Minor updates to backup/restoration reliability

deploy.sh

@@ -27,10 +27,10 @@ fi
 DOMAIN_NAME=
 RESTORE_ARCHIVE=
 VPS_HOSTING_TARGET=lxd
-RUN_CERT_RENEWAL=true
+RUN_CERT_RENEWAL=false
 RESTORE_WWW=false
-BACKUP_CERTS=false
-BACKUP_APPS=false
+BACKUP_CERTS=true
+BACKUP_APPS=true
 BACKUP_BTCPAY=false
 RESTORE_BTCPAY=false
 MIGRATE_WWW=false

deployment/www/restore_path.sh

@@ -21,8 +21,11 @@ fi
 ssh "$PRIMARY_WWW_FQDN" sudo rm -rf "$REMOTE_SOURCE_BACKUP_PATH"
 
 # scp our local backup directory to the remote machine
-ssh "$PRIMARY_WWW_FQDN" "sudo mkdir -p $REMOTE_BACKUP_PATH && sudo chown ubuntu:ubuntu $REMOTE_BACKUP_PATH"
+ssh "$PRIMARY_WWW_FQDN" sudo mkdir -p "$REMOTE_BACKUP_PATH"
+ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_BACKUP_PATH"
+
 scp -r "$LOCAL_BACKUP_PATH" "$PRIMARY_WWW_FQDN:$REMOTE_BACKUP_PATH"
 
 # now we run duplicity to restore the archive.
-ssh "$PRIMARY_WWW_FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/$BACKUP_TIMESTAMP" "$REMOTE_HOME/"
+ssh "$PRIMARY_WWW_FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/$BACKUP_TIMESTAMP" "$REMOTE_SOURCE_BACKUP_PATH/"
+

deployment/www/stop_docker_stacks.sh

@@ -39,7 +39,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
 
             if [ "$RESTORE_WWW" = true ]; then
                 ./restore_path.sh
-
+                ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
             elif [ "$BACKUP_APPS"  = true ]; then
                 # if we're not restoring, then we may or may not back up.
                 ./backup_path.sh
@@ -64,26 +64,33 @@ if [ "$RUN_CERT_RENEWAL" = true ]; then
     ./generate_certs.sh
 fi
 
-if [ "$BACKUP_CERTS" = true ]; then
-    # Back each domain's certificates under /home/ubuntu/letsencrypt/domain
-    for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
-        export DOMAIN_NAME="$DOMAIN_NAME"
-        export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
+# Back each domain's certificates under /home/ubuntu/letsencrypt/domain
+for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
+    export DOMAIN_NAME="$DOMAIN_NAME"
+    export SITE_PATH="$SITES_PATH/$DOMAIN_NAME"
 
-        # source the site path so we know what features it has.
-        source ../../reset_env.sh
-        source "$SITE_PATH/site_definition"
-        source ../../domain_env.sh
+    # source the site path so we know what features it has.
+    source ../../reset_env.sh
+    source "$SITE_PATH/site_definition"
+    source ../../domain_env.sh
 
-        # these variable are used by both backup/restore scripts.
-        export APP="letsencrypt"
-        export REMOTE_BACKUP_PATH="$REMOTE_HOME/backups/www/$APP/$DOCKER_STACK_SUFFIX"
-        export REMOTE_SOURCE_BACKUP_PATH="$REMOTE_HOME/$APP/$DOMAIN_NAME"
+    # these variable are used by both backup/restore scripts.
+    export APP="letsencrypt"
+    export REMOTE_BACKUP_PATH="$REMOTE_HOME/backups/www/$APP/$DOCKER_STACK_SUFFIX"
+    export REMOTE_SOURCE_BACKUP_PATH="$REMOTE_HOME/$APP/$DOMAIN_NAME"
 
-        # ensure our local backup path exists so we can pull down the duplicity archive to the management machine.
-        export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP/$BACKUP_TIMESTAMP"
-        mkdir -p "$LOCAL_BACKUP_PATH"
+    # ensure our local backup path exists so we can pull down the duplicity archive to the management machine.
+    export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP/$BACKUP_TIMESTAMP"
+    mkdir -p "$LOCAL_BACKUP_PATH"
 
+    if [ "$RESTORE_WWW" = true ]; then
+        sleep 5
+        echo "STARTING restore_path.sh for letsencrypt."
+        ./restore_path.sh
+        ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
+    elif [ "$BACKUP_APPS"  = true ]; then
+        # if we're not restoring, then we may or may not back up.
         ./backup_path.sh
-    done
-fi
+        
+    fi
+done