#!/bin/bash # # Business Central Backup System - Setup Script # Installs dependencies and configures the backup environment # set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" CONFIG_FILE="${SCRIPT_DIR}/bc-backup.conf" TEMPLATE_FILE="${SCRIPT_DIR}/bc-backup.conf.template" # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color echo_info() { echo -e "${BLUE}[INFO]${NC} $*" } echo_success() { echo -e "${GREEN}[SUCCESS]${NC} $*" } echo_warn() { echo -e "${YELLOW}[WARN]${NC} $*" } echo_error() { echo -e "${RED}[ERROR]${NC} $*" } check_command() { if command -v "$1" &> /dev/null; then echo_success "$1 is installed" return 0 else echo_warn "$1 is NOT installed" return 1 fi } echo_info "=========================================" echo_info "Business Central Backup System Setup" echo_info "=========================================" echo "" # Detect OS if [[ -f /etc/os-release ]]; then . /etc/os-release OS=$ID VER=$VERSION_ID echo_info "Detected OS: $PRETTY_NAME" else echo_error "Cannot detect OS" exit 1 fi # Check if running as root if [[ $EUID -eq 0 ]]; then echo_warn "Running as root. Dependencies will be installed system-wide." SUDO="" else echo_info "Running as regular user. May prompt for sudo password." SUDO="sudo" fi echo "" echo_info "=== Checking Dependencies ===" echo "" # Track what needs to be installed MISSING_DEPS=() # Check PowerShell echo_info "Checking PowerShell..." if ! check_command pwsh; then MISSING_DEPS+=("pwsh") fi # Check GPG echo_info "Checking GPG..." if ! check_command gpg; then MISSING_DEPS+=("gpg") fi # Check AWS CLI echo_info "Checking AWS CLI..." if ! check_command aws; then MISSING_DEPS+=("awscli") fi # Check curl and wget echo_info "Checking curl..." check_command curl || MISSING_DEPS+=("curl") echo_info "Checking wget..." check_command wget || MISSING_DEPS+=("wget") # Check jq (useful for debugging) echo_info "Checking jq (optional)..." check_command jq || echo_warn "jq not installed (optional, useful for JSON parsing)" # Install missing dependencies if [[ ${#MISSING_DEPS[@]} -gt 0 ]]; then echo "" echo_warn "Missing dependencies: ${MISSING_DEPS[*]}" echo "" read -p "Install missing dependencies? (y/n) " -n 1 -r echo if [[ $REPLY =~ ^[Yy]$ ]]; then for dep in "${MISSING_DEPS[@]}"; do echo_info "Installing $dep..." case $dep in pwsh) # Install PowerShell case $OS in ubuntu|debian) # Download Microsoft repository GPG keys wget -q "https://packages.microsoft.com/config/$OS/$VER/packages-microsoft-prod.deb" -O /tmp/packages-microsoft-prod.deb $SUDO dpkg -i /tmp/packages-microsoft-prod.deb rm /tmp/packages-microsoft-prod.deb $SUDO apt-get update $SUDO apt-get install -y powershell ;; centos|rhel|fedora) $SUDO rpm --import https://packages.microsoft.com/keys/microsoft.asc curl -o /tmp/packages-microsoft-prod.rpm "https://packages.microsoft.com/config/$OS/$VER/packages-microsoft-prod.rpm" $SUDO rpm -i /tmp/packages-microsoft-prod.rpm rm /tmp/packages-microsoft-prod.rpm $SUDO yum install -y powershell ;; *) echo_error "Unsupported OS for automatic PowerShell installation" echo_info "Please install PowerShell manually: https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-linux" ;; esac ;; gpg) # Install GPG case $OS in ubuntu|debian) $SUDO apt-get update $SUDO apt-get install -y gnupg ;; centos|rhel|fedora) $SUDO yum install -y gnupg2 ;; *) echo_error "Unsupported OS for automatic GPG installation" ;; esac ;; awscli) # Install AWS CLI v2 echo_info "Installing AWS CLI v2..." case $(uname -m) in x86_64) curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/tmp/awscliv2.zip" ;; aarch64) curl "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip" -o "/tmp/awscliv2.zip" ;; *) echo_error "Unsupported architecture for AWS CLI" continue ;; esac unzip -q /tmp/awscliv2.zip -d /tmp $SUDO /tmp/aws/install rm -rf /tmp/aws /tmp/awscliv2.zip ;; curl) case $OS in ubuntu|debian) $SUDO apt-get update $SUDO apt-get install -y curl ;; centos|rhel|fedora) $SUDO yum install -y curl ;; esac ;; wget) case $OS in ubuntu|debian) $SUDO apt-get update $SUDO apt-get install -y wget ;; centos|rhel|fedora) $SUDO yum install -y wget ;; esac ;; esac done else echo_error "Cannot proceed without required dependencies" exit 1 fi fi echo "" echo_success "All required dependencies are installed" echo "" # Create directory structure echo_info "=== Setting up directory structure ===" mkdir -p "${SCRIPT_DIR}/logs" mkdir -p "${SCRIPT_DIR}/temp" echo_success "Created logs/ and temp/ directories" # Set up configuration file echo "" echo_info "=== Configuration Setup ===" if [[ -f "${CONFIG_FILE}" ]]; then echo_warn "Configuration file already exists: ${CONFIG_FILE}" read -p "Overwrite with template? (y/n) " -n 1 -r echo if [[ $REPLY =~ ^[Yy]$ ]]; then cp "${TEMPLATE_FILE}" "${CONFIG_FILE}" echo_success "Configuration template copied to bc-backup.conf" fi else cp "${TEMPLATE_FILE}" "${CONFIG_FILE}" echo_success "Configuration template copied to bc-backup.conf" fi # Make scripts executable echo "" echo_info "=== Setting permissions ===" chmod +x "${SCRIPT_DIR}/bc-backup.sh" chmod +x "${SCRIPT_DIR}/bc-export.ps1" chmod 600 "${CONFIG_FILE}" # Restrict config file permissions echo_success "Scripts are now executable" echo_success "Config file permissions set to 600 (owner read/write only)" # Test AWS CLI configuration echo "" echo_info "=== Testing AWS CLI ===" if [[ -f "${CONFIG_FILE}" ]]; then # Source config to test if grep -q 'AWS_ACCESS_KEY_ID=""' "${CONFIG_FILE}"; then echo_warn "AWS credentials not yet configured in bc-backup.conf" else echo_info "AWS CLI appears to be configured in bc-backup.conf" fi fi # S3 bucket object lock check echo "" echo_info "=== Important: S3 Object Lock Configuration ===" echo_warn "Your S3 bucket MUST have Object Lock enabled for immutability" echo_info "Object Lock can only be enabled when creating a bucket" echo "" echo_info "To create an S3 bucket with Object Lock (AWS example):" echo " aws s3api create-bucket --bucket YOUR-BUCKET-NAME \\" echo " --region YOUR-REGION \\" echo " --create-bucket-configuration LocationConstraint=YOUR-REGION \\" echo " --object-lock-enabled-for-bucket" echo "" echo_info "Then configure default retention:" echo " aws s3api put-object-lock-configuration --bucket YOUR-BUCKET-NAME \\" echo " --object-lock-configuration '{\"ObjectLockEnabled\":\"Enabled\",\"Rule\":{\"DefaultRetention\":{\"Mode\":\"COMPLIANCE\",\"Days\":30}}}'" echo "" # Setup cron job echo "" echo_info "=== Cron Job Setup ===" echo_info "To run backups hourly, add this to your crontab:" echo "" echo " 0 * * * * ${SCRIPT_DIR}/bc-backup.sh >> ${SCRIPT_DIR}/logs/cron.log 2>&1" echo "" read -p "Add this cron job now? (y/n) " -n 1 -r echo if [[ $REPLY =~ ^[Yy]$ ]]; then CRON_CMD="0 * * * * ${SCRIPT_DIR}/bc-backup.sh >> ${SCRIPT_DIR}/logs/cron.log 2>&1" (crontab -l 2>/dev/null | grep -v "${SCRIPT_DIR}/bc-backup.sh"; echo "$CRON_CMD") | crontab - echo_success "Cron job added successfully" echo_info "View your crontab with: crontab -l" else echo_info "Skipped cron job setup. You can add it manually later." fi # Final instructions echo "" echo_info "=========================================" echo_success "Setup completed successfully!" echo_info "=========================================" echo "" echo_info "Next steps:" echo "" echo "1. Edit configuration file:" echo " nano ${CONFIG_FILE}" echo "" echo "2. Fill in the following required values:" echo " - AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET" echo " - BC_ENVIRONMENT_NAME" echo " - ENCRYPTION_PASSPHRASE (generate with: openssl rand -base64 32)" echo " - S3_BUCKET, S3_ENDPOINT" echo " - AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY" echo "" echo "3. Test the backup manually:" echo " ${SCRIPT_DIR}/bc-backup.sh" echo "" echo "4. Check logs for any issues:" echo " tail -f ${SCRIPT_DIR}/logs/backup.log" echo "" echo_warn "IMPORTANT: Store your ENCRYPTION_PASSPHRASE securely!" echo_warn "Without it, you cannot decrypt your backups." echo ""