node="`hydra_get_fqdn_from_nodename $node`"
sshkey="$HYDRA_FOLDER/keyring/keys/nodes/$node/ssh/id_rsa.asc"
gpgkey="$HYDRA_FOLDER/keyring/keys/nodes/$node/gpg/key.asc"
+ borgkey="$HYDRA_FOLDER/keyring/keys/nodes/$node/borg/key.asc"
if [ "$which" == "all" ]; then
hydra_genpairs ssh $node
if [ ! -e "$gpgkey" ]; then
hydra_genpairs openpgp $node
fi
+
+ if [ ! -e "$borgkey" ]; then
+ hydra_newkeys_borg $node
+ fi
elif [ "$which" == "ssh" ]; then
hydra_genpairs ssh $node
elif [ "$which" == "openpgp" ]; then
hydra_genpairs openpgp $node
+ elif [ ! -e "$borg" ]; then
+ hydra_newkeys_borg $node
fi
done
}
+function hydra_newkeys_borg {
+ # Check for borg
+ if ! which borg &> /dev/null; then
+ echo "Please install borgbackup to be able to generate borg keys"
+ return 1
+ fi
+
+ # Set working folder
+ hydra_set_tmpfile hydra.newkeys.borg -d
+ mkdir -p $TMPWORK/keys
+
+ # Set password
+ # BORG_PASSCOMMAND is supported only on recent borg
+ #read -s -rep "Borg key password: " password
+ #export BORG_PASSCOMMAND='keyringer $HYDRA decrypt nodes/$node/borg/key.passwd 2> /dev/nul'
+ keyringer $HYDRA pwgen nodes/$node/borg/key.passwd
+ password="`keyringer $HYDRA decrypt nodes/$node/borg/key.passwd 2> /dev/null`"
+ export BORG_PASSPHRASE="$password"
+
+ # Set borg parameters
+ export BORG_CONFIG_DIR="$TMPWORK"
+ export BORG_KEY_FILE="$TMPWORK/keys/key"
+
+ # Create key
+ borg init --encryption=keyfile $TMPWORK/repo
+
+ # Encrypt key
+ cat $BORG_KEY_FILE | keyringer $HYDRA encrypt nodes/$node/borg/key
+
+ # Cleanup
+ if which wipe &> /dev/null; then
+ wipe -rf $TMPWORK
+ else
+ rm -rf $TMPWORK
+ fi
+}
+
function hydra_genpairs {
BASEDIR="/tmp"
projects / hydra.git / commitdiff