Foris interface only allows you to make a full restore from a backup. Sometimes you may wish to do partial retrieval or just check the diff between the current state of the system and the backup.
In order to do so you're going to need registration_code (available via /usr/share/server-uplink/registration_code
in Omnia) and the password you set in the Foris Cloud backup page.
The following script pulls the latest backup, decrypts it and puts it into /tmp/turris_cloud_backup.tar.bz2
for inspection. Script needs to be run on a Linux machine with pbkdf2
python lib, jq
and gpg
installed.
#!/bin/bash REG_CODE=$(cat /usr/share/server-uplink/registration_code) URL="https://rb.turris.cz" read -s -p "Put cloud backup password (as set in Foris): " PASSWORD HASHED_PASS=$(python -c 'import pbkdf2, sys; print(pbkdf2.crypt(sys.argv[1], "", iterations=1000))' "${PASSWORD}") # list backups with ids latest_backup_id=$(curl -s 'Content-Type: application/json' -H "Authorization:Token ${REG_CODE}" "${URL}/backups/" | jq '.[0]["id"]') echo "Retrieving latest backup with ID ${latest_backup_id}.." # download a backup with specified id curl -s -o /tmp/turris_cloud_backup.tbz.gpg -H 'Content-Type: application/json' -H "Authorization:Token ${REG_CODE}" "${URL}/backups/${latest_backup_id}/" echo "Decrypting.." echo "${HASHED_PASS}" | gpg --yes --batch -d -o /tmp/turris_cloud_backup.tar.bz2 --passphrase-fd 0 /tmp/turris_cloud_backup.tbz.gpg ret=$? echo "Deleting encrypted backup.." rm /tmp/turris_cloud_backup.tbz.gpg if [ "$ret" -eq 0 ] then echo "If all went well the unencrypted backup is in /tmp/turris_cloud_backup.tar.bz2" else echo "Looks like there's an issue - maybe the password is incorrect?" fi
source: https://forum.turris.cz/t/ako-sa-da-dostat-ku-cloudovym-zaloham/