bashclub/bashclub-zfs-push-pull
1
0
Fork 0
mirror of https://github.com/bashclub/bashclub-zfs-push-pull.git synced 2025-09-16 09:50:12 +02:00
Code Issues Projects Releases Wiki Activity

ssh mode: use forced backup-zfs-shell

Browse Source 
Ensure the backup connection to the SSH server can't do anything other
than designed. Uses ssh's authorized_keys command= statement to launch
backup-zfs-shell, which then supports only the handful of operations
required to perform backups.

$destpath is no longer used, but still included in the documentation
until it can be entirely written out.
This commit is contained in:
Kevin McCormick
2017-03-09 11:55:57 -08:00
parent afb2b924ba
commit 720754a504
2 changed files with 43 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
backup-zfs
View File

@@ -148,7 +148,7 @@ if $tossh ; then
### get newest snapshot on dest - it must exist on src
###
#last="$(ZFS "$desthost" list -d 1 -t snapshot -H -S creation -o name $destfs/$srcbase | head -n1 | cut -f2 -d@)"
last="$(ssh "$desthost" cat "$destpath/.last")"
last="$(ssh "$desthost" zfslast)"
###
### send
@@ -166,14 +166,14 @@ if $tossh ; then
if [[ -n $gpgid ]] ; then
ZFS "$srchost" send $send_opts -R -I "$last" "$cur" \
| gpg --trust-model always --encrypt --recipient "$gpgid" \
| ssh "$desthost" "cat > \"$destpath/${tag}_$date.zfssnap.gpg\"" \
| ssh "$desthost" zfswrite "${tag}_$date.zfssnap.gpg" \
|| die $? "zfs incremental send failed"
ssh "$desthost" "echo \"$snap\" > \"$destpath/.last\""
ssh "$desthost" zfslast "$snap"
else
ZFS "$srchost" send $send_opts -R -I "$last" "$cur" \
| ssh "$desthost" "cat > \"$destpath/${tag}_$date.zfssnap\"" \
| ssh "$desthost" zfswrite "${tag}_$date.zfssnap" \
|| die $? "zfs incremental send failed"
ssh "$desthost" "echo \"$snap\" > \"$destpath/.last\""
ssh "$desthost" zfslast "$snap"
fi
fi
@@ -201,13 +201,13 @@ elif $fromssh ; then
###
log "receiving incremental snapshot from $src to $dest"
#ZFS "$srchost" send $send_opts -R -I "$last" "$cur" | ZFS "$desthost" receive $recv_opts -Fue "$destfs" || die $? "zfs incremental send failed"
for file in $(ssh "$srchost" "find \"$srcpath\" -name \"*.zfssnap\" -o -name \"*.zfssnap.gpg\"") ; do
for file in $(ssh "$srchost" zfsfind "$srcpath" | sort) ; do
if [[ $file =~ \.gpg$ ]] ; then
ssh "$srchost" "cat \"$file\"" | gpg | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
&& ssh "$srchost" "rm \"$file\""
ssh "$srchost" zfsget "$file" | gpg | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
&& ssh "$srchost" rm "$file"
else
ssh "$srchost" "cat \"$file\"" | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
&& ssh "$srchost" "rm \"$file\""
ssh "$srchost" zfsget "$file" | ZFS "$desthost" receive $recv_opts -Fue "$dest" \
&& ssh "$srchost" rm "$file"
fi
done