Improved duplicity handler: option to disable remote files cleaning, optionnal backup...

diff --git a/README b/README
index a85d94f97d29faa5dfa82a40017242f4007acb94..51e807aeafb72e59163bfcb2ad7dfb5f9cb8eba6 100644 (file)
--- a/README
+++ b/README
@@ -49,6 +49,7 @@ file in /etc/backup.d according to the file's suffix:
   .sh      --  run this file as a shell script.
   .rdiff   --  this is a configuration for rdiff-backup
   .maildir --  this is a configuration to backup maildirs
+  .dup     --  this is a configuration for duplicity
   .mysql   --  mysql backup configuration
   .ldap    --  ldap backup configuration
   .sys     --  general system reports

diff --git a/handlers/dup b/handlers/dup
index 955605d61ff7eff57238722e4940155d284d913c..2d759b0eee22f01155294256ce36e671ef4c1b29 100644 (file)
--- a/handlers/dup
+++ b/handlers/dup
@@ -3,11 +3,22 @@
 # requires duplicity
 #
 
-getconf password
 getconf options
-getconf keep 60
+getconf testconnect yes
+getconf nicelevel 0
+
+setsection gpg
+getconf password
+getconf sign no
+getconf encryptkey
+
+setsection source
 getconf include
 getconf exclude
+
+setsection dest
+getconf keep 60
+getconf sshoptions
 getconf desthost
 getconf destdir
 getconf destuser
@@ -18,21 +29,40 @@ destdir=${destdir%/}
 [ "$password" != "" ] || fatal "No password specified"
 
 # see if we can login
-debug "ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
-if [ ! $test ]; then
-       result=`ssh -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1' 2>&1`
+if [ "$testconnect" == "yes" ]; then
+    debug "ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1'"
+    if [ ! $test ]; then
+       result=`ssh $sshoptions -o PasswordAuthentication=no $desthost -l $destuser 'echo -n 1' 2>&1`
        if [ "$result" != "1" ]; then
-               fatal "Can't connect to $desthost as $destuser."
+           fatal "Can't connect to $desthost as $destuser."
+       else
+           debug "Connected to $desthost as $destuser successfully"
        fi
+    fi
 fi
 
-if [ "`echo $keep | tr -d 0-9`" == "" ]; then
+### COMMAND-LINE MANGLING ###
+
+execstr="$options --no-print-statistics --scp-command 'scp $sshoptions' --ssh-command 'ssh $sshoptions' "
+
+if [ "$encryptkey" == "" ]; then
+    [ "$sign" != "yes" ] || fatal "encryptkey option must be set when signing."
+else
+    execstr="${execstr}--encrypt-key $encryptkey "
+    [ "$sign" != "yes" ] || execstr="${execstr}--sign-key $encryptkey "
+fi
+
+if [ "$keep" != "yes" ]; then
+    if [ "`echo $keep | tr -d 0-9`" == "" ]; then
        keep="${keep}D"
+    fi
+    execstr="${execstr}--remove-older-than $keep "
 fi
 
 execstr_serverpart="scp://$destuser@$desthost/$destdir"
 execstr_clientpart="/"
-execstr="$options --no-print-statistics --remove-older-than $keep "
+
+### SOURCE ###
 
 # excludes
 for i in $exclude; do
@@ -46,6 +76,8 @@ for i in $include; do
        execstr="${execstr}--include $str "
 done
 
+### EXECUTE ###
+
 # exclude everything else, start with root
 #execstr="${execstr}--exclude '**' / "
                
@@ -56,9 +88,10 @@ execstr=${execstr//\\*/\\\\\\*}
 
 debug "duplicity $execstr --exclude '**' / $execstr_serverpart"
 if [ ! $test ]; then
-       PASSPHRASE=$password
-       export PASSPHRASE
-       output=`duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1`
+       output=`nice -n $nicelevel \
+                  su -c \
+                    "export PASSPHRASE=$password \
+                     && duplicity $execstr --exclude '**' / $execstr_serverpart 2>&1"`
        code=$?
        if [ "$code" == "0" ]; then
                debug $output