X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;ds=sidebyside;f=handlers%2Fdup.in;fp=handlers%2Fdup.in;h=edb43ac4b90ddcf8b732f92ae9e7811692e1f48d;hb=579ea902ba24854b3c9acb307cda7e996e8e41a3;hp=0000000000000000000000000000000000000000;hpb=be75e4e6c536882c14db9a41c61585e7a9c045f6;p=matthijs%2Fupstream%2Fbackupninja.git

diff --git a/handlers/dup.in b/handlers/dup.in
new file mode 100644
index 0000000..edb43ac
--- /dev/null
+++ b/handlers/dup.in
@@ -0,0 +1,178 @@
+# -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*-
+#
+# duplicity script for backupninja
+# requires duplicity
+#
+
+getconf options
+getconf testconnect yes
+getconf nicelevel 0
+
+setsection gpg
+getconf password
+getconf sign no
+getconf encryptkey
+getconf signkey
+
+setsection source
+getconf include
+getconf vsnames all
+getconf vsinclude
+getconf exclude
+
+setsection dest
+getconf incremental yes
+getconf keep 60
+getconf sshoptions
+getconf bandwidthlimit 0
+getconf desthost
+getconf destdir
+getconf destuser
+destdir=${destdir%/}
+
+[ "$destdir" != "" ] || fatal "Destination directory not set"
+[ "$include" != "" ] || fatal "No source includes specified"
+
+### vservers stuff ###
+
+# If vservers are configured, check that the ones listed in $vsnames do exist.
+local usevserver=no
+if [ $vservers_are_available = yes ]; then
+   if [ "$vsnames" = all ]; then
+      vsnames="$found_vservers"
+   else
+      if ! vservers_exist "$vsnames" ; then
+            fatal "At least one of the vservers listed in vsnames ($vsnames) does not exist."
+      fi
+   fi
+   if [ -n "$vsinclude" ]; then
+      info "Using vservers '$vsnames'"
+      usevserver=yes
+   fi
+else
+   [ -z "$vsinclude" ] || warning 'vservers support disabled in backupninja.conf, vsincludes configuration lines will be ignored'
+fi
+
+
+### see if we can login ###
+
+if [ "$testconnect" == "yes" ]; then
+    debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
+    if [ ! $test ]; then
+	result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'`
+	if [ "$result" != "1" ]; then
+	    fatal "Can't connect to $desthost as $destuser."
+	else
+	    debug "Connected to $desthost as $destuser successfully"
+	fi
+    fi
+fi
+
+### COMMAND-LINE MANGLING ###
+
+# duplicity >= 0.4.2 needs --sftp-command (NB: sftp does not support the -l option)
+duplicity_version="`duplicity --version | @AWK@ '{print $2}'`"
+duplicity_major="`echo $duplicity_version | @AWK@ -F '.' '{print $1}'`"
+duplicity_minor="`echo $duplicity_version | @AWK@ -F '.' '{print $2}'`"
+duplicity_sub="`echo $duplicity_version | @AWK@ -F '.' '{print $3}'`"
+if [ "$duplicity_major" -ge 0 -a "$duplicity_minor" -ge 4 -a "$duplicity_sub" -ge 2 ]; then
+   sftpoptions="$sshoptions"
+fi
+
+scpoptions="$sshoptions"
+[ "$bandwidthlimit" == 0 ] || scpoptions="$scpoptions -l $bandwidthlimit"
+
+if [ -z "$sftpoptions" ]; then
+   execstr="$options --no-print-statistics --scp-command 'scp $scpoptions' --ssh-command 'ssh $sshoptions' "
+else
+   execstr="$options --no-print-statistics --scp-command 'scp $scpoptions' --sftp-command 'sftp $sftpoptions' --ssh-command 'ssh $sshoptions' "
+fi
+
+# deal with symmetric or asymmetric (public/private key pair) encryption
+if [ -n "$encryptkey" ]; then
+    execstr="${execstr}--encrypt-key $encryptkey "
+    debug "Data will be encrypted with the GnuPG key $encryptkey."
+else
+    debug "Data will be encrypted using symmetric encryption."
+fi
+
+# deal with data signing
+if [ "$sign" == yes ]; then
+    # duplicity is not able to sign data when using symmetric encryption
+    [ -n "$encryptkey" ] || fatal "The encryptkey option must be set when signing."
+    # if needed, initialize signkey to a value that is not empty (checked above)
+    [ -n "$signkey" ] || signkey="$encryptkey"
+    execstr="${execstr}--sign-key $signkey "
+    debug "Data will be signed will the GnuPG key $signkey."
+else
+    debug "Data won't be signed."
+fi
+
+# deal with GnuPG passphrase
+[ -n "$password" ] || fatal "The password option must be set."
+
+if [ "$keep" != "yes" ]; then
+    if [ "`echo $keep | tr -d 0-9`" == "" ]; then
+	keep="${keep}D"
+    fi
+    execstr="${execstr}--remove-older-than $keep "
+fi
+
+if [ "$incremental" == "no" ]; then
+    execstr="${execstr}--full "
+fi
+
+execstr_serverpart="scp://$destuser@$desthost/$destdir"
+execstr_clientpart="/"
+
+### SOURCE ###
+
+set -o noglob
+
+# excludes
+for i in $exclude; do
+   str="${i//__star__/*}"
+   execstr="${execstr}--exclude '$str' "
+done
+	
+# includes 
+for i in $include; do
+   [ "$i" != "/" ] || fatal "Sorry, you cannot use 'include = /'"
+   str="${i//__star__/*}"
+   execstr="${execstr}--include '$str' "
+done
+
+# vsincludes
+if [ $usevserver = yes ]; then
+   for vserver in $vsnames; do
+      for vi in $vsinclude; do
+	 str="${vi//__star__/*}"
+	 str="$VROOTDIR/$vserver$str"
+	 execstr="${execstr}--include '$str' "
+      done
+   done
+fi
+
+set +o noglob
+
+### EXECUTE ###
+
+execstr=${execstr//\\*/\\\\\\*}
+
+debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
+if [ ! $test ]; then
+        export PASSPHRASE=$password
+	output=`nice -n $nicelevel \
+                  su -c \
+                    "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
+	code=$?
+	if [ $code -eq 0 ]; then
+		debug $output
+		info "Duplicity finished successfully."
+	else
+		debug $output
+		fatal "Duplicity failed."
+	fi
+fi	
+
+return 0