remote/duplicity

   1 #!/bin/sh -eu
   2 # SYNTAX: $duplicity_options
   3 # DESCRIPTION: encapsuleur de duplicity(1) préchargeant sa clef OpenPGP.
   4 tool=$(readlink -e "${0%/*}/..")
   5 . "$tool"/remote/lib.sh
   6
   7 uid=backup+"$local_hostname"@"$local_domainname"
   8 trap_exit () {
   9         errno=$?
  10         "$tool"/remote/gpg-preset-passphrase --forget "$uid"
  11         exit $errno
  12  }
  13 trap trap_exit EXIT
  14 "$tool"/remote/gpg-preset-passphrase --preset "$uid"
  15
  16 while IFS=: read -r type trust size algo keyid date x x x x x cap x
  17  do case $type,$cap in
  18         (sub,e) encrypt_key=${keyid#????????};;
  19         (sub,s) sign_key=$keyid;;
  20  esac done <<-EOF
  21         $("$tool"/remote/gpg --list-public-keys --with-colons -- "$uid")
  22         EOF
  23
  24 /usr/bin/duplicity \
  25  --archive-dir "$tool"/var/backup/current/archive \
  26  --gpg-options --homedir="$tool"/var/pub/openpgp \
  27  --gpg-options --trusted-key="$sign_key" \
  28  --gpg-options --no-permission-warning \
  29  --encrypt-key "$encrypt_key" \
  30  --sign-key "${sign_key}" \
  31  --use-agent \
  32  -vw ${TRACE:+--verbosity info} \
  33  "$@"