diff --git a/not-supported/borgbackup.sh b/not-supported/borgbackup.sh index 629701a4..9cd8ce10 100644 --- a/not-supported/borgbackup.sh +++ b/not-supported/borgbackup.sh @@ -316,6 +316,16 @@ do DIRECTORY="${directory%%/}" DIRECTORY_NAME=$(echo "$DIRECTORY" | sed 's|^/||;s|/|-|;s| |_|') + # Wait for the drive to spin up (else it is possible that some subdirectories are not backed up) + inform_user "$ICyan" "Waiting 15s for the $DIRECTORY_NAME directory..." + timeout 0.1s ls -l "$DIRECTORY/" &>/dev/null + if ! sleep 15 + then + # In case someone cancels with ctrl+c here + re_rename_snapshot + send_error_mail "Something failed while waiting for the $DIRECTORY_NAME directory." + fi + # Create backup inform_user "$ICyan" "Creating $DIRECTORY_NAME backup..." if ! borg create "${BORG_OPTS[@]}" --one-file-system \ diff --git a/not-supported/daily-backup-wizard.sh b/not-supported/daily-backup-wizard.sh index 68833a70..0e8f081d 100644 --- a/not-supported/daily-backup-wizard.sh +++ b/not-supported/daily-backup-wizard.sh @@ -122,8 +122,7 @@ Always included is a full system backup (aka '/') and the '/mnt/ncdata' director $CHECKLIST_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4) # Get mountpoints -DRIVE_MOUNTS="$(grep "ntfs-3g" /etc/fstab | grep "windows_names" | grep "uid=www-data" \ -| grep "gid=www-data" | grep "umask=007" | grep "x-systemd.automount" | awk '{print $2}' | sed 's|/$||')" +DRIVE_MOUNTS=$(find /mnt/ -mindepth 1 -maxdepth 2 -type d | grep -v "/mnt/ncdata") mapfile -t DRIVE_MOUNTS <<< "$DRIVE_MOUNTS" # Check if drives are connected @@ -131,14 +130,12 @@ if [ -n "${DRIVE_MOUNTS[*]}" ] then for mountpoint in "${DRIVE_MOUNTS[@]}" do - if ! mount_if_connected "$mountpoint" + if mountpoint -q "$mountpoint" && [ "$(stat -c '%a' "$mountpoint")" = "770" ] \ +&& [ "$(stat -c '%U' "$mountpoint")" = "www-data" ] && [ "$(stat -c '%G' "$mountpoint")" = "www-data" ] then - msg_box "The drive that is mounted at $mountpoint is currently not connected. -Please connect it to your server before running this script, if you want to backup it." - continue + args+=("$mountpoint" "" OFF) + RESULTS+="$mountpoint" fi - args+=("$mountpoint" "" OFF) - RESULTS+="$mountpoint" done # Only show menu if at least one additional drive is connected diff --git a/not-supported/not-supported_menu.sh b/not-supported/not-supported_menu.sh index d788e315..88d0b2e9 100644 --- a/not-supported/not-supported_menu.sh +++ b/not-supported/not-supported_menu.sh @@ -27,7 +27,8 @@ Choose which one you want to execute. $CHECKLIST_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4 \ "Bitlocker Mount" "(Mount Bitlocker encrypted drives)" OFF \ "ClamAV" "(Antivirus for Nextcloud and files)" OFF \ -"NTFS Mount" "(Mount NTFS (Windows) drives)" OFF \ +"NTFS Format" "(Format drives to NTFS)" OFF \ +"NTFS Mount" "(Mount NTFS drives)" OFF \ "Backup Viewer" "(View your Backups)" OFF \ "Daily Backup Wizard" "(Create a Daily Backup script)" OFF \ "Off-Shore Backup Wizard" "(Create an Off-Shore Backup script)" OFF \ @@ -35,7 +36,8 @@ $CHECKLIST_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4 \ "PiVPN" "(Install a Wireguard VPN server with PiVPN)" OFF \ "PLEX Media Server" "(Multimedia server application)" OFF \ "Remotedesktop" "(Install a remotedesktop based on xrdp)" OFF \ -"SMB-server" "(Create and manage a SMB-server on OS level)" OFF 3>&1 1>&2 2>&3) +"SMB-server" "(Create and manage a SMB-server on OS level)" OFF \ +"Veracrypt" "(Format, encrypt and mount drives with Veracrypt)" OFF 3>&1 1>&2 2>&3) case "$choice" in *"Bitlocker Mount"*) @@ -46,6 +48,10 @@ case "$choice" in print_text_in_color "$ICyan" "Downloading the ClamAV script..." run_script APP clamav ;;& + *"NTFS Format"*) + print_text_in_color "$ICyan" "Downloading the NTFS Format script..." + run_script NOT_SUPPORTED_FOLDER ntfs-format + ;;& *"NTFS Mount"*) print_text_in_color "$ICyan" "Downloading the NTFS Mount script..." run_script NOT_SUPPORTED_FOLDER ntfs-mount @@ -82,6 +88,10 @@ case "$choice" in print_text_in_color "$ICyan" "Downloading the SMB Server script..." run_script NOT_SUPPORTED_FOLDER smbserver ;;& + *"Veracrypt"*) + print_text_in_color "$ICyan" "Downloading the Veracrypt script..." + run_script NOT_SUPPORTED_FOLDER veracrypt + ;;& *) ;; esac diff --git a/not-supported/ntfs-format.sh b/not-supported/ntfs-format.sh new file mode 100644 index 00000000..e30bce84 --- /dev/null +++ b/not-supported/ntfs-format.sh @@ -0,0 +1,151 @@ +#!/bin/bash + +# T&M Hansson IT AB © - 2020, https://www.hanssonit.se/ +# Copyright © 2020 Simon Lindner (https://github.com/szaimen) + +true +SCRIPT_NAME="NTFS Mount" +SCRIPT_EXPLAINER="This script automates formatting drives to NTFS." +# shellcheck source=lib.sh +source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) + +# Check for errors + debug code and abort if something isn't right +# 1 = ON +# 0 = OFF +DEBUG=0 +debug_mode + +# Check if root +root_check + +# Show explainer +msg_box "$SCRIPT_EXPLAINER" + +# Mount drive +format_drive() { +local UUID +local LABEL +msg_box "Please disconnect your drive for now and connect it again AFTER you hit OK. +Otherwise we will not be able to detect it." +CURRENT_DRIVES=$(lsblk -o KNAME,TYPE | grep disk | awk '{print $1}') +count=0 +while [ "$count" -lt 60 ] +do + print_text_in_color "$ICyan" "Please connect your drive now." + sleep 5 & spinner_loading + echo "" + NEW_DRIVES=$(lsblk -o KNAME,TYPE | grep disk | awk '{print $1}') + if [ "$CURRENT_DRIVES" = "$NEW_DRIVES" ] + then + count=$((count+5)) + else + msg_box "A new drive was found. We will continue with the mounting now. +Please leave it connected." + break + fi +done + +# Exit if no new drive was found +if [ "$count" -ge 60 ] +then + msg_box "No new drive found within 60 seconds. +Please run this option again if you want to try again." + return 1 +fi + +# Get all new drives +mapfile -t CURRENT_DRIVES <<< "$CURRENT_DRIVES" +for drive in "${CURRENT_DRIVES[@]}" +do + NEW_DRIVES=$(echo "$NEW_DRIVES" | grep -v "^$drive") +done + +# Partition menu +args=(whiptail --title "$TITLE" --menu \ +"Please select the drive that you would like to format to NTFS. +$MENU_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4) + +# Get information that are important +mapfile -t NEW_DRIVES <<< "$NEW_DRIVES" +for drive in "${NEW_DRIVES[@]}" +do + DRIVE_DESCRIPTION=$(lsblk -o NAME,SIZE,VENDOR,MODEL | grep "^$drive" | awk '{print $2, $3, $4}') + args+=("/dev/$drive" " $DRIVE_DESCRIPTION") +done + +# Show the drive menu +DEVICE=$("${args[@]}" 3>&1 1>&2 2>&3) +if [ -z "$DEVICE" ] +then + return 1 +fi + +# Enter partition label +while : +do + LABEL="$(input_box_flow "Please enter the partition label that the drive shall get. +If you want to cancel, type in 'exit' and press [ENTER].")" + if [ "$LABEL" = exit ] + then + return 1 + else + break + fi +done + +# Last info box +if ! yesno_box_no "Warning: Are you really sure, that you want to format the drive '$DEVICE' to NTFS? +All current files on the drive will be erased! +Select 'Yes' to continue with the process. Select 'No' to cancel." +then + exit 1 +fi + +# Inform user +msg_box "We will now format the drive '$DEVICE' to NTFS. Please be patient!" + +# Wipe drive +dd if=/dev/urandom of="$DEVICE" bs=1M count=2 +parted "$DEVICE" mklabel gpt --script +parted "$DEVICE" mkpart primary 0% 100% --script +parted "$DEVICE" set 1 msftdata on --script + +# Wait because mkfs fails otherwise +sleep 1 + +# Format drive +if ! mkfs.ntfs --quick "${DEVICE}1" --label "$LABEL" +then + msg_box "Something failed while formatting the drive to NTFS." + exit 1 +fi + +# Inform user +msg_box "Formatting $DEVICE to NTFS was successful! + +You can now use the 'NTFS Mount' script from the Not-Supported Menu to mount the drive to your system." +} + +# Show main_menu +while : +do + choice=$(whiptail --title "$TITLE" --menu \ +"Choose what you want to do. +$MENU_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4 \ +"Format a drive" "(Interactively format a drive to NTFS)" \ +"Exit" "(Exit this script)" 3>&1 1>&2 2>&3) + case "$choice" in + "Format a drive") + format_drive + ;; + "Exit") + break + ;; + "") + break + ;; + *) + ;; + esac +done +exit diff --git a/not-supported/ntfs-mount.sh b/not-supported/ntfs-mount.sh index 5c8f77a1..01c0b06e 100644 --- a/not-supported/ntfs-mount.sh +++ b/not-supported/ntfs-mount.sh @@ -5,7 +5,7 @@ true SCRIPT_NAME="NTFS Mount" -SCRIPT_EXPLAINER="This script automates mounting NTFS (Windows) drives locally in your system." +SCRIPT_EXPLAINER="This script automates mounting NTFS drives locally in your system." # shellcheck source=lib.sh source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) @@ -111,7 +111,7 @@ done if [ -z "$UUIDS" ] then msg_box "No drive found that can get mounted. -Most likely none is NTFS (Windows) formatted." +Most likely none is NTFS formatted." return 1 fi diff --git a/not-supported/smbserver.sh b/not-supported/smbserver.sh index 5faabbff..99eb3606 100644 --- a/not-supported/smbserver.sh +++ b/not-supported/smbserver.sh @@ -52,7 +52,8 @@ DIRECTORIES=$(find /mnt/ -mindepth 1 -maxdepth 2 -type d | grep -v "/mnt/ncdata" mapfile -t DIRECTORIES <<< "$DIRECTORIES" for directory in "${DIRECTORIES[@]}" do - if mountpoint -q "$directory" + if mountpoint -q "$directory" && [ "$(stat -c '%a' "$directory")" = "770" ] \ +&& [ "$(stat -c '%U' "$directory")" = "www-data" ] && [ "$(stat -c '%G' "$directory")" = "www-data" ] then MOUNTS+=("$directory/") fi diff --git a/not-supported/veracrypt.sh b/not-supported/veracrypt.sh new file mode 100644 index 00000000..741ee618 --- /dev/null +++ b/not-supported/veracrypt.sh @@ -0,0 +1,239 @@ +#!/bin/bash + +# T&M Hansson IT AB © - 2020, https://www.hanssonit.se/ +# Copyright © 2020 Simon Lindner (https://github.com/szaimen) + +true +SCRIPT_NAME="Veracrypt" +SCRIPT_EXPLAINER="This script automates formatting, encrypting and mounting drives with Veracrypt." +# shellcheck source=lib.sh +source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) + +# Check for errors + debug code and abort if something isn't right +# 1 = ON +# 0 = OFF +DEBUG=0 +debug_mode + +# Check if root +root_check + +# Show explainer +msg_box "$SCRIPT_EXPLAINER" + +if ! is_this_installed veracrypt +then + if ! yesno_box_yes "Do you want to install $SCRIPT_NAME?" + then + exit 1 + fi + msg_box "Please note that in order to install Veracrypt on your server, \ +we need to add a 3rd Party PPA, which theoretically could set your server under risk." + if ! yesno_box_yes "Do you want to continue nonetheless?" + then + exit 1 + fi + msg_box "We wil now install veracrypt. This can take a long time. Please be patient!" + add-apt-repository ppa:unit193/encryption -y + apt update -q4 & spinner_loading + apt install veracrypt --no-install-recommends -y +fi + +# Discover drive +msg_box "Please disconnect your drive for now and connect it again AFTER you hit OK. +Otherwise we will not be able to detect it." +CURRENT_DRIVES=$(lsblk -o KNAME,TYPE | grep disk | awk '{print $1}') +count=0 +while [ "$count" -lt 60 ] +do + print_text_in_color "$ICyan" "Please connect your drive now." + sleep 5 & spinner_loading + echo "" + NEW_DRIVES=$(lsblk -o KNAME,TYPE | grep disk | awk '{print $1}') + if [ "$CURRENT_DRIVES" = "$NEW_DRIVES" ] + then + count=$((count+5)) + else + msg_box "A new drive was found. We will continue with the mounting now. +Please leave it connected." + break + fi +done + +# Exit if no new drive was found +if [ "$count" -ge 60 ] +then + msg_box "No new drive found within 60 seconds. +Please run this option again if you want to try again." + exit 1 +fi + +# Get all new drives +mapfile -t CURRENT_DRIVES <<< "$CURRENT_DRIVES" +for drive in "${CURRENT_DRIVES[@]}" +do + NEW_DRIVES=$(echo "$NEW_DRIVES" | grep -v "^$drive") +done + +# Partition menu +args=(whiptail --title "$TITLE" --menu \ +"Please select the drive that you would like to format and encrypt with Veracrypt. +$MENU_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4) + +# Get information that are important +mapfile -t NEW_DRIVES <<< "$NEW_DRIVES" +for drive in "${NEW_DRIVES[@]}" +do + DRIVE_DESCRIPTION=$(lsblk -o NAME,SIZE,VENDOR,MODEL | grep "^$drive" | awk '{print $2, $3, $4}') + args+=("/dev/$drive" " $DRIVE_DESCRIPTION") +done + +# Show the drive menu +DEVICE=$("${args[@]}" 3>&1 1>&2 2>&3) +if [ -z "$DEVICE" ] +then + exit 1 +fi + +# Ask for password +while : +do + PASSWORD=$(input_box_flow "Please enter the Password that you would like to use for encrypting your drive '$DEVICE' +It should be a strong password. +If you want to cancel, just type in 'exit' and press [ENTER].") + if [ "$PASSWORD" = "exit" ] + then + exit 1 + fi + if yesno_box_no "Have you saved the password at a safe place?" + then + break + fi +done + +# Last info box +if ! yesno_box_no "Warning: Are you really sure, that you want to format the drive '$DEVICE' and encrypt it? +All current files on the drive will be erased! +Select 'Yes' to continue with the process. Select 'No' to cancel." +then + exit 1 +fi + +# Inform user +msg_box "We will now format the drive '$DEVICE' and encrypt it with Veracrypt. Please be patient!" + +# Wipe drive +dd if=/dev/urandom of="$DEVICE" bs=1M count=2 +parted "$DEVICE" mklabel gpt --script +parted "$DEVICE" mkpart primary 0% 100% --script + +# Wait so that veracrypt doesn't fail +sleep 1 + +# Format drive +# https://relentlesscoding.com/posts/encrypt-device-with-veracrypt-from-the-command-line/ +if ! echo "$PASSWORD" \ +| veracrypt --text --quick \ +--non-interactive \ +--create "$DEVICE"1 \ +--volume-type=normal \ +--encryption=AES \ +--hash=SHA-512 \ +--filesystem=NTFS \ +--stdin > /dev/null +then + msg_box "Something failed while encypting with Veracrypt." + exit 1 +fi + +# Inform user +msg_box "Formatting and encryption with Veracrypt was successful!" + +# Mount it +if ! yesno_box_yes "Do you want to mount the encrypted partition to your server?" +then + exit 1 +fi + +# Get PARTUUID +PARTUUID=$(lsblk -o PATH,PARTUUID | grep "^$DEVICE"1 | awk '{print $2}') + +# Enter the mountpoint +while : +do + MOUNT_PATH=$(input_box_flow "Please type in the directory where you want to mount the partition. +One example is: '/mnt/data' +The directory has to start with '/mnt/' +If you want to cancel, type 'exit' and press [ENTER].") + if [ "$MOUNT_PATH" = "exit" ] + then + exit 1 + elif echo "$MOUNT_PATH" | grep -q " " + then + msg_box "Please don't use spaces!" + elif ! echo "$MOUNT_PATH" | grep -q "^/mnt/" + then + msg_box "The directory has to stat with '/mnt/'" + elif grep -q " $MOUNT_PATH " /etc/fstab + then + msg_box "The mountpoint already exists in fstab. Please try a different one." + elif mountpoint -q "$MOUNT_PATH" + then + msg_box "The mountpoint is already mounted. Please try a different one." + elif echo "$MOUNT_PATH" | grep -q "^/mnt/ncdata" + then + msg_box "The directory isn't allowed to start with '/mnt/ncdata'" + elif echo "$MOUNT_PATH" | grep -q "^/mnt/smbshares" + then + msg_box "The directory isn't allowed to start with '/mnt/smbshares'" + else + mkdir -p "$MOUNT_PATH" + if ! echo "$PASSWORD" | veracrypt -t -k "" --pim=0 --protect-hidden=no \ +--fs-options=windows_names,uid=www-data,gid=www-data,umask=007,\ +x-systemd.automount,x-systemd.idle-timeout=60 \ +"/dev/disk/by-partuuid/$PARTUUID" "$MOUNT_PATH" + then + msg_box "Something failed while trying to mount the Volume. Please try again." + else + break + fi + fi +done + +# Create automount script +# Unfortunately the automount via crypttab doesn't work (when using a passphrase-file) +if ! [ -f "$SCRIPTS/veracrypt-automount.sh" ] +then + cat << AUTOMOUNT > "$SCRIPTS/veracrypt-automount.sh" +#!/bin/bash + +# Secure the file +chown root:root "$SCRIPTS/veracrypt-automount.sh" +chmod 700 "$SCRIPTS/veracrypt-automount.sh" + +# Veracrypt entries +AUTOMOUNT +fi + +# Write to file +cat << AUTOMOUNT >> "$SCRIPTS/veracrypt-automount.sh" +echo "$PASSWORD" | veracrypt -t -k "" --pim=0 --protect-hidden=no \ +--fs-options=windows_names,uid=www-data,gid=www-data,umask=007,x-systemd.automount,x-systemd.idle-timeout=60 \ +"/dev/disk/by-partuuid/$PARTUUID" "$MOUNT_PATH" +AUTOMOUNT + +# Secure the file +chown root:root "$SCRIPTS/veracrypt-automount.sh" +chmod 700 "$SCRIPTS/veracrypt-automount.sh" + +# Create crontab +crontab -u root -l | grep -v 'veracrypt-automount.sh' | crontab -u root - +# Here we want to get informed if something fails hence not redirecting sterr to /dev/null +crontab -u root -l | { cat; echo "@reboot $SCRIPTS/veracrypt-automount.sh > /dev/null"; } | crontab -u root - + +# Inform the user +msg_box "Congratulations! The mount was successful. +You can now access the partition here: +$MOUNT_PATH" + +exit