1 # -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*-
3 HELPERS="$HELPERS dup:incremental_encrypted_remote_filesystem_backup"
7 do_dup_host_includes() {
9 # choose the files to backup
11 while [ -z "$REPLY" ]; do
12 formBegin "$dup_title - host system: includes"
13 [ -z "$dup_includes" ] && dup_includes="$dup_default_includes"
14 for i in $dup_includes; do
21 [ $? = 0 ] || return 1
28 # choose the vservers to backup (into $selected_vservers)
29 choose_one_or_more_vservers "$dup_title"
30 [ $? = 0 ] || return 1
33 # choose the files to backup
35 while [ -z "$REPLY" ]; do
36 formBegin "$dup_title - vservers: vsincludes (backup these directories from every selected vserver)"
37 [ -z "$dup_vsincludes" ] && dup_vsincludes="$dup_default_includes"
38 for i in $dup_vsincludes; do
45 [ $? = 0 ] || return 1
46 dup_vsincludes="$REPLY"
53 formBegin "$dup_title: excludes"
54 [ -z "$dup_excludes" ] && dup_excludes="$dup_default_excludes"
55 for i in $dup_excludes; do
62 [ $? = 0 ] || return 1
68 choose_host_or_vservers_or_both "$dup_title"
69 [ $? = 0 ] || return 1
70 case $host_or_vservers in
73 [ $? = 0 ] || return 1
77 [ $? = 0 ] || return 1
81 [ $? = 0 ] || return 1
83 [ $? = 0 ] || return 1
90 [ $? = 0 ] || return 1
103 while [ -z "$REPLY" -o -z "$dup_destdir" -o -z "$dup_desthost" -o -z "$dup_destuser" ]; do
104 formBegin "$dup_title - destination: first three items are compulsory"
105 formItem "desthost" "$dup_desthost"
106 formItem "destuser" "$dup_destuser"
107 formItem "destdir" "$dup_destdir"
108 formItem "keep" "$dup_keep"
109 formItem "incremental" "$dup_incremental"
110 formItem "bandwidthlimit" "$dup_bandwidth"
111 formItem "sshoptions" "$dup_sshoptions"
113 [ $? = 0 ] || return 1
116 replyconverted=`echo $REPLY | tr '\n' :`
118 thereply=($replyconverted)
121 dup_desthost=${thereply[0]}
122 dup_destuser=${thereply[1]}
123 dup_destdir=${thereply[2]}
124 dup_keep=${thereply[3]}
125 dup_incremental=${thereply[4]}
126 dup_bandwidth=${thereply[5]}
127 dup_sshoptions=${thereply[6]}
136 do_dup_gpg_encryptkey() {
138 while [ -z "$REPLY" -o -z "$dup_gpg_encryptkey" ]; do
139 inputBox "$dup_title - GnuPG" "Enter ID of the public GnuPG key to be used to encrypt the backups:" "$dup_gpg_encryptkey"
140 [ $? = 0 ] || return 1
141 dup_gpg_encryptkey="$REPLY"
147 booleanBox "$dup_title - GnuPG" "Sign the backups?" "$dup_gpg_sign"
155 do_dup_gpg_signkey() {
157 booleanBox "$dup_title - GnuPG" "Use the same GnuPG key pair for encryption and signing?" "$dup_gpg_onekeypair"
159 dup_gpg_onekeypair=yes
161 dup_gpg_onekeypair=no
164 if [ "$dup_gpg_onekeypair" == "no" }; then
167 while [ -z "$REPLY" -o -z "$dup_gpg_signkey" ]; do
168 inputBox "$dup_title - GnuPG" "Enter the ID of the private GnuPG key to be used to sign the backups:" "$dup_gpg_signkey"
169 [ $? = 0 ] || return 1
170 dup_gpg_signkey="$REPLY"
175 do_dup_gpg_passphrase() {
176 local question="Enter the passphrase needed to unlock the GnuPG key:"
178 while [ -z "$REPLY" -o -z "$dup_gpg_password" ]; do
179 passwordBox "$dup_title - GnuPG" "$question"
180 [ $? = 0 ] || return 1
181 dup_gpg_password="$REPLY"
187 # symmetric or public key encryption ?
188 booleanBox "$dup_title - GnuPG" "Use public key encryption? Otherwise, symmetric encryption will be used, and data signing will be impossible." "$dup_gpg_asymmetric_encryption"
190 dup_gpg_asymmetric_encryption=yes
192 dup_gpg_asymmetric_encryption=no
195 # when using public/private key pair encryption, ask for the keys to use
196 if [ "$dup_gpg_asymmetric_encryption" == yes ]; then
197 do_dup_gpg_encryptkey ; [ $? = 0 ] || return 1
198 do_dup_gpg_sign ; [ $? = 0 ] || return 1
199 if [ "$dup_gpg_sign" == yes ]; then
200 do_dup_gpg_signkey ; [ $? = 0 ] || return 1
204 # a passphrase is alway needed
205 do_dup_gpg_passphrase
209 # TODO: replace the above line by the following when do_dup_conn is written
213 # TODO: share rdiff.helper code in some lib, and use it here
219 do_dup_misc_options() {
225 formBegin "$dup_title - misc. options"
226 formItem "nicelevel" "$dup_nicelevel"
227 formItem "testconnect" "$dup_testconnect"
228 formItem "options" "$dup_options"
230 [ $? = 0 ] || return 1
233 replyconverted=`echo $REPLY | tr '\n' :`
235 thereply=($replyconverted)
238 dup_nicelevel=${thereply[0]}
239 dup_testconnect=${thereply[1]}
240 dup_options=${thereply[2]}
245 # (rdiff.helper compatible interface... there could be some sode to share, hmmm.)
248 [ $? = 0 ] || return 1
254 get_next_filename $configdirectory/90.dup
255 cat > $next_filename <<EOF
256 # passed directly to duplicity
257 #options = --verbosity 8
258 options = $dup_options
260 # default is 0, but set to 19 if you want to lower the priority.
261 nicelevel = $dup_nicelevel
263 # default is yes. set to no to skip the test if the remote host is alive
264 testconnect = $dup_testconnect
266 ######################################################
268 ## (how to encrypt and optionally sign the backups)
270 ## WARNING: old (pre-0.9.4) example.dup used to give wrong information about
271 ## the way the following options are used. Please read the following
274 ## If the encryptkey variable is set:
275 ## - data is encrypted with the GnuPG public key specified by the encryptkey
277 ## - if signing is enabled, data is signed with the GnuPG private
278 ## key specified by the signkey variable
279 ## - the password variable is used to unlock the GnuPG key(s) used
280 ## for encryption and (optionnal) signing
282 ## If the encryptkey option is not set:
283 ## - data signing is not possible
284 ## - the password variable is used to encrypt the data with symmetric
285 ## encryption: no GnuPG key pair is needed
289 # when set to yes, encryptkey variable must be set below; if you want to use
290 # two different keys for encryption and signing, you must also set the signkey
292 # default is no, for backwards compatibility with backupninja <= 0.5.
295 # ID of the GnuPG public key used for data encryption.
296 # if not set, symmetric encryption is used, and data signing is not possible.
297 encryptkey = $dup_gpg_encryptkey
299 # ID of the GnuPG private key used for data signing.
300 # if not set, encryptkey will be used.
301 signkey = $dup_gpg_signkey
304 # NB: neither quote this, nor should it include any quotes
305 password = $dup_gpg_password
307 ######################################################
309 ## (where the files to be backed up are coming from)
313 # WARNING: include, exclude and vsinclude statements support EITHER globbing
314 # with '*' OR symlinks in the path; usage of both in the same statement is *not*
315 # supported and will lead to weird behaviour.
317 # files to include in the backup
320 if [ "$host_or_vservers" == host -o "$host_or_vservers" == both ]; then
322 for i in $dup_includes; do
323 echo "include = $i" >> $next_filename
328 cat >> $next_filename <<EOF
330 # If vservers = yes in /etc/backupninja.conf then the following variables can
332 # vsnames = all | <vserver1> <vserver2> ... (default = all)
336 # Any path specified in vsinclude is added to the include list for each vserver
337 # listed in vsnames (or all if vsnames = all, which is the default).
339 # For example, vsinclude = /home will backup the /home directory in every
340 # vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
341 # vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
342 # and /vservers/baz/home.
343 # Vservers paths are derived from $VROOTDIR.
347 if [ "$host_or_vservers" == vservers -o "$host_or_vservers" == both ]; then
349 echo -e "vsnames = $selected_vservers\n" >> $next_filename
350 for i in $dup_vsincludes; do
351 echo "vsinclude = $i" >> $next_filename
357 cat >> $next_filename <<EOF
359 # files to exclude from the backup
362 for i in $dup_excludes; do
363 echo "exclude = $i" >> $next_filename
367 cat >> $next_filename <<EOF
369 ######################################################
370 ## destination section
371 ## (where the files are copied to)
375 # perform an incremental backup? (default = yes)
376 # if incremental = no, perform a full backup in order to start a new backup set
377 incremental = $dup_incremental
379 # how many days of data to keep ; default is 60 days.
380 # (you can also use the time format of duplicity)
381 # 'keep = yes' means : do not delete old data, the remote host will take care of this
386 # bandwith limit, in kbit/s ; default is 0, i.e. no limit
387 #bandwidthlimit = 128
388 bandwidthlimit = $dup_bandwidth
390 # passed directly to ssh and scp
391 #sshoptions = -i /root/.ssh/id_dsa_duplicity
392 sshoptions = $dup_sshoptions
394 # put the backups under this directory
395 destdir = $dup_destdir
397 # the machine which will receive the backups
398 desthost = $dup_desthost
400 # make the files owned by this user
401 # note: you must be able to ssh backupuser@backhost
402 # without specifying a password (if type = remote).
403 destuser = $dup_destuser
407 chmod 600 $next_filename
414 srcitem="choose files to include & exclude $_src_done"
415 destitem="configure backup destination $_dest_done"
416 gpgitem="configure GnuPG encryption/signing $_gpg_done"
417 conitem="set up ssh keys and test remote connection $_con_done"
418 advitem="edit advanced settings $_adv_done"
419 # TODO: add the following to the menu when do_dup_conn is written
421 menuBox "$dup_title" "choose a step:" \
426 finish "finish and create config file"
427 [ $? = 0 ] || return 1
432 "dest") do_dup_dest;;
434 # TODO: enable the following when do_dup_conn is written
435 # "conn") do_dup_conn;;
438 if [[ "$_dest_done$_gpg_done$_src_done" != "(DONE)(DONE)(DONE)" ]]; then
439 # TODO: replace the previous test by the following when do_dup_conn is written
440 # if [[ "$_con_done$_dest_done$_gpg_done$_src_done" != "(DONE)(DONE)(DONE)(DONE)" ]]; then
441 msgBox "$dup_title" "You cannot create the configuration file until the four first steps are completed."
456 require_packages duplicity
459 dup_title="Duplicity action wizard"
472 dup_destdir="/backups/`hostname`"
475 dup_gpg_asymmetric_encryption="yes"
476 dup_gpg_encryptkey=""
478 dup_gpg_onekeypair="yes"
485 # Global variables whose '*' shall not be expanded
487 dup_default_includes="/var/spool/cron/crontabs /var/backups /etc /root /home /usr/local/*bin /var/lib/dpkg/status*"
488 dup_default_excludes="/home/*/.gnupg /home/*/.gnupg /home/*/.local/share/Trash /home/*/.Trash /home/*/.thumbnails /home/*/.beagle /home/*/.aMule /home/*/gtk-gnutella-downloads"