really fix the insecure temp file creation
[matthijs/upstream/backupninja.git] / handlers / dup
1 #
2 # duplicity script for backupninja
3 # requires duplicity
4 #
5
6 getconf options
7 getconf testconnect yes
8 getconf nicelevel 0
9
10 setsection gpg
11 getconf password
12 getconf sign no
13 getconf encryptkey
14
15 setsection source
16 getconf include
17 getconf vsnames all
18 getconf vsinclude
19 getconf exclude
20
21 setsection dest
22 getconf incremental yes
23 getconf keep 60
24 getconf sshoptions
25 getconf bandwidthlimit 0
26 getconf desthost
27 getconf destdir
28 getconf destuser
29 destdir=${destdir%/}
30
31 [ "$destdir" != "" ] || fatal "Destination directory not set"
32 [ "$include" != "" ] || fatal "No source includes specified"
33 [ "$password" != "" ] || fatal "No password specified"
34
35 ### vservers stuff ###
36
37 # See if vservers are configured.
38 # If so, check that the ones listed in $vsnames do exist.
39 if [ "$vservers" == "yes" ]; then
40     [ -d "$VROOTDIR" ] || fatal "vservers enabled, but $VROOTDIR does not exist!"
41     if [ "$vsnames" == "all" ]; then
42         vsnames=""
43         for vserver in `ls $VROOTDIR | grep -E -v "lost+found|ARCHIVES"`; do
44             vsnames="$vserver $vsnames"
45         done
46     else
47         for vserver in "$vsnames"; do
48             [ -d "$VROOTDIR/$vserver" ] || fatal "vserver '$vserver' does not exist."
49         done
50     fi
51     if [ -n "$vsnames" ]; then
52         if [ -n "$vsinclude" ]; then
53             info "Using vservers '$vsnames'"
54             usevserver=1
55         fi
56     else
57         [ -z "$vsinclude" ] || warning 'vsnames is empty, vsinclude configuration lines will be ignored'
58     fi
59 fi
60
61 ### see if we can login ###
62
63 if [ "$testconnect" == "yes" ]; then
64     debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
65     if [ ! $test ]; then
66         result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'`
67         if [ "$result" != "1" ]; then
68             fatal "Can't connect to $desthost as $destuser."
69         else
70             debug "Connected to $desthost as $destuser successfully"
71         fi
72     fi
73 fi
74
75 ### COMMAND-LINE MANGLING ###
76
77 scpoptions="$sshoptions"
78 [ "$bandwidthlimit" == 0 ] || scpoptions="$scpoptions -l $bandwidthlimit"
79
80 execstr="$options --no-print-statistics --scp-command 'scp $scpoptions' --ssh-command 'ssh $sshoptions' "
81
82 if [ "$encryptkey" == "" ]; then
83     [ "$sign" != "yes" ] || fatal "encryptkey option must be set when signing."
84 else
85     execstr="${execstr}--encrypt-key $encryptkey "
86     [ "$sign" != "yes" ] || execstr="${execstr}--sign-key $encryptkey "
87 fi
88
89 if [ "$keep" != "yes" ]; then
90     if [ "`echo $keep | tr -d 0-9`" == "" ]; then
91         keep="${keep}D"
92     fi
93     execstr="${execstr}--remove-older-than $keep "
94 fi
95
96 if [ "$incremental" == "no" ]; then
97     execstr="${execstr}--full "
98 fi
99
100 execstr_serverpart="scp://$destuser@$desthost/$destdir"
101 execstr_clientpart="/"
102
103 ### SOURCE ###
104
105 # excludes
106 for i in $exclude; do
107         str="${i//__star__/*}"
108         execstr="${execstr}--exclude $str "
109 done
110         
111 # includes 
112 for i in $include; do
113         str="${i//__star__/*}"
114         execstr="${execstr}--include $str "
115 done
116
117 # vsincludes
118 if [ $usevserver ]; then
119     for vserver in $vsnames; do
120         for vi in $vsinclude; do
121             str="${vi//__star__/*}"
122             execstr="${execstr}--include '$VROOTDIR/$vserver$str' "
123         done
124     done
125 fi
126
127 ### EXECUTE ###
128
129 # exclude everything else, start with root
130 #execstr="${execstr}--exclude '**' / "
131                 
132 # include client-part and server-part
133 #execstr="$execstr $execstr_serverpart"
134
135 execstr=${execstr//\\*/\\\\\\*}
136
137 debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
138 if [ ! $test ]; then
139         export PASSPHRASE=$password
140         output=`nice -n $nicelevel \
141                   su -c \
142                     "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
143         code=$?
144         if [ $code -eq 0 ]; then
145                 debug $output
146                 info "Duplicity finished successfully."
147         else
148                 debug $output
149                 fatal "Duplicity failed."
150         fi
151 fi      
152
153 return 0