Jérémy Lecour
ea9aac50a3
explicit path refix for ssh-keygen
2020-08-19 13:58:03 +02:00
Jérémy Lecour
1063dfe74d
bkctld: don't replace SSH host keys when creating/updating a jail
2020-08-19 13:57:18 +02:00
Jérémy Lecour
c141986a6d
create new ssh keys for new jails instead of copying those from the host
...
It increases the security by having different keys between jails.
It reduces the risk of changing the keys of jails after creationtheir
creation.
2020-08-07 14:24:20 +02:00
Jérémy Lecour
0ad1e8d342
Split check into check-jails and check-setup
...
bkctld-check-setup checks if the partition is mounted and writable, if
firewall is configured and if all jails are started
2020-07-10 14:34:06 +02:00
Jérémy Lecour
d07b493131
bkctld-update: start jail after upgrade if it was started before
2020-07-09 17:14:49 +02:00
Jérémy Lecour
505e0f7f53
New command bkctld upgrade-config
...
It moves the legacy config file "/etc/evobackup/<jail>" to the new
config structure "/etc/evobackup/<jail>.d/incs_policy"
2020-05-28 11:11:59 +02:00
Jérémy Lecour
505bdb9117
On sync, add trailing slash to rsync command
2020-05-28 10:22:34 +02:00
Jérémy Lecour
b659e9d8c5
better sync
...
* add/remove config files to mirror source
* restart minifirewall only if present
* sync state with proper action
2020-05-03 11:03:04 +02:00
Jérémy Lecour
3ac79da9b2
bkctld-sync: don't sync whole firewall file, just rules for jail
2020-05-01 10:33:06 +02:00
Jérémy Lecour
8311e33c76
join arguments in ssh command
2020-05-01 10:31:46 +02:00
Jérémy Lecour
8ed06511d9
bkctld-sync: don't init jail if it already exists
2020-05-01 10:31:20 +02:00
Jérémy Lecour
9cd94dabc2
An empty lock file shouldn't stop the program
2020-05-01 09:52:06 +02:00
Jérémy Lecour
ebfc16f65a
grammar
2020-05-01 09:51:47 +02:00
Jérémy Lecour
b3529f2131
bkctld-is-on returns code 100 if jail is stopped
2020-05-01 09:51:36 +02:00
Jérémy Lecour
64ec60428d
error() function accepts an optional return code
2020-05-01 09:51:09 +02:00
Jérémy Lecour
fa109e216b
Give the pid of the new process
2020-04-21 09:03:18 +02:00
Jérémy Lecour
4829232a65
quote variable
2020-04-21 09:03:01 +02:00
Jérémy Lecour
ea912c40f0
missing whitespace
2020-04-20 23:43:56 +02:00
Jérémy Lecour
5f3cc873a1
fix date format
2020-04-20 23:43:45 +02:00
Jérémy Lecour
11bb59831c
bkctld-rm: state the age of the process when killing it
2020-04-20 23:31:39 +02:00
Jérémy Lecour
ea140f6137
fix log message wording
2020-04-20 23:30:57 +02:00
Jérémy Lecour
86e88ad2c2
fix log date format
...
%S = seconds
%s = number of seconds since epoch
2020-04-20 23:30:45 +02:00
Jérémy Lecour
205e3774a9
rewrite log messages and format
2020-04-20 08:29:21 +02:00
Jérémy Lecour
35d257d9c7
rm/inc : log progress
2020-04-20 00:38:44 +02:00
Jérémy Lecour
1846be4e45
better quotes
2020-04-19 10:05:20 +02:00
Jérémy Lecour
478703d96e
No space before colons in log messages
2020-04-19 09:56:52 +02:00
Jérémy Lecour
32f242fe9c
Reorganize temp files and lock files
...
Temp files/dirs all share a common prefix, so we can delete them all
effectively
Lock file is managed globally for bkctld-rm.
No need for a lock file for bkctld-inc anymore since there is a check on
the inc directory before starting.
2020-04-19 09:55:43 +02:00
Jérémy Lecour
f66d832d3a
properly call subcommands
2020-04-19 00:16:30 +02:00
Jérémy Lecour
096fe95b2f
bkctld-rm: fix lock file management
...
logic was badly implemented
2020-04-18 19:11:08 +02:00
Jérémy Lecour
723c8511e1
Don't forget to log the start time!
2020-04-18 19:10:19 +02:00
Jérémy Lecour
7a13a42ad2
Create empty directory in the default tmp directory
2020-04-18 19:09:52 +02:00
Jérémy Lecour
f7e8324ba5
Embed check-incs and check-last-incs in bkctld
2020-04-18 10:29:21 +02:00
Jérémy Lecour
0dcd72d3f2
move relative_date() function to includes files
2020-04-18 10:28:44 +02:00
Jérémy Lecour
9c6be0e74c
bkctld-rm: fix inc removal
...
echo-ing the list of incs gives a single line, hard to match with lines
in the keep file.
We store the incs list in a temp file to help comparing contents.
2020-04-12 11:45:21 +02:00
Jérémy Lecour
2d4cae58bc
fix typo
2020-04-12 11:43:06 +02:00
Jérémy Lecour
3198ba7f37
bkctld-rm: log incs to be deleted
2020-04-11 08:41:04 +02:00
Jérémy Lecour
11f84a9f7b
Emit a warning if no firewall file is configured
2020-04-08 18:35:09 +02:00
Jérémy Lecour
bdc6b4fa4d
bkctld-check: sourcing issue is just a warning
2020-04-08 18:32:27 +02:00
Jérémy Lecour
a0b3c4fd26
bkctld-check: shorter output
2020-04-08 17:54:09 +02:00
Jérémy Lecour
c2f39a0218
bkctld-check: don't eval the variables
2020-04-08 17:53:56 +02:00
Jérémy Lecour
e5997400cd
bkctld-check: verify that firewall rules are sourced
2020-04-08 12:26:59 +02:00
Jérémy Lecour
53b8fe8376
extract variable "jail_sshd_config"
2020-04-08 00:32:15 +02:00
Jérémy Lecour
5a90ae8a16
bkctld-ip: fail when trying to add an IP when there is no AllowUsers
2020-04-08 00:31:55 +02:00
Jérémy Lecour
2ef20df5ca
whitespaces
2020-04-05 11:43:52 +02:00
Jérémy Lecour
d29743357a
rename function for ext4 filesystems
2020-04-05 11:41:41 +02:00
Jérémy Lecour
6377ffd09e
bkctld-inc: add locks to btrfs actions
...
It's probably useless since btrfs commands return almost instantly
but it's consistent with ext4 commands.
2020-04-05 11:40:24 +02:00
Jérémy Lecour
db70bd21e9
use explicitly relative path
2020-04-03 09:58:10 +02:00
Jérémy Lecour
3f3ffbfffd
bkctld-start: extract "mount_jail_fs" function
2020-04-03 09:48:54 +02:00
Jérémy Lecour
f8ef5b22cd
bkctld-start: better retry logic around fetch SSH PID
2020-04-03 08:31:29 +02:00
Jérémy Lecour
9bbcb852b0
bkctld-start: chroot preparation must stay in the main process
2020-04-03 00:42:08 +02:00
Jérémy Lecour
88dd2e448b
bkctld-stop: pkill outside of conditional
...
it breaks the stop action
2020-04-03 00:37:43 +02:00
Jérémy Lecour
c920e91304
improve incs policy parsing
2020-04-02 23:52:27 +02:00
Jérémy Lecour
09d2014db3
bkctld-stop: use pkill instead of a loop
2020-04-02 23:34:14 +02:00
Jérémy Lecour
b141daca29
code clarification
2020-04-02 23:33:54 +02:00
Jérémy Lecour
7a80b433d6
bkctld-sync: more comment and variables
2020-04-02 18:40:27 +02:00
Jérémy Lecour
1da1c8a7fe
extract function for jail config directory
2020-04-02 18:39:15 +02:00
Jérémy Lecour
f36771d1f0
bkctld-rm: kill existing processes
...
Ifa process is still removing incs when a ew one starts, the newest
kills the other to start again.
2020-04-02 18:30:52 +02:00
Jérémy Lecour
4e6c5cfb20
bkctld-inc : smaller lock file
...
Only one process can create a specific inc at the same time
2020-04-02 18:29:40 +02:00
Jérémy Lecour
45036bf731
fix incs policy on jail init
2020-04-02 18:28:41 +02:00
Jérémy Lecour
54e66aea84
Raise error if missing arguments in functions
2020-04-02 18:27:54 +02:00
Jérémy Lecour
c58878b065
extract functions for config files
2020-04-02 18:26:53 +02:00
Jérémy Lecour
7a040bac20
better log messages
2020-04-02 14:50:55 +02:00
Jérémy Lecour
c7816abd1e
bkctld-key: check if the key file is readable
2020-04-02 14:50:21 +02:00
Jérémy Lecour
aa8bc9381b
bkctld-firewall: removed useless test
2020-04-02 14:43:39 +02:00
Jérémy Lecour
9136d3cff4
replace "! -n" test with "-z"
2020-04-02 14:43:17 +02:00
Jérémy Lecour
1652ebeb67
fix shecllcheck source directives
2020-04-02 13:44:13 +02:00
Jérémy Lecour
779dd9c518
use new conventions
2020-04-02 01:17:11 +02:00
Jérémy Lecour
01cc972d83
rename lib/config to lib/includes
2020-04-02 00:31:57 +02:00
Jérémy Lecour
77d0681d14
refactor init and update subcommands
2020-04-02 00:30:48 +02:00
Jérémy Lecour
e9e8a790ba
refactor check, inc, rm subcommands
...
function extractions
variables extractions
comments
2020-04-01 18:44:38 +02:00
Jérémy Lecour
e7e3683944
fix shellcheck source directive
2020-04-01 11:23:35 +02:00
Jérémy Lecour
018392e8e3
bkctld-rm: add support for the "new" canonical path for incs policy
2020-04-01 09:13:57 +02:00
Jérémy Lecour
a5c0745d09
bkctld-check: use findmnt instead of grep + check "rw" for backup disk
2020-04-01 09:12:40 +02:00
Jérémy Lecour
5cc6d9e28f
bkctld-check: simplify overrides
...
1. add support for the "new" canonical path for jail specific
configurations
2. use a local value in the loop to prevent changing the global default
value
2020-04-01 09:11:56 +02:00
Jérémy Lecour
10cc3695a4
Add some shellcheck directives for config source
2020-04-01 07:31:33 +02:00
Jérémy Lecour
9ae2168b1b
bkctld-list: note for later, try a simpler command
2020-04-01 07:27:43 +02:00
Jérémy Lecour
6cf49b2a8b
bkctld-check: add overrides for "per jail" thresholds
...
Putting values for CRITICAL/WARNING in <JAIL_DIR>/etc/bkctld-check
overrides the values for this specific jail.
Setting to a value <=0 disables the threshold.
2020-04-01 07:27:17 +02:00
Jérémy Lecour
0b5164b91c
Add some shellcheck directives
2020-04-01 07:24:33 +02:00
Jérémy Lecour
14012ca9b0
bkctld-check: fix typos
2020-04-01 07:24:06 +02:00
Jérémy Lecour
1bc5d4ed93
bkctld-check: extract check_jail function
2020-04-01 07:23:23 +02:00
Victor LABORIE
0a6b5c1b80
Do not run inc / rm in background when not using btrfs
2020-03-09 16:08:17 +01:00
Victor LABORIE
ed83404806
Add lock for bkctld inc / rm when not using btrfs ( Fix #32 )
2020-03-05 14:49:25 +01:00
Victor LABORIE
24ffa76dfc
Do not unnecessary use is-on and reload in ip/port/key ( Fix #31 )
2020-02-05 14:58:15 +01:00
Victor LABORIE
ae883e8ed0
Use mktemp for keepfile and rm it after usage ( Fix #9 )
2019-02-18 11:32:28 +01:00
Victor LABORIE
d09d0b0572
Do not create dirs in bkctld script
2019-01-08 16:29:03 +01:00
Victor LABORIE
183bc05ec4
Use bkctld-list script for jails listing
2019-01-08 16:23:46 +01:00
Victor LABORIE
cda35bba6e
Move logging functions into config
2019-01-07 16:57:12 +01:00
Victor LABORIE
91272f49d5
Remove check_jail function
2019-01-07 16:41:29 +01:00
Victor LABORIE
d9f8ae7036
Move check_jail_on functions into bkctld-is-on script
2019-01-07 16:34:44 +01:00
Victor LABORIE
5856cb2011
Fix help output (command can have dash)
2019-01-07 16:33:08 +01:00
Victor LABORIE
41b3536bcf
Remove get_inc function
2019-01-07 16:12:51 +01:00
Victor LABORIE
a028d3abee
Fix typo in bkctld-stats
2019-01-07 16:11:57 +01:00
Victor LABORIE
0272c43751
Move usage functions into bkctld-help script
...
* Usage output is now auto-generated
2019-01-07 14:47:07 +01:00
Victor LABORIE
d0165a9e3c
Move firewall functions into bkctld-firewall script
2019-01-04 16:55:56 +01:00
Victor LABORIE
1522d2f6cd
Merge bkctld-params and some functions into bkctld-(ip|port|key) scripts
2019-01-04 16:39:35 +01:00
Victor LABORIE
6caa9078e6
Parallelize bkctld <subcommand> all
2019-01-04 16:03:33 +01:00
Victor LABORIE
16014f3c4f
Fix typo in bkctld-update
2019-01-04 15:55:34 +01:00
Victor LABORIE
e062a05a4b
Split bkctld into multiples scripts
2019-01-04 13:52:15 +01:00