The borg/restic/kopia engines all dropped to the dedicated backup user via scattered 'sudo -E -u $docker_install_user'. Centralize that into a single runBackupOp helper so the backup subsystem has one audit point and the scoped sudoers needs only the (dockerinstall) drop rule. Also: - owncloud config heredoc tees -> runSystem (container-UID file) - webui_display_logins: fix the broken 'command -v sudo sqlite3' guard to 'command -v sqlite3' (body already runs sqlite3 via runInstallOp) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
50 lines
1.2 KiB
Bash
50 lines
1.2 KiB
Bash
#!/bin/bash
|
|
|
|
borgRestoreSnapshot()
|
|
{
|
|
local idx="$1"
|
|
local snapshot_id="$2"
|
|
local target_dir="$3"
|
|
local include_path="$4"
|
|
|
|
if [[ -z "$snapshot_id" || -z "$target_dir" ]]; then
|
|
isError "borgRestoreSnapshot requires snapshot_id and target_dir"
|
|
return 1
|
|
fi
|
|
|
|
borgEnvExport "$idx" || return 1
|
|
runFileOp mkdir -p "$target_dir"
|
|
|
|
isNotice "Restoring $snapshot_id from $(resticLocationName "$idx") → $target_dir"
|
|
local rc
|
|
if [[ -n "$include_path" ]]; then
|
|
local stripped="${include_path#/}"
|
|
( cd "$target_dir" && runBackupOp borg extract "::$snapshot_id" "$stripped" )
|
|
rc=$?
|
|
else
|
|
( cd "$target_dir" && runBackupOp borg extract "::$snapshot_id" )
|
|
rc=$?
|
|
fi
|
|
borgEnvUnset
|
|
return $rc
|
|
}
|
|
|
|
borgDumpFile()
|
|
{
|
|
local idx="$1"
|
|
local snapshot_id="$2"
|
|
local file_path="$3"
|
|
local target_file="$4"
|
|
|
|
borgEnvExport "$idx" || return 1
|
|
local stripped="${file_path#/}"
|
|
if [[ -n "$target_file" ]]; then
|
|
runBackupOp borg extract --stdout "::$snapshot_id" "$stripped" | runFileWrite "$target_file"
|
|
else
|
|
runBackupOp borg extract --stdout "::$snapshot_id" "$stripped"
|
|
fi
|
|
local rc=$?
|
|
borgEnvUnset
|
|
return $rc
|
|
}
|