# requires duplicity
#
-getconf password
getconf options
-getconf keep 60
+getconf testconnect yes
+getconf nicelevel 0
+
+setsection gpg
+getconf password
+getconf sign no
+getconf encryptkey
+getconf signkey
+
+setsection source
getconf include
+getconf vsnames all
+getconf vsinclude
getconf exclude
+
+setsection dest
+getconf incremental yes
+getconf keep 60
+getconf sshoptions
+getconf bandwidthlimit 0
getconf desthost
getconf destdir
getconf destuser
[ "$destdir" != "" ] || fatal "Destination directory not set"
[ "$include" != "" ] || fatal "No source includes specified"
-[ "$password" != "" ] || fatal "No password specified"
-# see if we can login
-debug "ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
-if [ ! $test ]; then
- result=`ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1' 2>&1`
+### vservers stuff ###
+
+# See if vservers are configured.
+# If so, check that the ones listed in $vsnames do exist.
+if [ "$vservers" == "yes" ]; then
+ [ -d "$VROOTDIR" ] || fatal "vservers enabled, but $VROOTDIR does not exist!"
+ if [ "$vsnames" == "all" ]; then
+ vsnames=""
+ for vserver in `ls $VROOTDIR | grep -E -v "lost+found|ARCHIVES"`; do
+ vsnames="$vserver $vsnames"
+ done
+ else
+ for vserver in "$vsnames"; do
+ [ -d "$VROOTDIR/$vserver" ] || fatal "vserver '$vserver' does not exist."
+ done
+ fi
+ if [ -n "$vsnames" ]; then
+ if [ -n "$vsinclude" ]; then
+ info "Using vservers '$vsnames'"
+ usevserver=1
+ fi
+ else
+ [ -z "$vsinclude" ] || warning 'vsnames is empty, vsinclude configuration lines will be ignored'
+ fi
+fi
+
+### see if we can login ###
+
+if [ "$testconnect" == "yes" ]; then
+ debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
+ if [ ! $test ]; then
+ result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'`
if [ "$result" != "1" ]; then
- fatal "Can't connect to $desthost as $destuser."
+ fatal "Can't connect to $desthost as $destuser."
+ else
+ debug "Connected to $desthost as $destuser successfully"
fi
+ fi
fi
-if [ "`echo $keep | tr -d 0-9`" == "" ]; then
+### COMMAND-LINE MANGLING ###
+
+scpoptions="$sshoptions"
+[ "$bandwidthlimit" == 0 ] || scpoptions="$scpoptions -l $bandwidthlimit"
+
+execstr="$options --no-print-statistics --scp-command 'scp $scpoptions' --ssh-command 'ssh $sshoptions' "
+
+# deal with symmetric or asymmetric (public/private key pair) encryption
+if [ -n "$encryptkey" ]; then
+ execstr="${execstr}--encrypt-key $encryptkey "
+ debug "Data will be encrypted with the GnuPG key $encryptkey."
+else
+ [ -n "$password" ] || fatal "The password option must be set when using symmetric encryption."
+ debug "Data will be encrypted using symmetric encryption."
+fi
+
+# deal with data signing
+if [ "$sign" == yes ]; then
+ # duplicity is not able to sign data when using symmetric encryption
+ [ -n "$encryptkey" ] || fatal "The encryptkey option must be set when signing."
+ # if needed, initialize signkey to a value that is not empty (checked above)
+ [ -n "$signkey" ] || signkey="$encryptkey"
+ # check password validity
+ [ -n "$password" ] || fatal "The password option must be set when signing."
+ execstr="${execstr}--sign-key $signkey "
+ debug "Data will be signed will the GnuPG key $signkey."
+else
+ debug "Data won't be signed."
+fi
+
+if [ "$keep" != "yes" ]; then
+ if [ "`echo $keep | tr -d 0-9`" == "" ]; then
keep="${keep}D"
+ fi
+ execstr="${execstr}--remove-older-than $keep "
+fi
+
+if [ "$incremental" == "no" ]; then
+ execstr="${execstr}--full "
fi
execstr_serverpart="scp://$destuser@$desthost/$destdir"
execstr_clientpart="/"
-execstr="$options --no-print-statistics --remove-older-than $keep "
+
+### SOURCE ###
# excludes
for i in $exclude; do
str="${i//__star__/*}"
- execstr="${execstr}--exclude $str "
+ execstr="${execstr}--exclude '$str' "
done
# includes
for i in $include; do
str="${i//__star__/*}"
- execstr="${execstr}--include $str "
+ execstr="${execstr}--include '$str' "
done
+# vsincludes
+if [ $usevserver ]; then
+ for vserver in $vsnames; do
+ for vi in $vsinclude; do
+ str="${vi//__star__/*}"
+ execstr="${execstr}--include '$VROOTDIR/$vserver$str' "
+ done
+ done
+fi
+
+### EXECUTE ###
+
# exclude everything else, start with root
#execstr="${execstr}--exclude '**' / "
debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
if [ ! $test ]; then
- PASSPHRASE=$password
- export PASSPHRASE
- output=`duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1`
+ export PASSPHRASE=$password
+ output=`nice -n $nicelevel \
+ su -c \
+ "duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
code=$?
- if [ "$code" == "0" ]; then
+ if [ $code -eq 0 ]; then
debug $output
info "Duplicity finished successfully."
else
- warning $output
- warning "Duplicity failed."
+ debug $output
+ fatal "Duplicity failed."
fi
fi
projects / matthijs / upstream / backupninja.git / blobdiff