Borg: custom keyfile support

author Silvio Rhatto <rhatto@riseup.net>

Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)
diff --git a/manifests/borg.pp b/manifests/borg.pp

index e0279843577c98c3533fec554cf138e39460f568..eff0f74b85d39773d9865cde7dda0f5c47c8aee1 100644 (file)
--- a/manifests/borg.pp
+++ b/manifests/borg.pp
@@ -7,6 +7,7 @@ define backup::borg(
      $user           = $::hostname,
      $host           = "${title}.${::domain}",
      $encryption     = 'repokey',
+    $keyfile        = '',
      $order          = 95,
      $periodic_check = absent,
      $password,
diff --git a/templates/borg.sh.erb b/templates/borg.sh.erb

index dfb3d1fdc7f6df83d270505b00caaf3cc8f43250..c32d63e9ea6db82428cb5b9e1de6939667f4f228 100644 (file)
--- a/templates/borg.sh.erb
+++ b/templates/borg.sh.erb
@@ -14,6 +14,15 @@ export BORG_PASSPHRASE='<%= @password %>'
  # or this to ask an external program to supply the passphrase:
  #export BORG_PASSCOMMAND='pass show backup'
  
+# Custom keyfile support
+if [ "<%= @encryption %>" == "keyfile" ] && [ ! -z "<%= @keyfile %>" ]; then
+  if [ ! -e "<%= @keyfile %>" ]; then
+    fatal "Keyfile not found: <%= @keyfile %>. Please create it manually."
+  fi
+
+  export BORG_KEY_FILE="/root/.borg/hydra/key"
+fi
+
  # some helpers and error handling:
  #info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
  trap 'info $( date ) Backup interrupted >&2; exit 2' INT TERM
author	Silvio Rhatto <rhatto@riseup.net>
	Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Wed, 23 May 2018 17:49:45 +0000 (14:49 -0300)
manifests/borg.pp		patch \| blob \| history
templates/borg.sh.erb		patch \| blob \| history