc-php/tasks/php80.yml | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/lxc-php/tasks/php74.yml b/lxc-php/tasks/php74.yml index a3a7eb44..eaae77fd 100644 --- a/lxc-php/tasks/php74.yml +++ b/lxc-php/tasks/php74.yml @@ -5,6 +5,12 @@ name: "{{ lxc_php_version }}" container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-zip composer libphp-phpmailer" +- name: "{{ lxc_php_version }} - fix bullseye repository" + replace: + dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list" + regexp: 'bullseye/updates' + replace: 'bullseye-security' + - name: "{{ lxc_php_version }} - Copy evolinux PHP configuration" template: src: z-evolinux-defaults.ini.j2 diff --git a/lxc-php/tasks/php80.yml b/lxc-php/tasks/php80.yml index 33f6d409..4f725f0b 100644 --- a/lxc-php/tasks/php80.yml +++ b/lxc-php/tasks/php80.yml @@ -5,6 +5,12 @@ name: "{{ lxc_php_version }}" container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg" +- name: "{{ lxc_php_version }} - fix bullseye repository" + replace: + dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list" + regexp: 'bullseye/updates' + replace: 'bullseye-security' + - name: "{{ lxc_php_version }} - Add sury repo" lineinfile: dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list.d/sury.list" From 80f8a94798a775eeef87a4143e9577aca4c3d07d Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 10:27:18 +0100 Subject: [PATCH 2/8] evolinux-base: many improvements for backup-server-state script --- CHANGELOG.md | 2 + evolinux-base/files/backup-server-state.sh | 454 +++++++++++++++------ 2 files changed, 320 insertions(+), 136 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 95d42c81..a1170f72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,8 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Changed +* evolinux-base: many improvements for backup-server-state script + ### Fixed ### Removed diff --git a/evolinux-base/files/backup-server-state.sh b/evolinux-base/files/backup-server-state.sh index 0c503c37..b5492d34 100644 --- a/evolinux-base/files/backup-server-state.sh +++ b/evolinux-base/files/backup-server-state.sh @@ -30,38 +30,40 @@ ${PROGNAME} is making backup copies of information related to the state of the s Usage: ${PROGNAME} --backup-dir=/path/to/backup/directory [OPTIONS] Options - -d, --backup-dir path to the directory where the backup will be stored - --etc backup copy of /etc - --no-etc no backup copy of /etc (default) - --dpkg backup copy of /var/lib/dpkg - --no-dpkg no backup copy of /var/lib/dpkg (default) - --apt backup copy of apt extended states (default) - --no-apt no backup copy of apt extended states - --packages backup copy of dpkg selections (default) - --no-packages no backup copy of dpkg selections - --processes backup copy of process list (default) - --no-processes no backup copy of process list - --uptime backup of uptime value (default) - --no-uptime no backup of uptime value - --netstat backup copy of netstat (default) - --no-netstat no backup copy of netstat - --netcfg backup copy of network configuration (default) - --no-netcfg no backup copy of network configuration - --iptables backup copy of iptables (default) - --no-iptables no backup copy of iptables - --sysctl backup copy of sysctl values (default) - --no-sysctl no backup copy of sysctl values - --virsh backup copy of virsh list (default) - --no-virsh no backup copy of virsh list - --lxc backup copy of lxc list (default) - --no-lxc no backup copy of lxc list - --mount backup copy of mount points (default) - --no-mount no backup copy of mount points - --df backup copy of disk usage (default) - --no-df no backup copy of disk usage - -v, --verbose print details about backup steps - -V, --version print version and exit - -h, --help print this message and exit + -d, --backup-dir path to the directory where the backup will be stored + --etc backup copy of /etc + --no-etc no backup copy of /etc (default) + --dpkg backup copy of /var/lib/dpkg + --no-dpkg no backup copy of /var/lib/dpkg (default) + --apt-states backup copy of apt extended states (default) + --no-apt-states no backup copy of apt extended states + --apt-config backup copy of apt configuration (default) + --no-apt-config no backup copy of apt configuration + --packages backup copy of dpkg selections (default) + --no-packages no backup copy of dpkg selections + --processes backup copy of process list (default) + --no-processes no backup copy of process list + --uptime backup of uptime value (default) + --no-uptime no backup of uptime value + --netstat backup copy of netstat (default) + --no-netstat no backup copy of netstat + --netcfg backup copy of network configuration (default) + --no-netcfg no backup copy of network configuration + --iptables backup copy of iptables (default) + --no-iptables no backup copy of iptables + --sysctl backup copy of sysctl values (default) + --no-sysctl no backup copy of sysctl values + --virsh backup copy of virsh list (default) + --no-virsh no backup copy of virsh list + --lxc backup copy of lxc list (default) + --no-lxc no backup copy of lxc list + --mount backup copy of mount points (default) + --no-mount no backup copy of mount points + --df backup copy of disk usage (default) + --no-df no backup copy of disk usage + -v, --verbose print details about backup steps + -V, --version print version and exit + -h, --help print this message and exit END } debug() { @@ -88,34 +90,10 @@ create_backup_dir() { backup_etc() { debug "Backup /etc" - last_result=$(rsync -ah --itemize-changes --exclude=.git /etc "${backup_dir}/") - last_rc=$? + rsync_bin=$(command -v rsync) - if [ ${last_rc} -eq 0 ]; then - debug "* rsync OK" - else - debug "* rsync ERROR :" - debug "${last_result}" - rc=10 - fi -} - -backup_apt() { - if [ -f /var/lib/apt/extended_states ]; then - debug "Backup APT states" - - last_result=$(mkdir -p "${backup_dir}/var/lib/apt" && chmod -R 755 "${backup_dir}/var/lib/apt") - last_rc=$? - - if [ ${last_rc} -eq 0 ]; then - debug "* mkdir/chmod OK" - else - debug "* mkdir/chmod ERROR" - debug "${last_result}" - rc=10 - fi - - last_result=$(rsync -ah /var/lib/apt/extended_states "${backup_dir}/var/lib/apt/") + if [ -n "${rsync_bin}" ]; then + last_result=$(${rsync_bin} -ah --itemize-changes --exclude=.git /etc "${backup_dir}/") last_rc=$? if [ ${last_rc} -eq 0 ]; then @@ -125,13 +103,86 @@ backup_apt() { debug "${last_result}" rc=10 fi + else + debug "* rsync not found" + last_result=$(cp -r /etc "${backup_dir}/ && rm -rf ${backup_dir}/etc/.git") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* cp OK" + else + debug "* cp ERROR :" + debug "${last_result}" + rc=10 + fi fi } -backup_dpkg() { - debug "Backup DPkg" +backup_apt_states() { + apt_dir="/" + apt_dir_state="var/lib/apt" + apt_dir_state_extended_states="extended_states" - last_result=$(mkdir -p "${backup_dir}/var/lib" && chmod -R 755 "${backup_dir}/var/lib") + apt_config_bin=$(command -v apt-config) + + if [ -n "${apt_config_bin}" ]; then + eval "$(${apt_config_bin} shell apt_dir Dir)" + eval "$(${apt_config_bin} shell apt_dir_state Dir::State)" + eval "$(${apt_config_bin} shell apt_dir_state_extended_states Dir::State::extended_states)" + fi + extended_states="${apt_dir}/${apt_dir_state}/${apt_dir_state_extended_states}" + + if [ -f "${extended_states}" ]; then + debug "Backup APT states" + + last_result=$(cp -r "${extended_states}" "${backup_dir}/apt-extended-states.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* cp OK" + else + debug "* cp ERROR :" + debug "${last_result}" + rc=10 + fi + fi +} + +backup_apt_config() { + debug "Backup APT config" + + apt_config_bin=$(command -v apt-config) + + if [ -n "${apt_config_bin}" ]; then + last_result=$(${apt_config_bin} dump > "${backup_dir}/apt-config.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* apt-config OK" + else + debug "* apt-config ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* apt-config is not found" + fi +} + +backup_dpkg_full() { + debug "Backup DPkg full state" + + dir_state_status="/var/lib/dpkg/status" + + apt_config_bin=$(command -v apt-config) + + if [ -n "${apt_config_bin}" ]; then + eval "$(${apt_config_bin} shell dir_state_status Dir::State::status)" + fi + + dpkg_dir=$(dirname "${dir_state_status}") + + last_result=$(mkdir -p "${backup_dir}${dpkg_dir}" && chmod -R 755 "${backup_dir}${dpkg_dir}") last_rc=$? if [ ${last_rc} -eq 0 ]; then @@ -142,13 +193,53 @@ backup_dpkg() { rc=10 fi - last_result=$(rsync -ah --itemize-changes /var/lib/dpkg "${backup_dir}/var/lib/") + rsync_bin=$(command -v rsync) + + if [ -n "${rsync_bin}" ]; then + last_result=$(${rsync_bin} -ah --itemize-changes --exclude='*-old' ${dpkg_dir}/ "${backup_dir}${dpkg_dir}/") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* rsync OK" + else + debug "* rsync ERROR :" + debug "${last_result}" + rc=10 + fi + else + debug "* rsync not found" + + last_result=$(cp -r "${dpkg_dir}/*" "${backup_dir}${dpkg_dir}/" && rm -rf "${backup_dir}${dpkg_dir}/*-old") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* cp OK" + else + debug "* cp ERROR :" + debug "${last_result}" + rc=10 + fi + fi +} + +backup_dpkg_status() { + debug "Backup DPkg status" + + dir_state_status="/var/lib/dpkg/status" + + apt_config_bin=$(command -v apt-config) + + if [ -n "${apt_config_bin}" ]; then + eval "$(${apt_config_bin} shell dir_state_status Dir::State::status)" + fi + + last_result=$(cp "${dir_state_status}" "${backup_dir}/dpkg-status.txt") last_rc=$? if [ ${last_rc} -eq 0 ]; then - debug "* rsync OK" + debug "* cp OK" else - debug "* rsync ERROR" + debug "* cp ERROR :" debug "${last_result}" rc=10 fi @@ -157,15 +248,21 @@ backup_dpkg() { backup_packages() { debug "Backup list of installed package" - last_result=$(dpkg --get-selections "*" > "${backup_dir}/current_packages.txt") - last_rc=$? + dpkg_bin=$(command -v dpkg) - if [ ${last_rc} -eq 0 ]; then - debug "* dpkg OK" + if [ -n "${dpkg_bin}" ]; then + last_result=$(${dpkg_bin} --get-selections "*" > "${backup_dir}/current_packages.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* dpkg OK" + else + debug "* dpkg ERROR :" + debug "${last_result}" + rc=10 + fi else - debug "* dpkg ERROR :" - debug "${last_result}" - rc=10 + debug "* dpkg not found" fi } @@ -200,8 +297,8 @@ backup_processes() { pstree_bin=$(command -v pstree) - if [ -z "${pstree_bin}" ]; then - last_result=$(pstree -pan > "${backup_dir}/pstree.txt") + if [ -n "${pstree_bin}" ]; then + last_result=$(${pstree_bin} -pan > "${backup_dir}/pstree.txt") last_rc=$? if [ ${last_rc} -eq 0 ]; then @@ -218,7 +315,8 @@ backup_netstat() { debug "Backup network status" ss_bin=$(command -v ss) - if [ -z "${ss_bin}" ]; then + + if [ -n "${ss_bin}" ]; then last_result=$(${ss_bin} -tanpul > "${backup_dir}/netstat-ss.txt") last_rc=$? @@ -229,10 +327,13 @@ backup_netstat() { debug "${last_result}" rc=10 fi + else + debug "* ss not found" fi netstat_bin=$(command -v netstat) - if [ -z "${netstat_bin}" ]; then + + if [ -n "${netstat_bin}" ]; then last_result=$(netstat -laputen > "${backup_dir}/netstat-legacy.txt") last_rc=$? @@ -243,62 +344,116 @@ backup_netstat() { debug "${last_result}" rc=10 fi + else + debug "* netstat not found" fi } backup_netcfg() { debug "Backup network configuration" - last_result=$(ip address show > "${backup_dir}/ip-address.txt") - last_rc=$? + ip_bin=$(command -v ip) - if [ ${last_rc} -eq 0 ]; then - debug "* ip address OK" + if [ -n "${ip_bin}" ]; then + last_result=$(${ip_bin} address show > "${backup_dir}/ip-address.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* ip address OK" + else + debug "* ip address ERROR" + debug "${last_result}" + rc=10 + fi + + last_result=$(${ip_bin} route show > "${backup_dir}/ip-route.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* ip route OK" + else + debug "* ip route ERROR" + debug "${last_result}" + rc=10 + fi else - debug "* ip address ERROR" - debug "${last_result}" - rc=10 - fi + debug "* ip not found" - last_result=$(ip route show > "${backup_dir}/ip-route.txt") - last_rc=$? + ifconfig_bin=$(command -v ifconfig) - if [ ${last_rc} -eq 0 ]; then - debug "* ip route OK" - else - debug "* ip route ERROR" - debug "${last_result}" - rc=10 + if [ -n "${ifconfig_bin}" ]; then + last_result=$(${ifconfig_bin} > "${backup_dir}/ifconfig.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* ifconfig OK" + else + debug "* ifconfig ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* ifconfig not found" + fi fi } backup_iptables() { debug "Backup iptables" - last_result=$({ /sbin/iptables -L -n -v; /sbin/iptables -t filter -L -n -v; } > "${backup_dir}/iptables.txt") - last_rc=$? + iptables_bin=$(command -v iptables) - if [ ${last_rc} -eq 0 ]; then - debug "* iptables OK" + if [ -n "${iptables_bin}" ]; then + last_result=$({ ${iptables_bin} -L -n -v; ${iptables_bin} -t filter -L -n -v; } > "${backup_dir}/iptables.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* iptables OK" + else + debug "* iptables ERROR" + debug "${last_result}" + rc=10 + fi else - debug "* iptables ERROR" - debug "${last_result}" - rc=10 + debug "* iptables not found" + fi + + iptables_save_bin=$(command -v iptables-save) + + if [ -n "${iptables_save_bin}" ]; then + last_result=$(${iptables_save_bin} > "${backup_dir}/iptables-save.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* iptables-save OK" + else + debug "* iptables-save ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* iptables-save not found" fi } backup_sysctl() { debug "Backup sysctl values" - last_result=$(sysctl -a | sort -h > "${backup_dir}/sysctl.txt") - last_rc=$? + sysctl_bin=$(command -v sysctl) - if [ ${last_rc} -eq 0 ]; then - debug "* sysctl OK" + if [ -n "${sysctl_bin}" ]; then + last_result=$(${sysctl_bin} -a | sort -h > "${backup_dir}/sysctl.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* sysctl OK" + else + debug "* sysctl ERROR" + debug "${last_result}" + rc=10 + fi else - debug "* sysctl ERROR" - debug "${last_result}" - rc=10 + debug "* sysctl not found" fi } @@ -319,7 +474,7 @@ backup_virsh() { rc=10 fi else - debug "* virsh not installed" + debug "* virsh not found" fi } @@ -340,7 +495,7 @@ backup_lxc() { rc=10 fi else - debug "* lxc-ls not installed" + debug "* lxc-ls not found" fi } @@ -348,23 +503,11 @@ backup_mount() { debug "Backup mount points" findmnt_bin=$(command -v findmnt) - mount_bin=$(command -v mount) if [ -n "${findmnt_bin}" ]; then last_result=$(${findmnt_bin} > "${backup_dir}/mount.txt") last_rc=$? - if [ ${last_rc} -eq 0 ]; then - debug "* mount points OK" - else - debug "* mount points ERROR" - debug "${last_result}" - rc=10 - fi - elif [ -n "${mount_bin}" ]; then - last_result=$(${mount_bin} > "${backup_dir}/mount.txt") - last_rc=$? - if [ ${last_rc} -eq 0 ]; then debug "* mount points OK" else @@ -373,7 +516,24 @@ backup_mount() { rc=10 fi else - debug "* findmnt and mount not installed" + debug "* findmnt not found" + + mount_bin=$(command -v mount) + + if [ -n "${mount_bin}" ]; then + last_result=$(${mount_bin} > "${backup_dir}/mount.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* mount points OK" + else + debug "* mount points ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* mount not found" + fi fi } @@ -394,7 +554,7 @@ backup_df() { rc=10 fi else - debug "* df not installed" + debug "* df not found" fi } @@ -414,11 +574,17 @@ main() { if [ "${DO_ETC}" -eq 1 ]; then backup_etc fi - if [ "${DO_DPKG}" -eq 1 ]; then - backup_dpkg + if [ "${DO_DPKG_FULL}" -eq 1 ]; then + backup_dpkg_full fi - if [ "${DO_APT}" -eq 1 ]; then - backup_apt + if [ "${DO_DPKG_STATUS}" -eq 1 ]; then + backup_dpkg_status + fi + if [ "${DO_APT_STATES}" -eq 1 ]; then + backup_apt_states + fi + if [ "${DO_APT_CONFIG}" -eq 1 ]; then + backup_apt_config fi if [ "${DO_PACKAGES}" -eq 1 ]; then backup_packages @@ -501,18 +667,32 @@ while :; do DO_ETC=0 ;; - --dpkg) - DO_DPKG=1 + --dpkg-full) + DO_DPKG_FULL=1 ;; - --no-dpkg) - DO_DPKG=0 + --no-dpkg-full) + DO_DPKG_FULL=0 ;; - --apt) - DO_APT=1 + --dpkg-status) + DO_DPKG_STATUS=1 ;; - --no-apt) - DO_APT=0 + --no-dpkg-status) + DO_DPKG_STATUS=0 + ;; + + --apt-states) + DO_APT_STATES=1 + ;; + --no-apt-states) + DO_APT_STATES=0 + ;; + + --apt-config) + DO_APT_CONFIG=1 + ;; + --no-apt-config) + DO_APT_CONFIG=0 ;; --packages) @@ -614,8 +794,10 @@ done # Default values : "${VERBOSE:=0}" : "${DO_ETC:=0}" -: "${DO_DPKG:=0}" -: "${DO_APT:=1}" +: "${DO_DPKG_FULL:=0}" +: "${DO_DPKG_STATUS:=1}" +: "${DO_APT_STATES:=1}" +: "${DO_APT_CONFIG:=1}" : "${DO_PACKAGES:=1}" : "${DO_PROCESSES:=1}" : "${DO_UPTIME:=1}" From 2849039fadf3755a06e5a887e3eb8a7ce8e6c74b Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 11:21:19 +0100 Subject: [PATCH 3/8] remount-usr: use findmnt to find if usr is a readonly partition --- CHANGELOG.md | 1 + remount-usr/tasks/main.yml | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1170f72..07d255ba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Changed * evolinux-base: many improvements for backup-server-state script +* remount-usr: use findmnt to find if usr is a readonly partition ### Fixed diff --git a/remount-usr/tasks/main.yml b/remount-usr/tasks/main.yml index 6cbcfa00..1bfedc64 100644 --- a/remount-usr/tasks/main.yml +++ b/remount-usr/tasks/main.yml @@ -1,10 +1,10 @@ --- +# findmnt returns 0 on hit, 1 on miss +# If the return code is higher than 1, it's a blocking failure - name: "check if /usr is a read-only partition" - command: 'grep -E " /usr.*ro" /proc/mounts' - args: - warn: no + command: 'findmnt /usr --noheadings --options ro' changed_when: False - failed_when: False + failed_when: usr_partition.rc > 1 check_mode: no register: usr_partition From 6dc17658a915ae3c1a896f42e96073c94cbb6231 Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Thu, 27 Jan 2022 11:50:18 +0100 Subject: [PATCH 4/8] evolinux-base: backup-server-state: Add options. New options: - --dmesg / --no-dmesg - --mysql / --no-mysql - --services / --no-services --- evolinux-base/files/backup-server-state.sh | 105 +++++++++++++++++++++ 1 file changed, 105 insertions(+) diff --git a/evolinux-base/files/backup-server-state.sh b/evolinux-base/files/backup-server-state.sh index b5492d34..dcf0a750 100644 --- a/evolinux-base/files/backup-server-state.sh +++ b/evolinux-base/files/backup-server-state.sh @@ -61,6 +61,12 @@ Options --no-mount no backup copy of mount points --df backup copy of disk usage (default) --no-df no backup copy of disk usage + --dmesg backup copy of dmesg (default) + --no-dmesg no backup copy of dmesg + --mysql backup copy of mysql processes (default) + --no-mysql no backup copy of mysql processes + --services backup copy of services states (default) + --no-services no backup copy of services states -v, --verbose print details about backup steps -V, --version print version and exit -h, --help print this message and exit @@ -558,6 +564,71 @@ backup_df() { fi } +backup_dmesg() { + debug "Backup dmesg" + + dmesg_bin=$(command -v dmesg) + + if [ -n "${dmesg_bin}" ]; then + last_result=$(${dmesg_bin} > "${backup_dir}/dmesg.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* dmesg OK" + else + debug "* dmesg ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* dmesg not found" + fi +} + +backup_mysql() { + debug "Backup mysql processes" + + mysql_bin=$(command -v mysql) + + if [ -n "${mysql_bin}" ]; then + last_result=$(${mysql_bin} --execute 'show full processlist;' > "${backup_dir}/mysql.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* mysql OK" + else + debug "* mysql ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* mysql not found" + fi +} + +backup_services() { + debug "Backup services" + + systemctl_bin=$(command -v systemctl) + + if [ -n "${systemctl_bin}" ]; then + last_result=$(${systemctl_bin} systemctl --no-legend --state=failed \ + --type=service > "${backup_dir}/services.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* services OK" + else + debug "* services ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* systemctl not found" + fi +} + + main() { if [ -z "${backup_dir}" ]; then echo "ERROR: You must provide the --backup-dir argument" >&2 @@ -619,6 +690,16 @@ main() { if [ "${DO_DF}" -eq 1 ]; then backup_df fi + if [ "${DO_DMESG}" -eq 1 ]; then + backup_dmesg + fi + if [ "${DO_MYSQL}" -eq 1 ]; then + backup_mysql + fi + if [ "${DO_SERVICES}" -eq 1 ]; then + backup_services + fi + debug "=> Your backup is available at ${backup_dir}" exit ${rc} @@ -772,6 +853,27 @@ while :; do DO_DF=0 ;; + --dmesg) + DO_DMESG=1 + ;; + --no-dmesg) + DO_DMESG=0 + ;; + + --mysql) + DO_MYSQL=1 + ;; + --no-mysql) + DO_MYSQL=0 + ;; + + --services) + DO_SERVICES=1 + ;; + --no-services) + DO_SERVICES=0 + ;; + --) # End of all options. shift @@ -809,6 +911,9 @@ done : "${DO_LXC:=1}" : "${DO_MOUNT:=1}" : "${DO_DF:=1}" +: "${DO_DMESG:=1}" +: "${DO_MYSQL:=1}" +: "${DO_SERVICES:=1}" export LC_ALL=C From 519228ff9f69a9188f51635605da0c66f507c3d6 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 12:08:59 +0100 Subject: [PATCH 5/8] evolinux-base: backup-server-state: add disks and uname state --- evolinux-base/files/backup-server-state.sh | 92 +++++++++++++++++++++- 1 file changed, 91 insertions(+), 1 deletion(-) diff --git a/evolinux-base/files/backup-server-state.sh b/evolinux-base/files/backup-server-state.sh index dcf0a750..7f5415f8 100644 --- a/evolinux-base/files/backup-server-state.sh +++ b/evolinux-base/files/backup-server-state.sh @@ -2,7 +2,7 @@ PROGNAME="backup-server-state" -VERSION="22.01" +VERSION="22.01.1" readonly VERSION backup_dir= @@ -57,6 +57,8 @@ Options --no-virsh no backup copy of virsh list --lxc backup copy of lxc list (default) --no-lxc no backup copy of lxc list + --disks backup copy of MBR and partitions (default) + --no-disks no backup copy of MBR and partitions --mount backup copy of mount points (default) --no-mount no backup copy of mount points --df backup copy of disk usage (default) @@ -272,6 +274,21 @@ backup_packages() { fi } +backup_uname() { + debug "Backup uname" + + last_result=$(uname -a > "${backup_dir}/uname.txt") + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* uname OK" + else + debug "* uname ERROR" + debug "${last_result}" + rc=10 + fi +} + backup_uptime() { debug "Backup uptime" @@ -505,6 +522,57 @@ backup_lxc() { fi } +backup_disks() { + debug "Backup disks" + + lsblk_bin=$(command -v lsblk) + awk_bin=$(command -v awk) + + if [ -n "${lsblk_bin}" ] && [ -n "${awk_bin}" ]; then + disks=$(${lsblk_bin} -l | grep disk | grep -v -E '(drbd|fd[0-9]+)' | ${awk_bin} '{print $1}') + for disk in ${disks}; do + dd_bin=$(command -v dd) + if [ -n "${dd_bin}" ]; then + last_result=$(${dd_bin} if="/dev/${disk}" of="${backup_dir}/MBR-${disk}" bs=512 count=1 2>&1) + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* dd ${disk} OK" + else + debug "* dd ${disk} ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* dd not found" + fi + fdisk_bin=$(command -v fdisk) + if [ -n "${fdisk_bin}" ]; then + last_result=$(${fdisk_bin} -l "/dev/${disk}" > "${backup_dir}/partitions-${disk}" 2>&1) + last_rc=$? + + if [ ${last_rc} -eq 0 ]; then + debug "* fdisk ${disk} OK" + else + debug "* fdisk ${disk} ERROR" + debug "${last_result}" + rc=10 + fi + else + debug "* fdisk not found" + fi + done + cat "${backup_dir}"/partitions-* > "${backup_dir}/partitions" + else + if [ -n "${lsblk_bin}" ]; then + debug "* lsblk not found" + fi + if [ -n "${awk_bin}" ]; then + debug "* awk not found" + fi + fi +} + backup_mount() { debug "Backup mount points" @@ -666,6 +734,9 @@ main() { if [ "${DO_UPTIME}" -eq 1 ]; then backup_uptime fi + if [ "${DO_UNAME}" -eq 1 ]; then + backup_uname + fi if [ "${DO_NETSTAT}" -eq 1 ]; then backup_netstat fi @@ -684,6 +755,9 @@ main() { if [ "${DO_LXC}" -eq 1 ]; then backup_lxc fi + if [ "${DO_DISKS}" -eq 1 ]; then + backup_disks + fi if [ "${DO_MOUNT}" -eq 1 ]; then backup_mount fi @@ -797,6 +871,13 @@ while :; do DO_UPTIME=0 ;; + --uname) + DO_UNAME=1 + ;; + --no-uname) + DO_UNAME=0 + ;; + --netstat) DO_NETSTAT=1 ;; @@ -839,6 +920,13 @@ while :; do DO_LXC=0 ;; + --disks) + DO_DISKS=1 + ;; + --no-disks) + DO_DISKS=0 + ;; + --mount) DO_MOUNT=1 ;; @@ -902,6 +990,7 @@ done : "${DO_APT_CONFIG:=1}" : "${DO_PACKAGES:=1}" : "${DO_PROCESSES:=1}" +: "${DO_UNAME:=1}" : "${DO_UPTIME:=1}" : "${DO_NETSTAT:=1}" : "${DO_NETCFG:=1}" @@ -909,6 +998,7 @@ done : "${DO_SYSCTL:=1}" : "${DO_VIRSH:=1}" : "${DO_LXC:=1}" +: "${DO_DISKS:=1}" : "${DO_MOUNT:=1}" : "${DO_DF:=1}" : "${DO_DMESG:=1}" From 88cd8a0976edfa970332a8a0959addd31b1d4967 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 12:20:05 +0100 Subject: [PATCH 6/8] evolinux-base: backup-server-state: rename options and use mysqladmin instead of mysql --- evolinux-base/files/backup-server-state.sh | 55 +++++++++++----------- 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/evolinux-base/files/backup-server-state.sh b/evolinux-base/files/backup-server-state.sh index 7f5415f8..9febcbe6 100644 --- a/evolinux-base/files/backup-server-state.sh +++ b/evolinux-base/files/backup-server-state.sh @@ -2,7 +2,7 @@ PROGNAME="backup-server-state" -VERSION="22.01.1" +VERSION="22.01.2" readonly VERSION backup_dir= @@ -204,7 +204,7 @@ backup_dpkg_full() { rsync_bin=$(command -v rsync) if [ -n "${rsync_bin}" ]; then - last_result=$(${rsync_bin} -ah --itemize-changes --exclude='*-old' ${dpkg_dir}/ "${backup_dir}${dpkg_dir}/") + last_result=$(${rsync_bin} -ah --itemize-changes --exclude='*-old' "${dpkg_dir}/" "${backup_dir}${dpkg_dir}/") last_rc=$? if [ ${last_rc} -eq 0 ]; then @@ -653,41 +653,40 @@ backup_dmesg() { fi } -backup_mysql() { +backup_mysql_processes() { debug "Backup mysql processes" - mysql_bin=$(command -v mysql) + mysqladmin_bin=$(command -v mysqladmin) - if [ -n "${mysql_bin}" ]; then - last_result=$(${mysql_bin} --execute 'show full processlist;' > "${backup_dir}/mysql.txt") + if [ -n "${mysqladmin_bin}" ]; then + last_result=$(${mysqladmin_bin} --verbose processlist > "${backup_dir}/mysql-processlist.txt") last_rc=$? if [ ${last_rc} -eq 0 ]; then - debug "* mysql OK" + debug "* mysqladmin OK" else - debug "* mysql ERROR" + debug "* mysqladmin ERROR" debug "${last_result}" rc=10 fi else - debug "* mysql not found" + debug "* mysqladmin not found" fi } -backup_services() { +backup_systemctl() { debug "Backup services" systemctl_bin=$(command -v systemctl) if [ -n "${systemctl_bin}" ]; then - last_result=$(${systemctl_bin} systemctl --no-legend --state=failed \ - --type=service > "${backup_dir}/services.txt") + last_result=$(${systemctl_bin} systemctl --no-legend --state=failed --type=service > "${backup_dir}/systemctl-failed-services.txt") last_rc=$? if [ ${last_rc} -eq 0 ]; then - debug "* services OK" + debug "* failed services OK" else - debug "* services ERROR" + debug "* failed services ERROR" debug "${last_result}" rc=10 fi @@ -767,11 +766,11 @@ main() { if [ "${DO_DMESG}" -eq 1 ]; then backup_dmesg fi - if [ "${DO_MYSQL}" -eq 1 ]; then - backup_mysql + if [ "${DO_MYSQL_PROCESSES}" -eq 1 ]; then + backup_mysql_processes fi - if [ "${DO_SERVICES}" -eq 1 ]; then - backup_services + if [ "${DO_SYSTEMCTL}" -eq 1 ]; then + backup_systemctl fi @@ -948,18 +947,18 @@ while :; do DO_DMESG=0 ;; - --mysql) - DO_MYSQL=1 + --mysql-processes) + DO_MYSQL_PROCESSES=1 ;; - --no-mysql) - DO_MYSQL=0 + --no-mysql-processes) + DO_MYSQL_PROCESSES=0 ;; - --services) - DO_SERVICES=1 + --systemctl) + DO_SYSTEMCTL=1 ;; - --no-services) - DO_SERVICES=0 + --no-systemctl) + DO_SYSTEMCTL=0 ;; --) @@ -1002,8 +1001,8 @@ done : "${DO_MOUNT:=1}" : "${DO_DF:=1}" : "${DO_DMESG:=1}" -: "${DO_MYSQL:=1}" -: "${DO_SERVICES:=1}" +: "${DO_MYSQL_PROCESSES:=1}" +: "${DO_SYSTEMCTL:=1}" export LC_ALL=C From 6ccd0ea4406eceb58afbfbc47ee7516691d98d77 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 14:04:41 +0100 Subject: [PATCH 7/8] Release 22.01.1 --- CHANGELOG.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 07d255ba..49922daa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,15 +14,19 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Changed -* evolinux-base: many improvements for backup-server-state script -* remount-usr: use findmnt to find if usr is a readonly partition - ### Fixed ### Removed ### Security +## [22.01.1] 2022-01-27 + +### Changed + +* evolinux-base: many improvements for backup-server-state script +* remount-usr: use findmnt to find if usr is a readonly partition + ## [22.01] 2022-01-25 ### Added From bb30402df3815632ac062993a3245527053eba6d Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Thu, 27 Jan 2022 14:12:40 +0100 Subject: [PATCH 8/8] Release 22.01.2 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49922daa..dd8596e5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,7 +20,7 @@ The **patch** part changes is incremented if multiple releases happen the same m ### Security -## [22.01.1] 2022-01-27 +## [22.01.2] 2022-01-27 ### Changed