-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathbamboo.diy-backup.tar-gpg.sh
72 lines (60 loc) · 2.89 KB
/
bamboo.diy-backup.tar-gpg.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/bash
check_command "tar"
check_command "gpg-zip"
: ${BAMBOO_BACKUP_GPG_MODE:=asymmetric}
: ${BAMBOO_BACKUP_GPG_RECIPIENT:=}
: ${BAMBOO_BACKUP_GPG_PASSPHRASE:=}
function check_gpg_encryption_options {
case "${BAMBOO_BACKUP_GPG_MODE}" in
asymmetric)
if [[ -z ${BAMBOO_BACKUP_GPG_RECIPIENT} ]]; then
bail "In order to encrypt the backup you must set the 'BAMBOO_BACKUP_GPG_RECIPIENT' configuration variable. Exiting..."
fi
;;
symmetric)
if [[ -z ${BAMBOO_BACKUP_GPG_PASSPHRASE} ]]; then
bail "In order to encrypt the backup you must set the 'BAMBOO_BACKUP_GPG_PASSPHRASE' configuration variable. Exiting..."
fi
;;
*)
bail "Unknown encryption option; you must set the 'BAMBOO_BACKUP_GPG_MODE' configuration variable correctly. Exiting..."
;;
esac
}
function bamboo_backup_archive {
check_gpg_encryption_options
mkdir -p ${BAMBOO_BACKUP_ARCHIVE_ROOT}
BAMBOO_BACKUP_ARCHIVE_NAME=$(perl -we 'use Time::Piece; my $sydTime = localtime; print "bamboo-", $sydTime->strftime("%Y%m%d-%H%M%S-"), substr($sydTime->epoch, -3), ".tar.gz.gpg"')
info "Archiving ${BAMBOO_BACKUP_ROOT} into ${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME}"
info "Encrypting for ${BAMBOO_BACKUP_GPG_RECIPIENT}"
(
# in a subshell to avoid changing working dir on the caller
cd ${BAMBOO_BACKUP_ROOT}
if [ "${BAMBOO_BACKUP_GPG_MODE}" = asymmetric ]; then
gpg-zip --encrypt --recipient ${BAMBOO_BACKUP_GPG_RECIPIENT} \
--output ${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME} .
else
gpg-zip --symmetric --tar-args "-z" \
--gpg-args "--no-tty --passphrase-file "<(echo -n "${BAMBOO_BACKUP_GPG_PASSPHRASE}") \
--output ${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME} .
fi
) &&
info "Archived ${BAMBOO_BACKUP_ROOT} into ${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME}" ||
bail "Archiving into ${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME} failed"
}
function bamboo_restore_archive {
check_gpg_encryption_options
if [ -f ${BAMBOO_BACKUP_ARCHIVE_NAME} ]; then
BAMBOO_BACKUP_ARCHIVE_NAME=${BAMBOO_BACKUP_ARCHIVE_NAME}
else
BAMBOO_BACKUP_ARCHIVE_NAME=${BAMBOO_BACKUP_ARCHIVE_ROOT}/${BAMBOO_BACKUP_ARCHIVE_NAME}
fi
if [ "${BAMBOO_BACKUP_GPG_MODE}" = asymmetric ]; then
gpg-zip --tar-args "-C ${BAMBOO_RESTORE_ROOT}" --decrypt ${BAMBOO_BACKUP_ARCHIVE_NAME}
else
gpg-zip --tar-args "-z -C ${BAMBOO_RESTORE_ROOT}" --decrypt \
--gpg-args "--no-tty --passphrase-file "<(echo -n "${BAMBOO_BACKUP_GPG_PASSPHRASE}") \
${BAMBOO_BACKUP_ARCHIVE_NAME}
fi
info "Extracted ${BAMBOO_BACKUP_ARCHIVE_NAME} into ${BAMBOO_RESTORE_ROOT}"
}