# +---------------------------------------------------+
# System Restore
# +---------------------------------------------------+
function func_system-restore() {
  func_echo-header

  echo -e ""
  echo -e "System Restore"
  echo -e ""
  echo -e "$red !!!WARNING!!! $clean"
  echo -e "System Restore is intended to be used in disaster recovery"
  echo -e "situations only as a last resort! Rolling back the system"
  echo -e "to a recent backup can have consequences, such as the need to"
  echo -e "clean up MySQL databases and loss of recent configuration changes."
  echo -e ""
  echo -en "$green[eFa]$clean Are you sure you want to continue? (y/N):"
  local TMPRECOVER
  read TMPRECOVER
  local flag=0
  while [[ $flag != "1" ]]
    do
      if [[ $TMPRECOVER == "N" || $TMPRECOVER == "n" || $TMPRECOVER == "" ]]; then
        flag=1
      elif [[ $TMPRECOVER = "Y" || $TMPRECOVER == "y" ]]; then
        # Gather backups
        local BACKUPLIST
        BACKUPLIST=(`find /var/eFa/backup -type f | grep tar\.gz$`)
        if [[ -n $BACKUPLIST ]]; then
          func_echo-header
          echo -e "Backup Listing"
          echo -e ""
          local tLen=${#BACKUPLIST[@]}
          for (( y=0; y<$tLen; y++ ));
          do
            echo -e "$((y+1))) ${BACKUPLIST[$y]}"
          done
          local flag2=0
          echo -e ""
          echo -en "Choose a backup or press $green (e) $clean to exit:"
          while [[ $flag2 != "1" ]]
          do
            local choice
            read choice
            case $choice in
              +([0-9]))  
                if [[ $choice > 0 && $choice < $((tLen+1)) ]]; then
                  echo -e "You have chosen $green $choice $clean"
                  echo -e ""
                  echo -e "$choice) ${BACKUPLIST[$((choice-1))]}"
                  echo -e ""
                  echo -e "Proceed with restore? (y/N)"
                  local TMPRESTORE
                  read TMPRESTORE
                  local flag3=0
                  while [[ $flag3 != "1" ]]
                  do
                    if [[ $TMPRESTORE == "n" || $TMPRESTORE == "N" || $TMPRESTORE == "" ]]; then
                      flag2=1
                      flag3=1
                    elif [[ $TMPRESTORE == "Y" || $TMPRESTORE == "y" ]]; then
                      echo -e "Beginning Restore of ${BACKUPLIST[$((choice-1))]}..."
                      echo -e
                      cd /var/eFa/backup
                      tar xzvf ${BACKUPLIST[$((choice-1))]} --overwrite
                      #fetch SQL root password
                      MYSQLROOTPWD="`grep MYSQLROOTPWD /etc/eFa/MySQL-Config | sed 's/.*://'`"

                      if [[ -f /var/eFa/backup/backup/etc/EFA-Config ]]; then
                        echo "eFa v3 backup detected, performing migration..."
                        RESTOREMYSQLROOTPWD="`grep MYSQLROOTPWD /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"

                        # If hostname is different, database entries must be updated!
                        OLDHOSTNAME="`grep HOSTNAME /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"
                        OLDDOMAINNAME="`grep DOMAINNAME /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"
                        HOSTNAME="`grep HOSTNAME /etc/eFa/eFa-Config | sed 's/.*://'`"
                        DOMAINNAME="`grep DOMAINNAME /etc/eFa/eFa-Config | sed 's/.*://'`"

                        # Import database passwords
                        RESTORESAUSERSQLPWD="`grep SAUSERSQLPWD /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"
                        RESTOREMAILWATCHSQLPWD="`grep MAILWATCHSQLPWD /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"
                        RESTORESQLGREYSQLPWD="`grep SQLGREYSQLPWD /var/eFa/backup/backup/etc/EFA-Config | sed 's/.*://'`"
                        /usr/bin/mysqladmin -u root -p$MYSQLROOTPWD password "$RESTOREMYSQLROOTPWD"
                        MYSQLROOTPWD=$RESTOREMYSQLROOTPWD
                        # Update eFa-Config with imported values
                        sed -i "/^MAILWATCHSQLPWD:/ c\MAILWATCHSQLPWD:$RESTOREMAILWATCHSQLPWD" /etc/eFa/MailWatch-Config
                        sed -i "/^SAUSERSQLPWD:/ c\SAUSERSQLPWD:$RESTORESAUSERSQLPWD" /etc/eFa/SA-Config
                        sed -i "/^SQLGREYSQLPWD:/ c\SQLGREYSQLPWD:$RESTORESQLGREYSQLPWD" /etc/eFa/SQLGrey-Config
                        sed -i "/^MYSQLROOTPWD:/ c\MYSQLROOTPWD:$RESTOREMYSQLROOTPWD" /etc/eFa/MySQL-Config
                        sed -i "/^password=/ c\password=$RESTOREMYSQLROOTPWD" /root/.my.cnf

                        /bin/cp -f /var/eFa/backup/backup/etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.v3

                        # Keep certain files
                        mv -f /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.v4
                        mv -f /etc/MailScanner/defaults /etc/MailScanner/defaults.v4
                        mv -f /etc/MailScanner/virus.scanners.conf /etc/MailScanner/virus.scanners.conf.v4
                        mv -f /etc/MailScanner/spamassassin.conf /etc/MailScanner/spamassassin.conf.v4
                        mv -f /etc/MailScanner/rules/sig.html.rules /etc/MailScanner/rules/sig.html.rules.v4
                        mv -f /etc/MailScanner/rules/sig.text.rules /etc/MailScanner/rules/sig.text.rules.v4

                        /bin/cp -rf /var/eFa/backup/backup/etc/MailScanner/* /etc/MailScanner

                        # Replace old v3 files with v4 but leave v3 variants for review
                        mv -f /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.v3
                        mv -f /etc/MailScanner/defaults /etc/MailScanner/defaults.v3
                        mv -f /etc/MailScanner/virus.scanners.conf /etc/MailScanner/virus.scanners.conf.v3
                        mv -f /etc/MailScanner/spamassassin.conf /etc/MailScanner/spamassassin.conf.v3
                        mv -f /etc/MailScanner/rules/sig.html.rules /etc/MailScanner/rules/sig.html.rules.v3
                        mv -f /etc/MailScanner/rules/sig.text.rules /etc/MailScanner/rules/sig.text.rules.v3

                        # Move v4 files back in place
                        mv -f /etc/MailScanner/defaults.v4 /etc/MailScanner/defaults
                        mv -f /etc/MailScanner/virus.scanners.conf.v4 /etc/MailScanner/virus.scanners.conf
                        mv -f /etc/MailScanner/spamassassin.conf.v4 /etc/MailScanner/spamassassin.conf
                        mv -f /etc/MailScanner/rules/sig.html.rules.v4 /etc/MailScanner/rules/sig.html.rules
                        mv -f /etc/MailScanner/rules/sig.text.rules.v4 /etc/MailScanner/rules/sig.text.rules

                        # MailScanner Conf
                        ms-upgrade-conf /etc/MailScanner/MailScanner.conf.v3 /etc/MailScanner/MailScanner.conf.v4 > /etc/MailScanner/MailScanner.conf
                        rm -f /etc/MailScanner/MailScanner.conf.v4

                        # Adjust envelope_sender_header in spamassassin.conf
                        ENVELOPE=$(ms-peek envelopefromheader /etc/MailScanner/MailScanner.conf | sed -e 's/://')
                        sed -i "/^envelope_sender_header/ c\envelope_sender_header $ENVELOPE" /etc/MailScanner/spamassassin.conf

                        # Update passwords in spamassassin.conf
                        sed -i "/^bayes_sql_password/ c\bayes_sql_password              $RESTORESAUSERSQLPWD" /etc/MailScanner/spamassassin.conf
                        sed -i "/^    user_awl_sql_password/ c\    user_awl_sql_password           $RESTORESAUSERSQLPWD" /etc/MailScanner/spamassassin.conf

                        # Fix clam socket
                        sed -i "/^Clamd Socket =/ c\Clamd Socket = /var/run/clamd.socket/clamd.sock" /etc/MailScanner/MailScanner.conf

                        # Force use of the milter
                        sed -i '/^MTA =/ c\MTA = msmail' /etc/MailScanner/MailScanner.conf
                        sed -i '/^Incoming Queue Dir =/ c\Incoming Queue Dir = /var/spool/MailScanner/milterin' /etc/MailScanner/MailScanner.conf
                        sed -i '/^Outgoing Queue Dir =/ c\Outgoing Queue Dir = /var/spool/MailScanner/milterout' /etc/MailScanner/MailScanner.conf

                        # MailWatch Conf
                        /bin/cp -f /var/eFa/backup/backup/var/www/html/mailscanner/conf.php /var/www/html/mailscanner/conf.php.v3

                        # Postfix Conf
                        mv -f /etc/postfix/access /etc/postfix/access.v4
                        mv -f /etc/postfix/canonical /etc/postfix/canonical.v4
                        mv -f /etc/postfix/generic /etc/postfix/generic.v4
                        mv -f /etc/postfix/header_checks /etc/postfix/header_checks.v4
                        mv -f /etc/postfix/helo_access /etc/postfix/helo_access.v4
                        mv -f /etc/postfix/main.cf /etc/postfix/main.cf.v4
                        mv -f /etc/postfix/master.cf /etc/postfix/master.cf.v4
                        mv -f /etc/postfix/recipient_access /etc/postfix/recipient_access.v4
                        mv -f /etc/postfix/relocated /etc/postfix/relocated.v4
                        mv -f /etc/postfix/sender_access /etc/postfix/sender_access.v4
                        mv -f /etc/postfix/transport /etc/postfix/transport.v4
                        mv -f /etc/postfix/virtual /etc/postfix/virtual.v4

                        /bin/cp -f /var/eFa/backup/backup/etc/postfix/* /etc/postfix

                        # Milter in effect use v4
                        mv -f /etc/postfix/header_checks /etc/postfix/header_checks.v3
                        mv -f /etc/postfix/header_checks.v4 /etc/postfix/header_checks

                        # Several operational changes to main.cf in v4
                        mv -f /etc/postfix/main.cf /etc/postfix/main.cf.v3
                        mv -f /etc/postfix/main.cf.v4 /etc/postfix/main.cf

                        # Ditto
                        mv -f /etc/postfix/master.cf /etc/postfix/master.cf.v3
                        mv -f /etc/postfix/master.cf.v4 /etc/postfix/master.cf

                        # Postmaps
                        postmap /etc/postfix/helo_access
                        postmap /etc/postfix/recipient_access
                        postmap /etc/postfix/sasl_passwd
                        postmap /etc/postfix/sender_access
                        postmap /etc/postfix/transport
                        postmap /etc/postfix/virtual

                        mv -f /etc/sqlgrey/sqlgrey.conf /etc/sqlgrey/sqlgrey.conf.v4
                        /bin/cp -rf /var/eFa/backup/backup/etc/sqlgrey/* /etc/sqlgrey
                        mv -f /etc/sqlgrey/sqlgrey.conf /etc/sqlgrey/sqlgrey.conf.v3
                        mv -f /etc/sqlgrey/sqlgrey.conf.v4 /etc/sqlgrey/sqlgrey.conf
                        /bin/cp -rf /var/eFa/backup/backup/etc/unbound/conf.d/* /etc/unbound/conf.d
                        
                        sed -i "/^db_pass =/ c\db_pass = $RESTORESQLGREYSQLPWD" /etc/sqlgrey/sqlgrey.conf
                        
                      else
                        RESTOREMYSQLROOTPWD="`grep MYSQLROOTPWD /var/eFa/backup/backup/etc/eFa/MySQL-Config | sed 's/.*://'`"
                        if [[ "$MYSQLROOTPWD" != "$RESTOREMYSQLROOTPWD" ]]; then
                          echo "Foreign backup detected, performing import..."

                          # If hostname is different, database entries must be updated!
                          OLDHOSTNAME="`grep HOSTNAME /var/eFa/backup/backup/etc/eFa/eFa-Config | sed 's/.*://'`"
                          OLDDOMAINNAME="`grep DOMAINNAME /var/eFa/backup/backup/etc/eFa/eFa-Config | sed 's/.*://'`"
                          HOSTNAME="`grep HOSTNAME /etc/eFa/eFa-Config | sed 's/.*://'`"
                          DOMAINNAME="`grep DOMAINNAME /etc/eFa/eFa-Config | sed 's/.*://'`"

                          # Restore importable configurations
                          /bin/cp -f /var/eFa/backup/backup/etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf
                          /bin/cp -rf /var/eFa/backup/backup/etc/postfix/* /etc/postfix
                          /bin/cp -rf /var/eFa/backup/backup/etc/opendkim/* /etc/opendkim
                          /bin/cp -f /var/eFa/backup/backup/etc/opendmarc.conf /etc
                          /bin/cp -rf /var/eFa/backup/backup/etc/opendmarc/* /etc/opendmarc

                          # Fix ownership
                          chown -R postfix:postfix /etc/postfix
                          chown -R opendkim:opendkim /etc/opendkim
                          chown -R opendmarc:opendmarc /etc/opendmarc

                          # Postmaps
                          postmap /etc/postfix/helo_access
                          postmap /etc/postfix/recipient_access
                          postmap /etc/postfix/recipient_canonical
                          postmap /etc/postfix/sasl_passwd
                          postmap /etc/postfix/sender_access
                          postmap /etc/postfix/sender_canonical
                          postmap /etc/postfix/transport
                          postmap /etc/postfix/virtual

                          /bin/cp -rf /var/eFa/backup/backup/etc/sqlgrey/* /etc/sqlgrey
                          /bin/cp -rf /var/eFa/backup/backup/etc/unbound/conf.d/* /etc/unbound/conf.d
                          /bin/cp -f /var/eFa/backup/backup/var/www/html/mailscanner/conf.php /var/www/html/mailscanner/conf.php

                          # MailScanner
                          mv -f /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.original
                          /bin/cp -rf /var/eFa/backup/backup/etc/MailScanner/* /etc/MailScanner
                          mv -f /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.restore
                          ms-upgrade-conf /etc/MailScanner/MailScanner.conf.original /etc/MailScanner/MailScanner.conf.restore > /etc/MailScanner/MailScanner.conf
                          rm -f /etc/MailScanner/MailScanner.conf.original
                          rm -f /etc/MailScanner/MailScanner.conf.restore

                          # Import database passwords
                          RESTORESAUSERSQLPWD="`grep SAUSERSQLPWD /var/eFa/backup/backup/etc/eFa/SA-Config | sed 's/.*://'`"
                          RESTOREMAILWATCHSQLPWD="`grep MAILWATCHSQLPWD /var/eFa/backup/backup/etc/eFa/MailWatch-Config | sed 's/.*://'`"
                          RESTORESQLGREYSQLPWD="`grep SQLGREYSQLPWD /var/eFa/backup/backup/etc/eFa/SQLGrey-Config | sed 's/.*://'`"
                          RESTOREDMARCSQLPWD="`grep DMARCSQLPWD /var/eFa/backup/backup/etc/eFa/openDMARC-Config | sed 's/.*://'`"
                          /usr/bin/mysqladmin -u root -p$MYSQLROOTPWD password "$RESTOREMYSQLROOTPWD"
                          MYSQLROOTPWD=$RESTOREMYSQLROOTPWD
                          
                          # Update eFa-Config with imported values
                          sed -i "/^MAILWATCHSQLPWD:/ c\MAILWATCHSQLPWD:$RESTOREMAILWATCHSQLPWD" /etc/eFa/MailWatch-Config
                          sed -i "/^SAUSERSQLPWD:/ c\SAUSERSQLPWD:$RESTORESAUSERSQLPWD" /etc/eFa/SA-Config
                          sed -i "/^SQLGREYSQLPWD:/ c\SQLGREYSQLPWD:$RESTORESQLGREYSQLPWD" /etc/eFa/SQLGrey-Config
                          sed -i "/^MYSQLROOTPWD:/ c\MYSQLROOTPWD:$RESTOREMYSQLROOTPWD" /etc/eFa/MySQL-Config
                          sed -i "/^DMARCSQLPWD:/ c\DMARCSQLPWD:$RESTOREDMARCSQLPWD" /etc/eFa/openDMARC-Config
                        else
                          OLDHOSTNAME="`grep HOSTNAME /etc/eFa/eFa-Config | sed 's/.*://'`"
                          OLDDOMAINNAME="`grep DOMAINNAME /etc/eFa/eFa-Config | sed 's/.*://'`"
                          HOSTNAME=$OLDHOSTNAME
                          DOMAINNAME=$OLDDOMAINNAME
                          RESTORESAUSERSQLPWD="`grep SAUSERSQLPWD /var/eFa/backup/backup/etc/eFa/SA-Config | sed 's/.*://'`"
                          RESTOREMAILWATCHSQLPWD="`grep MAILWATCHSQLPWD /var/eFa/backup/backup/etc/eFa/MailWatch-Config | sed 's/.*://'`"
                          RESTORESQLGREYSQLPWD="`grep SQLGREYSQLPWD /var/eFa/backup/backup/etc/eFa/SQLGrey-Config | sed 's/.*://'`"
                          RESTOREDMARCSQLPWD="`grep DMARCSQLPWD /var/eFa/backup/backup/etc/eFa/openDMARC-Config | sed 's/.*://'`"
                          /bin/cp -rf /var/eFa/backup/backup/etc/* /etc
                          /bin/cp -rf /var/eFa/backup/backup/var/* /var
                        fi
                      fi
                      cd /var/eFa/backup/backup/sql
                      # Restore SQL databases
                      /usr/bin/mysql --user=root --password=$MYSQLROOTPWD < backup.sql
                      rm -rf /var/eFa/backup/backup
                      
                      # Set passwords
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" -e "UPDATE mysql.user SET Password=PASSWORD('$RESTORESAUSERSQLPWD') WHERE User='sa_user';"
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" -e "UPDATE mysql.user SET Password=PASSWORD('$RESTOREMAILWATCHSQLPWD') WHERE User='mailwatch';"
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" -e "UPDATE mysql.user SET Password=PASSWORD('$RESTORESQLGREYSQLPWD') WHERE User='sqlgrey';"
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" -e "UPDATE mysql.user SET Password=PASSWORD('$RESTOREDMARCSQLPWD') WHERE User='opendmarc';"
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" -e "FLUSH PRIVILEGES;"

                      # Ensure txrep table is present
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" sa_bayes -e "CREATE TABLE txrep (username varchar(100) NOT NULL default '', email varchar(255) NOT NULL default '', ip varchar(40) NOT NULL default '', count int(11) NOT NULL default '0', totscore float NOT NULL default '0', signedby varchar(255) NOT NULL default '', last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,  PRIMARY KEY (username,email,signedby,ip), KEY last_hit (last_hit)) ENGINE=InnoDB;" >/dev/null 2>&1
                      
                      # Ensure txrep table has last_hit field
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" sa_bayes -e "ALTER TABLE txrep ADD last_hit timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP; ALTER TABLE txrep ADD KEY last_hit (last_hit);" >/dev/null 2>&1

                      # Make sure user in bayes db is postfix
                      /usr/bin/mysql -u root -p"$MYSQLROOTPWD" sa_bayes -e "UPDATE bayes_vars SET username = 'postfix' WHERE id = '1';" 

                      # Are hostnames different from original?
                      if [[ $HOSTNAME != $OLDHOSTNAME || $DOMAINNAME != $OLDDOMAINNAME ]]; then
                        mysql -u root --password=$MYSQLROOTPWD mailscanner -e "\
                        LOCK TABLES maillog WRITE; \
                        ALTER TABLE maillog MODIFY COLUMN \`last_update\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP; \
                        UPDATE maillog SET hostname='$HOSTNAME.$DOMAINNAME' WHERE hostname='$OLDHOSTNAME.$OLDDOMAINNAME'; \
                        ALTER TABLE maillog MODIFY COLUMN \`last_update\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP; \
                        LOCK TABLES mtalog WRITE; \
                        UPDATE mtalog SET host='$HOSTNAME' WHERE host='$OLDHOSTNAME'; \
                        UNLOCK TABLES;" 
                      fi

                      # Upgrade database now
                      /usr/bin/mailwatch/tools/upgrade.php --skip-user-confirm /var/www/html/mailscanner/functions.php

		      # Upgrade / validate /check database
		      /usr/bin/mysql_upgrade -u root -p"$MYSQLROOTPWD" --force

                      echo -e "Restore Complete!"
                      echo -e ""
                      echo -e "A restart is needed to complete restore.  Press enter to reboot."
                      pause
                      shutdown -r now
                      flag3=1
                      flag2=1
                      flag=1
                    fi
                  done
                 else
                   echo -e "$red $choice $clean is not a valid choice."
                   echo -en "Choose a backup or press $green e) $clean to exit:"
                 fi
                 ;;
                     e)
                 pause
                 flag3=1
                 flag2=1  
                 flag=1
                 ;;
                     *) 
                   echo -e "$red $choice $clean is not a valid choice."
                   echo -en "Choose a backup or press $green e) $clean to exit:"
                 ;;
            esac
          done
        else
          echo "No backups were found!"
          echo "Press enter to exit."
          pause
        fi
        flag=1
      else
        echo -e "An invalid option $red $TMPRECOVER $clean was entered."
        echo -en "$green[eFa]$clean Are you sure you want to continue? (y/N):"
        read TMPRECOVER
      fi
    done

  pause

}
# +---------------------------------------------------+