# Run cryptsetup with custom parameters
#hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1
- # GRUB2 from bullseye (or even older) does not support LUKS2, which seems
+ # GRUB2 from bookworm (or even older) still does not support LUKS2, which seems
# the default type for luksFormat since bullseye at least
# See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
- #hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
+ hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
# Run cryptsetup mostly with defaults
- hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
+ #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
fi
}
IMAGES="/var/data/crypt/"
RSYNC="ionice -c 3 nice -n 19 rsync -avH --delete --bwlimit=$BWLIMIT"
CP="ionice -c 3 nice -n 19 cp"
+WHOAMI="`whoami`"
# Sync backups for a node.
function sync_backups_node {
if [ ! -z "$NODE" ]; then
# Get full node hostname.
- NODE_HOSTNAME="`cat /var/vservers/$NODE/etc/hostname`"
+ NODE_HOSTNAME="`$SUDO cat /var/vservers/$NODE/etc/hostname`"
if [ -z "$NODE_HOSTNAME" ]; then
NODE_HOSTNAME="$NODE"
fi
# Sync local encrypted backup.
echo "Syncing /var/vservers/$NODE/var/backups/duplicity/..."
- mkdir -p /$MEDIA/$NODE_HOSTNAME/duplicity
- $RSYNC /var/vservers/$NODE/var/backups/duplicity/ /$MEDIA/$NODE_HOSTNAME/duplicity/
+ $SUDO mkdir -p /$MEDIA/$NODE_HOSTNAME/duplicity
+ $SUDO $RSYNC /var/vservers/$NODE/var/backups/duplicity/ /$MEDIA/$NODE_HOSTNAME/duplicity/
# Sync remote backups.
- for node in `ls /var/vservers/$NODE/var/backups/remote/`; do
+ for node in `$SUDO ls /var/vservers/$NODE/var/backups/remote/`; do
echo "Syncing /var/vservers/$NODE/var/backups/remote/$node/..."
- mkdir -p /$MEDIA/$NODE_HOSTNAME/remote/$node
- $RSYNC /var/vservers/$NODE/var/backups/remote/$node/ /$MEDIA/$NODE_HOSTNAME/remote/$node/
+ $SUDO mkdir -p /$MEDIA/$NODE_HOSTNAME/remote/$node
+ $SUDO $RSYNC /var/vservers/$NODE/var/backups/remote/$node/ /$MEDIA/$NODE_HOSTNAME/remote/$node/
done
else
# Sync local encrypted backup.
echo "Syncing /var/backups/duplicity/..."
- mkdir -p /$MEDIA/$HOSTNAME/duplicity
- $RSYNC /var/backups/duplicity/ /$MEDIA/$HOSTNAME/duplicity/
+ $SUDO mkdir -p /$MEDIA/$HOSTNAME/duplicity
+ $SUDO $RSYNC /var/backups/duplicity/ /$MEDIA/$HOSTNAME/duplicity/
# Sync remote backups.
- for node in `ls /var/backups/remote/`; do
+ for node in `$SUDO ls /var/backups/remote/`; do
echo "Syncing /var/backups/remote/$node/..."
- mkdir -p /$MEDIA/$HOSTNAME/remote/$node/
- $RSYNC /var/backups/remote/$node/ /$MEDIA/$HOSTNAME/remote/$node/
+ $SUDO mkdir -p /$MEDIA/$HOSTNAME/remote/$node/
+ $SUDO $RSYNC /var/backups/remote/$node/ /$MEDIA/$HOSTNAME/remote/$node/
done
# Copy encrypted images.
if [ -d "$IMAGES" ]; then
for image in `find $IMAGES -name '*.img' -type f`; do
echo "Copying image to /$MEDIA/$HOSTNAME/images/`dirname $image`"
- mkdir -p /$MEDIA/$HOSTNAME/images/`dirname $image`
- $CP $image /$MEDIA/$HOSTNAME/images/`dirname $image`
+ $SUDO mkdir -p /$MEDIA/$HOSTNAME/images/`dirname $image`
+ $SUDO $CP $image /$MEDIA/$HOSTNAME/images/`dirname $image`
done
fi
fi
}
-# Parsing.
+# Parsing
if [ -z "$VOLUME" ]; then
echo "usage: $BASENAME <media> [nodes]"
exit 1
-elif [ "$WHOAMI" == 'root' ]; then
- echo "Please run this command as the root user"
- exit 1
+#elif [ "$WHOAMI" != 'root' ]; then
+# echo "Please run this command as the root user"
+# exit 1
else
shift
fi
+# Set sudo config
+if [ "$WHOAMI" != 'root' ]; then
+ SUDO="sudo"
+fi
+
# Check volume name
if [ "$VOLUME" == "`hostname -f`" ]; then
echo "volume is the hostname, cannot sync to myself"
projects / hydra.git / commitdiff