Merge pull request #12 from puredoze/master
Added support for using separate signature and encryption keys /!\ configuration file altered, please look at the diff
This commit is contained in:
zertrin
commit
572f733bd2
2 changed files with 19 additions and 7 deletions
|
|
@ -45,17 +45,28 @@ AWS_SECRET_ACCESS_KEY="foobar_aws_access_key"
|
||||||
|
|
||||||
# ENCRYPTION INFORMATION
|
# ENCRYPTION INFORMATION
|
||||||
# Do you want your backup to be encrypted? yes/no
|
# Do you want your backup to be encrypted? yes/no
|
||||||
# If yes, please make sure you specify either PASSPHRASE or GPG_KEY
|
# If yes, please make sure you specify either PASSPHRASE or GPG_ENC_KEY/GPG_SIGN_KEY
|
||||||
ENCRYPTION='yes'
|
ENCRYPTION='yes'
|
||||||
|
|
||||||
# If you are NOT running this from a cron, comment this line out
|
# If you are NOT running this from a cron, comment this line out
|
||||||
# and duplicity should prompt you for your password.
|
# and duplicity should prompt you for your password.
|
||||||
|
# Otherwise this password is either used for symmetric encryption
|
||||||
|
# (your backups will be encrypted with this password) or is used
|
||||||
|
# for the "GPG_SIGN_KEY" (see below).
|
||||||
# Comment out if you aren't using encryption
|
# Comment out if you aren't using encryption
|
||||||
PASSPHRASE="foobar_gpg_passphrase"
|
PASSPHRASE="foobar_gpg_passphrase"
|
||||||
|
|
||||||
# Specify which GPG key you would like to use (even if you have only one).
|
# Specify which GPG keys you would like to use (even if you have only one).
|
||||||
# Comment out if you're using only PASSPHRASE or not using encryption
|
# If you are running this from a cron, it is highly recommended to create separate
|
||||||
GPG_KEY="foobar_gpg_key"
|
# signature and encryption keys, because you have to specify the password for the
|
||||||
|
# GPG_SIGN_KEY via the above PASSPHRASE variable
|
||||||
|
# (see http://www.debian-administration.org/articles/209#d0e109).
|
||||||
|
# If you are not running the script from a cron, duplicity should prompt you for the
|
||||||
|
# GPG_SIGN_KEY password.
|
||||||
|
# Comment out if you're using only PASSPHRASE (symmetric encryption) or not using
|
||||||
|
# encryption at all.
|
||||||
|
GPG_ENC_KEY="foobar_gpg_key"
|
||||||
|
GPG_SIGN_KEY="foobar_gpg_key"
|
||||||
|
|
||||||
# BACKUP SOURCE INFORMATION
|
# BACKUP SOURCE INFORMATION
|
||||||
# The ROOT of your backup (where you want the backup to start);
|
# The ROOT of your backup (where you want the backup to start);
|
||||||
|
|
|
||||||
|
|
@ -158,8 +158,8 @@ S3CMD="$(which s3cmd)"
|
||||||
LOCKFILE=${LOGDIR}backup.lock
|
LOCKFILE=${LOGDIR}backup.lock
|
||||||
|
|
||||||
if [ "$ENCRYPTION" = "yes" ]; then
|
if [ "$ENCRYPTION" = "yes" ]; then
|
||||||
if [ ! -z "$GPG_KEY" ]; then
|
if [ ! -z "$GPG_ENC_KEY" ] && [ ! -z "$GPG_SIGN_KEY" ]; then
|
||||||
ENCRYPT="--encrypt-key=${GPG_KEY} --sign-key=${GPG_KEY}"
|
ENCRYPT="--encrypt-key=${GPG_ENC_KEY} --sign-key=${GPG_SIGN_KEY}"
|
||||||
elif [ ! -z "$PASSPHRASE" ]; then
|
elif [ ! -z "$PASSPHRASE" ]; then
|
||||||
ENCRYPT=""
|
ENCRYPT=""
|
||||||
fi
|
fi
|
||||||
|
|
@ -196,7 +196,8 @@ fi
|
||||||
check_variables ()
|
check_variables ()
|
||||||
{
|
{
|
||||||
if [[ ${ROOT} = "" || ${DEST} = "" || ${INCLIST} = "" || \
|
if [[ ${ROOT} = "" || ${DEST} = "" || ${INCLIST} = "" || \
|
||||||
${GPG_KEY} = "foobar_gpg_key" || \
|
${GPG_ENC_KEY} = "foobar_gpg_key" || \
|
||||||
|
${GPG_SIGN_KEY} = "foobar_gpg_key" || \
|
||||||
${PASSPHRASE} = "foobar_gpg_passphrase" || \
|
${PASSPHRASE} = "foobar_gpg_passphrase" || \
|
||||||
${LOGDIR} = "/home/foobar_user_name/logs/test2/" || \
|
${LOGDIR} = "/home/foobar_user_name/logs/test2/" || \
|
||||||
( ${DEST_IS_S3} = true && ${AWS_ACCESS_KEY_ID} = "foobar_aws_key_id" ) || \
|
( ${DEST_IS_S3} = true && ${AWS_ACCESS_KEY_ID} = "foobar_aws_key_id" ) || \
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue