#
# duplicity script for backupninja
# requires duplicity
#

getconf options
getconf testconnect yes
getconf nicelevel 0

setsection gpg
getconf password
getconf sign no
getconf encryptkey

setsection source
getconf include
getconf vsnames all
getconf vsinclude
getconf exclude

setsection dest
getconf keep 60
getconf sshoptions
getconf bandwidthlimit 0
getconf desthost
getconf destdir
getconf destuser
destdir=${destdir%/}

[ "$destdir" != "" ] || fatal "Destination directory not set"
[ "$include" != "" ] || fatal "No source includes specified"
[ "$password" != "" ] || fatal "No password specified"

### vservers stuff ###

# See if vservers are configured.
# If so, check that the ones listed in $vsnames do exist.
if [ "$vservers" == "yes" ]; then
    [ -d "$VROOTDIR" ] || fatal "vservers enabled, but $VROOTDIR does not exist!"
    if [ "$vsnames" == "all" ]; then
	vsnames=""
    	for vserver in `ls $VROOTDIR | grep -E -v "lost+found|ARCHIVES"`; do
	    vsnames="$vserver $vsnames"
	done
    else
	for vserver in "$vsnames"; do
	    [ -d "$VROOTDIR/$vserver" ] || fatal "vserver '$vserver' does not exist."
	done
    fi
    if [ -n "$vsnames" ]; then
	if [ -n "$vsinclude" ]; then
	    info "Using vservers '$vsnames'"
	    usevserver=1
	fi
    else
	[ -z "$vsinclude" ] || warning 'vsnames is empty, vsinclude configuration lines will be ignored'
    fi
fi

### see if we can login ###

if [ "$testconnect" == "yes" ]; then
    debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
    if [ ! $test ]; then
	result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'`
	if [ "$result" != "1" ]; then
	    fatal "Can't connect to $desthost as $destuser."
	else
	    debug "Connected to $desthost as $destuser successfully"
	fi
    fi
fi

### COMMAND-LINE MANGLING ###

scpoptions="$sshoptions"
[ "$bandwidthlimit" == 0 ] || scpoptions="$scpoptions -l $bandwidthlimit"

execstr="$options --no-print-statistics --scp-command 'scp $scpoptions' --ssh-command 'ssh $sshoptions' "

if [ "$encryptkey" == "" ]; then
    [ "$sign" != "yes" ] || fatal "encryptkey option must be set when signing."
else
    execstr="${execstr}--encrypt-key $encryptkey "
    [ "$sign" != "yes" ] || execstr="${execstr}--sign-key $encryptkey "
fi

if [ "$keep" != "yes" ]; then
    if [ "`echo $keep | tr -d 0-9`" == "" ]; then
	keep="${keep}D"
    fi
    execstr="${execstr}--remove-older-than $keep "
fi

execstr_serverpart="scp://$destuser@$desthost/$destdir"
execstr_clientpart="/"

### SOURCE ###

# excludes
for i in $exclude; do
	str="${i//__star__/*}"
	execstr="${execstr}--exclude $str "
done
	
# includes 
for i in $include; do
	str="${i//__star__/*}"
	execstr="${execstr}--include $str "
done

# vsincludes
if [ $usevserver ]; then
    for vserver in $vsnames; do
	for vi in $vsinclude; do
	    str="${vi//__star__/*}"
	    execstr="${execstr}--include '$VROOTDIR/$vserver$str' "
	done
    done
fi

### EXECUTE ###

# exclude everything else, start with root
#execstr="${execstr}--exclude '**' / "
		
# include client-part and server-part
#execstr="$execstr $execstr_serverpart"

execstr=${execstr//\\*/\\\\\\*}

debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
if [ ! $test ]; then
	output=`nice -n $nicelevel \
                  su -c \
                    "export PASSPHRASE=$password \
                     && duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
	code=$?
	if [ "$code" == "0" ]; then
		debug $output
		info "Duplicity finished successfully."
	else
		warning $output
		warning "Duplicity failed."
	fi
fi	

return 0