From 8c3e73695aa5036a876418ce7f2fe71a88f950d9 Mon Sep 17 00:00:00 2001
From: Frank Brehm <frank@brehm-online.com>
Date: Tue, 18 May 2021 09:34:34 +0200
Subject: [PATCH] Finishing LDAP backup

---
 bin/manual-backup | 55 +++++++++++++++++++++++++++++++++++++----------
 etc/.gitignore    |  1 +
 lib/functions.rc  | 29 +++++++++++++++++++++++++
 3 files changed, 74 insertions(+), 11 deletions(-)

diff --git a/bin/manual-backup b/bin/manual-backup
index f0cad29..4431926 100755
--- a/bin/manual-backup
+++ b/bin/manual-backup
@@ -31,8 +31,10 @@ BACKUP_DIR="${BACKUP_HOSTDIR}/${CDATE}"
 
 DO_MYSQL="n"
 DO_POSTGRES="n"
+DO_LDAP="n"
 
 declare -a REMOTE_HOSTS=()
+declare -a LDAP_ROOT_DNS=()
 
 DESCRIPTION=$( cat <<-EOF
 	Macht mal eben so ein Backup.
@@ -397,7 +399,6 @@ do_postgres_backup() {
 #------------------------------------------------------------------------------
 do_backup_ldap() {
 
-    local dumpfile="${BACKUP_DIR}/ldap.dump.ldif.gz"
 
     if ps -ef | grep slapd | grep -v grep >/dev/null ; then
         :
@@ -406,14 +407,14 @@ do_backup_ldap() {
         return
     fi
 
-    empty_line
-    info "Dumping OpenLDAP Datenbank -> '${CYAN}${dumpfile}${NORMAL}' ..."
+    local dumpfile="${BACKUP_DIR}/ldap-cfg.dump.ldif.gz"
 
-    local cmd="ldapsearch -D \"${LDAP_DN}\" -x -h localhost"
+    empty_line
+    info "Dumping OpenLDAP Config -> '${CYAN}${dumpfile}${NORMAL}' ..."
+    local cmd="ldapsearch -Y EXTERNAL -Q -LLL -o ldif-wrap=no -H ldapi:/// -b \"cn=config\""
     if [[ "${VERBOSE}" == "y" ]] ; then
-        cmd+=" --verbose"
+        cmd+=" -v"
     fi
-    cmd+=" -z 10000 -w \"${LDAP_PW}\" -b \"${LDAP_SEARCH_BASE}\""
     cmd+=" | gzip -9"
     if [[ "${VERBOSE}" == "y" ]] ; then
         cmd+=" --verbose"
@@ -421,10 +422,40 @@ do_backup_ldap() {
     cmd+=" > \"${dumpfile}\""
     if [[ "${SIMULATE}" == "y" ]] ; then
         info "Executing: ${cmd}"
-        return
+    else
+        debug "Executing: ${cmd}"
+        eval ${cmd}
     fi
-    debug "Executing: ${cmd}"
-    eval ${cmd}
+
+    local dn=
+    local clean_dn=
+
+    for dn in "${LDAP_ROOT_DNS[@]}" ; do
+
+        clean_dn=$( echo "${dn}" | sed -e 's/^[ 	]*//' -e 's/[ 	]*$//' -e 's/[ 	][ 	]*/_/g' )
+        dumpfile="${BACKUP_DIR}/ldap-db.${clean_dn}.dump.ldif.gz"
+
+        empty_line
+        info "Dumping OpenLDAP Datenbank '${CYAN}${dn}${NORMAL}' -> '${CYAN}${dumpfile}${NORMAL}' ..."
+
+        cmd="ldapsearch -Y EXTERNAL -Q -LLL -o ldif-wrap=no -H ldapi:///"
+        if [[ "${VERBOSE}" == "y" ]] ; then
+            cmd+=" -v"
+        fi
+        cmd+=" -b \"${dn}\" '+' '*' | gzip -9"
+        if [[ "${VERBOSE}" == "y" ]] ; then
+            cmd+=" --verbose"
+        fi
+        cmd+=" > \"${dumpfile}\""
+        if [[ "${SIMULATE}" == "y" ]] ; then
+            info "Executing: ${cmd}"
+        else
+            debug "Executing: ${cmd}"
+            eval ${cmd}
+        fi
+
+    done
+
     debug "Finished LDAP dump."
 
 }
@@ -500,7 +531,6 @@ clean_old_backups() {
         info "Removing '${bdir}' ..."
         RM --recursive "${bdir}"
 
-
     done
 
 }
@@ -539,6 +569,7 @@ sync_to_remote() {
 #------------------------------------------------------------------------------
 main() {
 
+    eval_config
     get_options "$@"
     umask 0022
 
@@ -555,7 +586,9 @@ main() {
     if [[ "${DO_POSTGRES}" == "y" ]] ; then
         do_postgres_backup
     fi
-    do_backup_ldap
+    if [[ "${DO_LDAP}" == "y" ]] ; then
+        do_backup_ldap
+    fi
     create_checksums
     clean_old_backups
     sync_to_remote
diff --git a/etc/.gitignore b/etc/.gitignore
index 3ad10b1..b38ee08 100644
--- a/etc/.gitignore
+++ b/etc/.gitignore
@@ -1,3 +1,4 @@
 *.ini
 *.conf
+*.rc
 mk-home.logging.json
diff --git a/lib/functions.rc b/lib/functions.rc
index 89d6900..c8abf0d 100644
--- a/lib/functions.rc
+++ b/lib/functions.rc
@@ -591,4 +591,33 @@ yes_or_no() {
 
 }
 
+#------------------------------------------------------------------------------
+eval_config() {
+
+    local this_script_real=$( readlink -f "$0" )
+    local script_base=$( basename "${this_script_real}" ".sh" )
+    local bin_dir=$( dirname "${this_script_real}" )
+    local base_dir=$( dirname "${bin_dir}" )
+    local etc_dir="${base_dir}/etc"
+    local rc_file="${etc_dir}/${script_base}.rc"
+
+    debug "Searching for script config resource file '${CYAN}${rc_file}${NORMAL}' ..."
+
+    if [[ ! -d "${etc_dir}" ]] ; then
+        return
+    fi
+    if [[ ! -e "${rc_file}" ]] ; then
+        return
+    fi
+
+    if [[ ! -f "${rc_file}" ]] ; then
+        error "Script config resource file '${RED}${rc_file}${NORMAL}' exists, but is not a regular file."
+        return
+    fi
+
+    debug "Sourcing script config resource file '${CYAN}${rc_file}${NORMAL}' ..."
+    source "${rc_file}"
+
+}
+
 # vim: filetype=sh ts=4 et list
-- 
2.39.5