LibrePortal/scripts/backup/engine/restic_install.sh
librelad 43779a992b harden(desudo): backup engines (restic/kopia/borg) + crowdsec host helpers
- restic_install, crowdsec_update/verify_firewall/fix_priority: pure host
  ops (apt/cscli/nft/systemctl, /etc/crowdsec) -> runSystem.
- kopia_backup/borg_restore: ignore-file/target tee+chown+mkdir -> runFileOp/
  runFileWrite; kept the 'sudo -E -u dockerinstall' engine calls as-is —
  those already run as the unprivileged backup user (least-privilege; the
  scoped sudoers will permit (dockerinstall)).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 23:48:23 +01:00

50 lines
1.6 KiB
Bash

#!/bin/bash
resticInstall()
{
if command -v restic >/dev/null 2>&1; then
local installed_version
installed_version=$(restic version 2>/dev/null | head -1 | awk '{print $2}')
isNotice "restic already installed (version: $installed_version)"
return 0
fi
isHeader "Installing restic"
if command -v apt-get >/dev/null 2>&1; then
runSystem apt-get update -qq >/dev/null
if runSystem apt-get install -y restic >/dev/null 2>&1; then
checkSuccess "restic installed via apt"
runSystem restic self-update >/dev/null 2>&1 || true
return 0
fi
elif command -v dnf >/dev/null 2>&1; then
runSystem dnf install -y restic && return 0
elif command -v pacman >/dev/null 2>&1; then
runSystem pacman -S --noconfirm restic && return 0
fi
isNotice "Package manager install unavailable — downloading restic binary"
local arch
arch=$(uname -m)
case "$arch" in
x86_64) arch=amd64 ;;
aarch64) arch=arm64 ;;
armv7l) arch=arm ;;
*) isError "Unsupported architecture: $arch"; return 1 ;;
esac
local tmp
tmp=$(mktemp -d)
if curl -sL "https://github.com/restic/restic/releases/latest/download/restic_linux_${arch}.bz2" -o "$tmp/restic.bz2"; then
bunzip2 "$tmp/restic.bz2"
runSystem install -m 0755 "$tmp/restic" /usr/local/bin/restic
rm -rf "$tmp"
checkSuccess "restic installed to /usr/local/bin/restic"
else
rm -rf "$tmp"
isError "Failed to download restic"
return 1
fi
}