2Shirt/duplicity-backup.sh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added support for using separate signature and encryption keys

Browse source
This commit is contained in:
puredoze 2012-08-13 12:53:09 +02:00
parent f66427f209
commit 640e497121
2 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
duplicity-backup.conf.example
View file

@ -45,17 +45,25 @@ AWS_SECRET_ACCESS_KEY="foobar_aws_access_key"
# ENCRYPTION INFORMATION # ENCRYPTION INFORMATION
# Do you want your backup to be encrypted? yes/no # Do you want your backup to be encrypted? yes/no
# If yes, please make sure you specify either PASSPHRASE or GPG_KEY # If yes, please make sure you specify either PASSPHRASE or GPG_ENC_KEY/GPG_SIGN_KEY
ENCRYPTION='yes' ENCRYPTION='yes'
# If you are NOT running this from a cron, comment this line out # If you are NOT running this from a cron, comment this line out
# and duplicity should prompt you for your password. # and duplicity should prompt you for your password.
# Otherwise this password is either used for symetric encryption
# (your backups will be encrypted with this password) or is used
# for the "GPG_SIGN_KEY" (see below).
# Comment out if you aren't using encryption # Comment out if you aren't using encryption
PASSPHRASE="foobar_gpg_passphrase" PASSPHRASE="foobar_gpg_passphrase"
# Specify which GPG key you would like to use (even if you have only one). # Specify which GPG keys you would like to use (even if you have only one).
# Comment out if you're using only PASSPHRASE or not using encryption # It is highly recommended to create separate signature and encryption keys.
GPG_KEY="foobar_gpg_key" # When run, duplicity should prompt you for the GPG_SIGN_KEY password
# (or specify the PASSPHRASE above if you run this script from a cron).
# Comment out if you're using only PASSPHRASE (symetric encryption) or not using
# encryption at all.
GPG_ENC_KEY="foobar_gpg_key"
GPG_SIGN_KEY="foobar_gpg_key"
# BACKUP SOURCE INFORMATION # BACKUP SOURCE INFORMATION
# The ROOT of your backup (where you want the backup to start); # The ROOT of your backup (where you want the backup to start);

7
duplicity-backup.sh
View file

@ -158,8 +158,8 @@ S3CMD="$(which s3cmd)"
LOCKFILE=${LOGDIR}backup.lock LOCKFILE=${LOGDIR}backup.lock
if [ "$ENCRYPTION" = "yes" ]; then if [ "$ENCRYPTION" = "yes" ]; then
if [ ! -z "$GPG_KEY" ]; then if [ ! -z "$GPG_ENC_KEY" ] && [ ! -z "$GPG_SIGN_KEY" ]; then
ENCRYPT="--encrypt-key=${GPG_KEY} --sign-key=${GPG_KEY}" ENCRYPT="--encrypt-key=${GPG_ENC_KEY} --sign-key=${GPG_SIGN_KEY}"
elif [ ! -z "$PASSPHRASE" ]; then elif [ ! -z "$PASSPHRASE" ]; then
ENCRYPT="" ENCRYPT=""
fi fi
@ -196,7 +196,8 @@ fi
check_variables () check_variables ()
{ {
if [[ ${ROOT} = "" || ${DEST} = "" || ${INCLIST} = "" || \ if [[ ${ROOT} = "" || ${DEST} = "" || ${INCLIST} = "" || \
${GPG_KEY} = "foobar_gpg_key" || \ ${GPG_ENC_KEY} = "foobar_gpg_key" || \
${GPG_SIGN_KEY} = "foobar_gpg_key" || \
${PASSPHRASE} = "foobar_gpg_passphrase" || \ ${PASSPHRASE} = "foobar_gpg_passphrase" || \
${LOGDIR} = "/home/foobar_user_name/logs/test2/" || \ ${LOGDIR} = "/home/foobar_user_name/logs/test2/" || \
( ${DEST_IS_S3} = true && ${AWS_ACCESS_KEY_ID} = "foobar_aws_key_id" ) || \ ( ${DEST_IS_S3} = true && ${AWS_ACCESS_KEY_ID} = "foobar_aws_key_id" ) || \