mirror of https://github.com/lukechilds/umbrel.git
Lounès Ksouri
3 years ago
committed by
GitHub
GitHub
1 changed files with 92 additions and 0 deletions
@ -0,0 +1,92 @@ |
|||||
|
#!/usr/bin/env bash |
||||
|
|
||||
|
set -euo pipefail |
||||
|
|
||||
|
UMBREL_ROOT="$(readlink -f $(dirname "${BASH_SOURCE[0]}")/../..)" |
||||
|
RESTORE_ID="$RANDOM" |
||||
|
|
||||
|
show_help() { |
||||
|
cat << EOF |
||||
|
restore 0.0.1 |
||||
|
|
||||
|
CLI for restoring Umbrel backups (SCB). The file is decrypted if necessary. |
||||
|
|
||||
|
Usage: restore <path-to-backup-file> |
||||
|
EOF |
||||
|
} |
||||
|
|
||||
|
check_dependencies () { |
||||
|
for cmd in "$@"; do |
||||
|
if ! command -v "$cmd" >/dev/null 2>&1; then |
||||
|
echo "This script requires \"${cmd}\" to be installed" |
||||
|
exit 1 |
||||
|
fi |
||||
|
done |
||||
|
} |
||||
|
|
||||
|
check_dependencies openssl tar gpg |
||||
|
|
||||
|
# Deterministically derives 128 bits of cryptographically secure entropy |
||||
|
derive_entropy () { |
||||
|
identifier="${1}" |
||||
|
umbrel_seed=$(cat "${UMBREL_ROOT}/db/umbrel-seed/seed") || true |
||||
|
|
||||
|
if [[ -z "$umbrel_seed" ]] || [[ -z "$identifier" ]]; then |
||||
|
>&2 echo "Missing derivation parameter, this is unsafe, exiting." |
||||
|
exit 1 |
||||
|
fi |
||||
|
|
||||
|
# We need `sed 's/^.* //'` to trim the "(stdin)= " prefix from some versions of openssl |
||||
|
printf "%s" "${identifier}" | openssl dgst -sha256 -hmac "${umbrel_seed}" | sed 's/^.* //' |
||||
|
} |
||||
|
|
||||
|
echo "Deriving keys..." |
||||
|
|
||||
|
backup_id=$(derive_entropy "umbrel_backup_id") |
||||
|
encryption_key=$(derive_entropy "umbrel_backup_encryption_key") |
||||
|
|
||||
|
if [ -z ${1+x} ]; then |
||||
|
show_help |
||||
|
exit 1 |
||||
|
else |
||||
|
BACKUP_FILE="$1" |
||||
|
fi |
||||
|
|
||||
|
if [[ "$BACKUP_FILE" == *.pgp ]]; then |
||||
|
echo "Backup is encrypted, decrypting backup..." |
||||
|
|
||||
|
BACKUP_FOLDER_PATH="/tmp/backup-$RESTORE_ID" |
||||
|
mkdir -p "${BACKUP_FOLDER_PATH}" |
||||
|
|
||||
|
cat "${BACKUP_FILE}" | gpg \ |
||||
|
--batch \ |
||||
|
--decrypt \ |
||||
|
--passphrase "${encryption_key}" \ |
||||
|
| tar \ |
||||
|
--extract \ |
||||
|
--verbose \ |
||||
|
--gzip \ |
||||
|
--directory "$BACKUP_FOLDER_PATH" \ |
||||
|
|| { |
||||
|
echo "Failed to decrypt backup, exiting..." |
||||
|
exit 1 |
||||
|
} |
||||
|
|
||||
|
BACKUP_FILE="$BACKUP_FOLDER_PATH/backup/channel.backup" |
||||
|
|
||||
|
echo "Backup decrypted." |
||||
|
fi |
||||
|
|
||||
|
BACKUP_FILE_LND="$UMBREL_ROOT/lnd/channel-$RESTORE_ID.backup" |
||||
|
mv -f "$BACKUP_FILE" "$BACKUP_FILE_LND" |
||||
|
|
||||
|
echo "Restoring channel backup..." |
||||
|
echo "This can take a while, depending on your number of channels." |
||||
|
|
||||
|
$UMBREL_ROOT/bin/lncli restorechanbackup --multi_file "/data/.lnd/channel-$RESTORE_ID.backup" |
||||
|
|
||||
|
echo "Cleaning files..." |
||||
|
|
||||
|
rm -Rf "$BACKUP_FOLDER_PATH" "$BACKUP_FILE_LND" |
||||
|
|
||||
|
echo "Done!" |
||||
Loading…
Reference in new issue