Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding GPG encryption #47

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions automysqlbackup
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,8 @@ load_default_config() {
CONFIG_mail_address='root'
CONFIG_encrypt='no'
CONFIG_encrypt_password='password0123'
CONFIG_gpg_encrypt='no'
CONFIG_gpg_encrypt_recipient='SHORT_ID'
}

mysql_commands() {
Expand Down Expand Up @@ -346,6 +348,27 @@ files_postprocessing () {
}
# <- CONFIG_encrypt

# -> CONFIG_gpg_encrypt
[[ "${CONFIG_gpg_encrypt}" = "yes" && "${CONFIG_gpg_encrypt_recipient}" ]] && {
if (( $CONFIG_dryrun )); then
printf 'dry-running: gpg --encrypt --recipient ${CONFIG_gpg_encrypt_recipient} --output ${1}.gpg --batch ${1}'
else
gpg --encrypt --recipient ${CONFIG_gpg_encrypt_recipient} --output ${1}.gpg --batch ${1}
if (( $? == 0 )); then
if rm ${1} 2>&1; then
echo "Successfully encrypted archive as ${1}.gpg"
let "flags |= $flags_files_postprocessing_success_encrypt"
else
echo "Successfully encrypted archive as ${1}.gpg, but could not remove cleartext file ${1}."
let "E |= $E_enc_cleartext_delfailed"
fi
else
let "E |= $E_enc_failed"
fi
fi
}
# <- CONFIG_gpg_encrypt

# -> CONFIG_mysql_dump_latest
[[ "${CONFIG_mysql_dump_latest}" = "yes" ]] && {
if (( $flags & $flags_files_postprocessing_success_encrypt )); then
Expand Down Expand Up @@ -732,7 +755,7 @@ process_dbs() {
db="$1"
fi

if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && (( $activate_differential_backup )); then
if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && [[ "x${CONFIG_gpg_encrypt}" != "xyes" ]] && (( $activate_differential_backup )); then


unset manifest_entry manifest_entry_to_check
Expand Down Expand Up @@ -784,7 +807,7 @@ process_dbs() {

fi

if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && (( $activate_differential_backup )) && ((! ($filename_flags & $filename_flag_encrypted) )); then
if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && [[ "x${CONFIG_gpg_encrypt}" != "xyes" ]] && (( $activate_differential_backup )) && ((! ($filename_flags & $filename_flag_encrypted) )); then

# the master file is encrypted ... well this just shouldn't happen ^^ not going to decrypt or stuff like that ...at least not today :)

Expand Down
6 changes: 6 additions & 0 deletions automysqlbackup.conf
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,12 @@ CONFIG_db_exclude_pattern=()
# Choose a password to encrypt the backups.
#CONFIG_encrypt_password='password0123'

# Do you wish to encrypt your backups using GPG?
#CONFIG_gpg_encrypt='no'

# ID of the Public PGP Key to use. The key must already be in your keyring.
#CONFIG_gpg_encrypt_recipient='SHORT_ID'

# Other

# Backup local files, i.e. maybe you would like to backup your my.cnf (mysql server configuration), etc.
Expand Down