Commit 8dff2df7 authored by Fjen Undso's avatar Fjen Undso
Browse files

add support for gpg key encryption

parent 834d94be
...@@ -5,7 +5,6 @@ ...@@ -5,7 +5,6 @@
# #
# sftp note: ssh private/public key with no password is required # sftp note: ssh private/public key with no password is required
# if not using pwauth # if not using pwauth
# TODO: gpg key encryption
##### BEGIN SETTINGS ##### BEGIN SETTINGS
### system settings ### system settings
...@@ -32,7 +31,8 @@ declare -r FTPPORT="" # leave empty for standard protocol port ...@@ -32,7 +31,8 @@ declare -r FTPPORT="" # leave empty for standard protocol port
declare -r FTPDIR="path/on/ftp" declare -r FTPDIR="path/on/ftp"
declare -r FTPNUMBACKUPS=90 declare -r FTPNUMBACKUPS=90
### gpg settings ### gpg settings
declare -r GPGPASS="" # optional gpg symmetrical passphrase declare -r GPGKEYID="" # gpg key id
declare -r GPGPASS="" # gpg symmetrical passphrase, if not using GPGKEYID
##### END SETTINGS ##### END SETTINGS
fail() { fail() {
...@@ -60,7 +60,7 @@ execftp() { ...@@ -60,7 +60,7 @@ execftp() {
} }
### Check prerequisites ### Check prerequisites
for i in mydumper lftp mail tar ${COMPRESS%% *}; do for i in mydumper lftp mail tar gpg ${COMPRESS%% *}; do
if [ ! "$(which $i)" ]; then if [ ! "$(which $i)" ]; then
fail "Error: prerequisite $i not found in PATH" fail "Error: prerequisite $i not found in PATH"
fi fi
...@@ -105,11 +105,19 @@ done ...@@ -105,11 +105,19 @@ done
cd - cd -
### Encryption ### Encryption
if [ -n "$GPGPASS" ]; then if [ -n "$GPGKEYID$GPGPASS" ]; then
echo "### Encryption..." echo "### Encryption..."
cd "$backupdir" cd "$backupdir"
for i in *; do for i in *; do
gpg --symmetric --batch --passphrase "$GPGPASS" --cipher-algo AES256 "$i" echo "encrypt: $i"
if [ -n "$GPGKEYID" ]; then
gpg -e -r "$GPGKEYID" "$i" \
&& rm "$i"
else
echo "$GPGPASS" \
| gpg -c --batch --passphrase-fd 0 --cipher-algo AES256 "$i" \
&& rm "$i"
fi
done done
cd - cd -
fi fi
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment