labca/restore

#!/usr/bin/env bash

set -e

FILE=/opt/backup/$1

[ "$1" != "" ] || (echo "You must provide a backup file name to restore"; exit 1)
[ -f $FILE ] || (echo "Backup file '$FILE' not found"; exit 1)

BASE=$(echo "$FILE" | perl -p0e "s/.*\/(.*).tgz/\1/")
TMPDIR=/tmp/$BASE

cd /tmp
tar xzf $FILE 2>&1

cd /opt/boulder
[ -f $TMPDIR/boulder_sa_integration.sql ] || (echo "MySQL backup file not found"; exit 1)
sed -i -e "s/\(INSERT INTO \`gorp_migrations\`.*\)/-- \1/" $TMPDIR/boulder_sa_integration.sql
docker compose exec bmysql mysql boulder_sa_integration <$TMPDIR/boulder_sa_integration.sql

mv -f $TMPDIR/*key* $TMPDIR/*cert.pem $TMPDIR/*.csr /etc/nginx/ssl/

[ -d  $TMPDIR/data ] || (echo "Data folder backup not found"; exit 1)
vrs=$(grep version /opt/labca/data/config.json | sed -e 's/.*:[ ]*//' | sed -e 's/\",//g' | sed -e 's/\"//g')
rm -rf /opt/labca/data/* && mv $TMPDIR/data/* /opt/labca/data/
sed -i -e "s/\"version\": \".*\"/\"version\": \"$vrs\"/" /opt/labca/data/config.json

[ -d  $TMPDIR/webpki ] || (echo "Public CA files backup not found"; exit 1)
rm -rf /opt/boulder/labca/certs/webpki/* && mv $TMPDIR/webpki/* /opt/boulder/labca/certs/webpki/

[ -d  $TMPDIR/tokens ] || (echo "SoftHSMv2 tokens folder backup not found"; exit 1)
rm -rf /var/lib/softhsm/tokens/* && mv $TMPDIR/tokens/* /var/lib/softhsm/tokens/

rm -rf $TMPDIR