mirror of
https://github.com/bashclub/bashclub-zfs-push-pull.git
synced 2024-12-25 06:00:13 +01:00
ssh mode: add gpg encryption support
This commit is contained in:
parent
3bb83e8029
commit
28c7cbc747
31
backup-zfs
31
backup-zfs
@ -19,6 +19,7 @@ usage() {
|
|||||||
-d dateopts options for date(1) - used to name the snapshots (default: +%F_%T)
|
-d dateopts options for date(1) - used to name the snapshots (default: +%F_%T)
|
||||||
-s store mode - output snaps from local fs to ssh server
|
-s store mode - output snaps from local fs to ssh server
|
||||||
-r read mode - read snaps from ssh server to local fs
|
-r read mode - read snaps from ssh server to local fs
|
||||||
|
-g gpg-id gpg recipient key id (store mode only)
|
||||||
EOF
|
EOF
|
||||||
exit $1
|
exit $1
|
||||||
}
|
}
|
||||||
@ -73,7 +74,7 @@ fromssh=false
|
|||||||
###
|
###
|
||||||
### parse options
|
### parse options
|
||||||
###
|
###
|
||||||
while getopts "hvqk:t:d:sr" opt ; do
|
while getopts "hvqk:t:d:srg:" opt ; do
|
||||||
case $opt in
|
case $opt in
|
||||||
h) usage 0 ;;
|
h) usage 0 ;;
|
||||||
v)
|
v)
|
||||||
@ -87,12 +88,16 @@ while getopts "hvqk:t:d:sr" opt ; do
|
|||||||
d) dateopts=$OPTARG ;;
|
d) dateopts=$OPTARG ;;
|
||||||
s) tossh=true ;;
|
s) tossh=true ;;
|
||||||
r) fromssh=true ;;
|
r) fromssh=true ;;
|
||||||
|
g) gpgid="$OPTARG" ;;
|
||||||
*) usage 1 ;;
|
*) usage 1 ;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
shift $((OPTIND-1))
|
shift $((OPTIND-1))
|
||||||
date="$(date $dateopts)"
|
date="$(date $dateopts)"
|
||||||
$tossh && $fromssh && die 1 "-s and -r are mutually exclusive"
|
$tossh && $fromssh && die 1 "-s and -r are mutually exclusive"
|
||||||
|
if ! $tossh && [[ -n $gpgid ]] ; then
|
||||||
|
die 1 "-g can only be used with -s"
|
||||||
|
fi
|
||||||
|
|
||||||
###
|
###
|
||||||
### parse src & dest host/fs info
|
### parse src & dest host/fs info
|
||||||
@ -155,9 +160,18 @@ if $tossh ; then
|
|||||||
die 1 "no incremental path from from $src to $dest"
|
die 1 "no incremental path from from $src to $dest"
|
||||||
# normal case: send incremental
|
# normal case: send incremental
|
||||||
else
|
else
|
||||||
log "sending incremental snapshot from $src to $dest (${last#${tag}_}..${cur#*@${tag}_})"
|
log "sending $([[ -n $gpgid ]] && echo "encrypted ")incremental snapshot from $src to $dest (${last#${tag}_}..${cur#*@${tag}_})"
|
||||||
#ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ZFS "$desthost" receive $recv_opts -Fue "$destfs" || die $? "zfs incremental send failed"
|
#ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ZFS "$desthost" receive $recv_opts -Fue "$destfs" || die $? "zfs incremental send failed"
|
||||||
ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ssh "$desthost" "cat > \"$destpath/${tag}_$date.zfssnap\"" || die $? "zfs incremental send failed"
|
if [[ -n $gpgid ]] ; then
|
||||||
|
ZFS "$srchost" send $send_opts -R -I "$last" "$cur" \
|
||||||
|
| gpg --trust-model always --encrypt --recipient "$gpgid" \
|
||||||
|
| ssh "$desthost" "cat > \"$destpath/${tag}_$date.zfssnap.gpg\"" \
|
||||||
|
|| die $? "zfs incremental send failed"
|
||||||
|
else
|
||||||
|
ZFS "$srchost" send $send_opts -R -I "$last" "$cur" \
|
||||||
|
| ssh "$desthost" "cat > \"$destpath/${tag}_$date.zfssnap\"" \
|
||||||
|
|| die $? "zfs incremental send failed"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exit
|
exit
|
||||||
@ -184,13 +198,18 @@ elif $fromssh ; then
|
|||||||
###
|
###
|
||||||
log "receiving incremental snapshot from $src to $dest"
|
log "receiving incremental snapshot from $src to $dest"
|
||||||
#ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ZFS "$desthost" receive $recv_opts -Fue "$destfs" || die $? "zfs incremental send failed"
|
#ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ZFS "$desthost" receive $recv_opts -Fue "$destfs" || die $? "zfs incremental send failed"
|
||||||
for file in $(ssh "$srchost" "find \"$srcpath\" -name \"*.zfssnap\"") ; do
|
for file in $(ssh "$srchost" "find \"$srcpath\" -name \"*.zfssnap\" -o -name \"*.zfssnap.gpg\"") ; do
|
||||||
ssh "$srchost" "cat \"$file\"" | ZFS "$desthost" receive $recv_opts -Fue "$dest" && ssh "$srchost" "rm \"$file\""
|
if [[ $file =~ \.gpg$ ]] ; then
|
||||||
|
ssh "$srchost" "cat \"$file\"" | gpg | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
|
||||||
|
&& ssh "$srchost" "rm \"$file\""
|
||||||
|
else
|
||||||
|
ssh "$srchost" "cat \"$file\"" | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
|
||||||
|
&& ssh "$srchost" "rm \"$file\""
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
exit
|
exit
|
||||||
fi
|
fi
|
||||||
die 1 "neither -s nor -r was specified"
|
|
||||||
|
|
||||||
# discard anything before a colon to get the fs
|
# discard anything before a colon to get the fs
|
||||||
srcfs="${src#*:}"
|
srcfs="${src#*:}"
|
||||||
|
Loading…
Reference in New Issue
Block a user