The borg/restic/kopia engines all dropped to the dedicated backup user via scattered 'sudo -E -u $docker_install_user'. Centralize that into a single runBackupOp helper so the backup subsystem has one audit point and the scoped sudoers needs only the (dockerinstall) drop rule. Also: - owncloud config heredoc tees -> runSystem (container-UID file) - webui_display_logins: fix the broken 'command -v sudo sqlite3' guard to 'command -v sqlite3' (body already runs sqlite3 via runInstallOp) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
48 lines
1.0 KiB
Bash
48 lines
1.0 KiB
Bash
#!/bin/bash
|
|
|
|
resticSnapshotsJson()
|
|
{
|
|
local idx="$1"
|
|
local app_filter="$2"
|
|
local host_filter="$3"
|
|
|
|
resticEnvExport "$idx" || return 1
|
|
|
|
local args=(snapshots --json --no-lock)
|
|
[[ -n "$app_filter" ]] && args+=(--tag "app=$app_filter")
|
|
[[ -n "$host_filter" ]] && args+=(--host "$host_filter")
|
|
|
|
runBackupOp restic "${args[@]}" 2>/dev/null
|
|
local rc=$?
|
|
resticEnvUnset
|
|
return $rc
|
|
}
|
|
|
|
resticSnapshotLatestId()
|
|
{
|
|
local idx="$1"
|
|
local app_name="$2"
|
|
local host="${3:-$CFG_INSTALL_NAME}"
|
|
|
|
resticEnvExport "$idx" || return 1
|
|
local id
|
|
id=$(runBackupOp restic snapshots \
|
|
--tag "app=$app_name" --host "$host" \
|
|
--latest 1 --json --no-lock 2>/dev/null | \
|
|
grep -o '"short_id":"[^"]*"' | head -1 | cut -d'"' -f4)
|
|
resticEnvUnset
|
|
echo "$id"
|
|
}
|
|
|
|
resticSnapshotListFiles()
|
|
{
|
|
local idx="$1"
|
|
local snapshot_id="$2"
|
|
|
|
resticEnvExport "$idx" || return 1
|
|
runBackupOp restic ls --json --no-lock "$snapshot_id" 2>/dev/null
|
|
local rc=$?
|
|
resticEnvUnset
|
|
return $rc
|
|
}
|