From b9852c7d93fdd9aa2eea4787688afb5cebc71fcf Mon Sep 17 00:00:00 2001 From: Sébastien Dailly Date: Sat, 5 Sep 2020 12:04:56 +0200 Subject: Added duply configuration --- duply/.config/ovh/duplicity-dominique.sh | 33 +++++++++++ duply/.config/ovh/duplicity-sebastien.sh | 33 +++++++++++ duply/.duply/jdr/conf | 30 ++++++++++ duply/.duply/jdr/exclude | 9 +++ duply/.duply/music/conf | 30 ++++++++++ duply/.duply/music/exclude | 9 +++ duply/scripts/duplicity/duply_common.sh | 25 +++++++++ duply/scripts/duplicity/gen_config_remote.sh | 84 ++++++++++++++++++++++++++++ 8 files changed, 253 insertions(+) create mode 100644 duply/.config/ovh/duplicity-dominique.sh create mode 100644 duply/.config/ovh/duplicity-sebastien.sh create mode 100644 duply/.duply/jdr/conf create mode 100644 duply/.duply/jdr/exclude create mode 100644 duply/.duply/music/conf create mode 100644 duply/.duply/music/exclude create mode 100644 duply/scripts/duplicity/duply_common.sh create mode 100755 duply/scripts/duplicity/gen_config_remote.sh diff --git a/duply/.config/ovh/duplicity-dominique.sh b/duply/.config/ovh/duplicity-dominique.sh new file mode 100644 index 0000000..9216a84 --- /dev/null +++ b/duply/.config/ovh/duplicity-dominique.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# To use an Openstack cloud you need to authenticate against keystone, which +# returns a **Token** and **Service Catalog**. The catalog contains the +# endpoint for all services the user/tenant has access to - including nova, +# glance, keystone, swift. +# +export OS_AUTH_URL=https://auth.cloud.ovh.net/v3/ +export OS_IDENTITY_API_VERSION=3 + +export OS_USER_DOMAIN_NAME=${OS_USER_DOMAIN_NAME:-"Default"} +export OS_PROJECT_DOMAIN_NAME=${OS_PROJECT_DOMAIN_NAME:-"Default"} + + +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=32e0c3f386b948c4bfe4e32432de0840 +export OS_TENANT_NAME="2791115820090485" + +# In addition to the owning entity (tenant), openstack stores the entity +# performing the action as the **user**. +export OS_USERNAME="user-nrxQPP2sUWt8" + +# With Keystone you pass the keystone password. +echo "Please enter your OpenStack Password: " +read -sr OS_PASSWORD_INPUT +export OS_PASSWORD=$OS_PASSWORD_INPUT + +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="SBG" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi \ No newline at end of file diff --git a/duply/.config/ovh/duplicity-sebastien.sh b/duply/.config/ovh/duplicity-sebastien.sh new file mode 100644 index 0000000..98dad7d --- /dev/null +++ b/duply/.config/ovh/duplicity-sebastien.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# To use an Openstack cloud you need to authenticate against keystone, which +# returns a **Token** and **Service Catalog**. The catalog contains the +# endpoint for all services the user/tenant has access to - including nova, +# glance, keystone, swift. +# +export OS_AUTH_URL=https://auth.cloud.ovh.net/v3/ +export OS_IDENTITY_API_VERSION=3 + +export OS_USER_DOMAIN_NAME=${OS_USER_DOMAIN_NAME:-"Default"} +export OS_PROJECT_DOMAIN_NAME=${OS_PROJECT_DOMAIN_NAME:-"Default"} + + +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=32e0c3f386b948c4bfe4e32432de0840 +export OS_TENANT_NAME="2791115820090485" + +# In addition to the owning entity (tenant), openstack stores the entity +# performing the action as the **user**. +export OS_USERNAME="user-YMYCthGKGFhX" + +# With Keystone you pass the keystone password. +echo "Please enter your OpenStack Password: " +read -sr OS_PASSWORD_INPUT +export OS_PASSWORD=$OS_PASSWORD_INPUT + +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="GRA" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi \ No newline at end of file diff --git a/duply/.duply/jdr/conf b/duply/.duply/jdr/conf new file mode 100644 index 0000000..19ed70d --- /dev/null +++ b/duply/.duply/jdr/conf @@ -0,0 +1,30 @@ +# base directory to backup +SOURCE='/home/sebastien/Documents/jdr' + +# Storage directory +export STORAGE_NAME="jdr" +export PCA_OS_REGION_NAME=GRA +export HOT_OS_REGION_NAME=GRA + +GPG_KEYS_ENC='2421BCBD56473645,933FFFBA5E8867338DF2FF645E23E7695299F9AB' +GPG_KEY_SIGN='F6859BC3CC712DF8' +# set if signing key passphrase differs from encryption (key) passphrase +# NOTE: available since duplicity 0.6.14, translates to SIGN_PASSPHRASE +#GPG_PW_SIGN='' + +# uncomment and set a file path or name force duply to use this gpg executable +# available in duplicity 0.7.04 and above (currently unreleased 06/2015) +#GPG='/usr/local/gpg-2.1/bin/gpg' + +# gpg options passed from duplicity to gpg process (default='') +# e.g. "--trust-model pgp|classic|direct|always" +# or "--compress-algo=bzip2 --bzip2-compress-level=9" +# or "--personal-cipher-preferences AES256,AES192,AES..." +# or "--homedir ~/.duply" - keep keyring and gpg settings duply specific +# or "--pinentry-mode loopback" - needed for GPG 2.1+ _and_ +# also enable allow-loopback-pinentry in your .gnupg/gpg-agent.conf +#GPG_OPTS='' + +. ~/scripts/duplicity/duply_common.sh + +DUPL_PARAMS="$DUPL_PARAMS --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' " diff --git a/duply/.duply/jdr/exclude b/duply/.duply/jdr/exclude new file mode 100644 index 0000000..9558c66 --- /dev/null +++ b/duply/.duply/jdr/exclude @@ -0,0 +1,9 @@ +# although called exclude, this file is actually a globbing file list +# duplicity accepts some globbing patterns, even including ones here +# here is an example, this incl. only 'dir/bar' except it's subfolder 'foo' +# - dir/bar/foo +# + dir/bar +# - ** +# for more details see duplicity manpage, section File Selection +# http://duplicity.nongnu.org/duplicity.1.html#sect9 + diff --git a/duply/.duply/music/conf b/duply/.duply/music/conf new file mode 100644 index 0000000..63e110a --- /dev/null +++ b/duply/.duply/music/conf @@ -0,0 +1,30 @@ +# base directory to backup +SOURCE='/home/sebastien/Musique' + +# Storage directory +export STORAGE_NAME="music" +export PCA_OS_REGION_NAME=GRA +export HOT_OS_REGION_NAME=GRA + +GPG_KEYS_ENC='2421BCBD56473645,933FFFBA5E8867338DF2FF645E23E7695299F9AB' +GPG_KEY_SIGN='F6859BC3CC712DF8' +# set if signing key passphrase differs from encryption (key) passphrase +# NOTE: available since duplicity 0.6.14, translates to SIGN_PASSPHRASE +#GPG_PW_SIGN='' + +# uncomment and set a file path or name force duply to use this gpg executable +# available in duplicity 0.7.04 and above (currently unreleased 06/2015) +#GPG='/usr/local/gpg-2.1/bin/gpg' + +# gpg options passed from duplicity to gpg process (default='') +# e.g. "--trust-model pgp|classic|direct|always" +# or "--compress-algo=bzip2 --bzip2-compress-level=9" +# or "--personal-cipher-preferences AES256,AES192,AES..." +# or "--homedir ~/.duply" - keep keyring and gpg settings duply specific +# or "--pinentry-mode loopback" - needed for GPG 2.1+ _and_ +# also enable allow-loopback-pinentry in your .gnupg/gpg-agent.conf +#GPG_OPTS='' + +. ~/scripts/duplicity/duply_common.sh + +DUPL_PARAMS="$DUPL_PARAMS --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' " diff --git a/duply/.duply/music/exclude b/duply/.duply/music/exclude new file mode 100644 index 0000000..9558c66 --- /dev/null +++ b/duply/.duply/music/exclude @@ -0,0 +1,9 @@ +# although called exclude, this file is actually a globbing file list +# duplicity accepts some globbing patterns, even including ones here +# here is an example, this incl. only 'dir/bar' except it's subfolder 'foo' +# - dir/bar/foo +# + dir/bar +# - ** +# for more details see duplicity manpage, section File Selection +# http://duplicity.nongnu.org/duplicity.1.html#sect9 + diff --git a/duply/scripts/duplicity/duply_common.sh b/duply/scripts/duplicity/duply_common.sh new file mode 100644 index 0000000..0a55b64 --- /dev/null +++ b/duply/scripts/duplicity/duply_common.sh @@ -0,0 +1,25 @@ +JSON_CONF=$(mktemp) +cleanup() { + rm -f "${JSON_CONF}" +} +trap cleanup INT TERM EXIT + +function gpg_export_if_needed { + echo "Prevent GPG keys for beeing exported" +} + +# Override the read command with zenity +read() { + if command -v zenity &> /dev/null + then + eval $2=$(zenity --password) + else + command read $* + fi +} +. ~/.config/ovh/duplicity-$(whoami).sh + +#Generate the configuration +~/scripts/duplicity/gen_config_remote.sh "${JSON_CONF}" + +TARGET="multi:${JSON_CONF}?mode=mirror&onfail=continue" diff --git a/duply/scripts/duplicity/gen_config_remote.sh b/duply/scripts/duplicity/gen_config_remote.sh new file mode 100755 index 0000000..55f5a34 --- /dev/null +++ b/duply/scripts/duplicity/gen_config_remote.sh @@ -0,0 +1,84 @@ +#!/bin/sh + +if test "x${PCA_OS_REGION_NAME}" = x; then + PCA_OS_REGION_NAME=${OS_REGION_NAME} +fi + +if test "x${HOT_OS_REGION_NAME}" = x; then + HOT_OS_REGION_NAME=${OS_REGION_NAME} +fi + +envsubst > $1 << EOF +[ + { + "description": "Cold storage", + "url": "pca://${STORAGE_NAME}", + "env": [ + { + "name": "PCA_AUTHURL", + "value": "${OS_AUTH_URL}" + }, + { + "name": "PCA_AUTHVERSION", + "value": "${OS_IDENTITY_API_VERSION}" + }, + { + "name": "PCA_PROJECT_DOMAIN_NAME", + "value": "Default" + }, + { + "name": "PCA_TENANTID", + "value": "${OS_TENANT_ID}" + }, + { + "name": "PCA_USERNAME", + "value": "${OS_USERNAME}" + }, + { + "name": "PCA_PASSWORD", + "value": "${OS_PASSWORD}" + }, + { + "name": "PCA_REGIONNAME", + "value": "${PCA_OS_REGION_NAME}" + } + ], + "prefixes": ["cold_"] + }, + { + "description": "Hot storage", + "url": "swift://${STORAGE_NAME}_indexes", + "env": [ + { + "name": "SWIFT_AUTHURL", + "value": "${OS_AUTH_URL}" + }, + { + "name": "SWIFT_AUTHVERSION", + "value": "${OS_IDENTITY_API_VERSION}" + }, + { + "name": "SWIFT_PROJECT_DOMAIN_NAME", + "value": "${OS_PROJECT_DOMAIN_NAME}" + }, + { + "name": "SWIFT_TENANTID", + "value": "${OS_TENANT_ID}" + }, + { + "name": "SWIFT_USERNAME", + "value": "${OS_USERNAME}" + }, + { + "name": "SWIFT_PASSWORD", + "value": "${OS_PASSWORD}" + }, + { + "name": "SWIFT_REGIONNAME", + "value": "${HOT_OS_REGION_NAME}" + } + ], + "prefixes": ["hot_"] + } +] +EOF -- cgit v1.2.3