#!/bin/sh -eu
# SYNTAX: $duplicity_options
${TRACE:+set -x}

while IFS=: read -r type trust size algo keyid date x x x x x cap x
 do case $type,$cap in
	(sub,e) encrypt_key=${keyid#????????};;
	(sub,s) sign_key=$keyid;;
 esac done <<-EOF
	$(gpg --list-public-keys --with-colons \
	 -- "backup+$(hostname)@$(domainname)")
	EOF

/usr/bin/duplicity \
 --archive-dir ~backup/archive \
 --gpg-options --trusted-key="$sign_key" \
 --encrypt-key "$encrypt_key" \
 --sign-key "${sign_key#????????}" \
 --use-agent \
 -vw ${TRACE:+--verbosity info} \
 "$@"