gpg-backup

backe123/backe.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+cd /home/backe123
+rm *.cpt *.gpg
+./backup.pl 2>&1 >> logback
+
+

backe123/backup.pl

@@ -0,0 +1,115 @@
+#!/usr/bin/perl -w
+
+#---Configuration------
+####@backe = ("/etc", "/home", "/lib", "/boot", "/var");
+
+# wo sollen die archive hin? 
+$backupdir = "/home/backe123/ablage/";
+# wo stehen die zu sichernden verzeichnisse (dateien, mit excludes)
+$excludes = "/home/backe123/quellsaft/";
+
+# mit welchem key soll das archiv verschluesselt werden?
+$gpgkey_id = "A8969D03" ;
+
+# an wen geht die mail?
+$mailuser = "age";
+
+
+#---Runtime------------
+# welche verzeichnisse sollen gesichert werden ...
+# dazu werden die dateien von excludes heran gezogen
+opendir DIR, $excludes or die "Can't open dir to search for backup paths. $excludes\n";
+# hier steht jetzt drin was gesichert werden soll
+@backe = grep { $_ ne '.' && $_ ne '..' } readdir DIR;
+closedir DIR;
+
+# datum als eindeutigen namen fuer keyfile nutzen
+$date = "0".join("-",getDate());
+$keyfilename = "key".$date;
+
+chdir($backupdir) || die ("Can't change to $backupdir! \n");
+
+#---Mainloop-----------
+foreach $dir (@backe){
+	# vorarbeit
+	print("\n----> generating random keys ..");
+	&generateRandomBits;
+	&generateSessionKey;
+	
+	# die dateinamen koennten noch beser benannt werden
+	$filename = $dir."_backup";
+
+	&tar_it;
+	&crypt_it;
+	&mail_it;
+
+	print("well done!\n\n");
+}
+
+
+#---Subraum-------------
+sub greeting{
+	print("[$date] Now I will make a backup of:\n");
+	foreach $dir(@backe){
+		print("\t".$dir."\n");
+		$excludes_file = $backupdir.$dir;
+		print("\t\t". $excludes_file."\n");
+		#TODO test ob dirs existieren
+	}
+}
+
+sub tar_it{
+	# archive erstellen
+	print("\n----> tar zcf: /$dir .. ");
+	$excludes_file = $excludes.$dir;
+	print("tar zcf $filename.tgz -C / --exclude-from $excludes_file $dir");
+	system("tar zcf $filename.tgz -C / --exclude-from $excludes_file $dir");
+	print(" tar done!\n");
+}
+
+sub crypt_it{
+	# endlich crypten
+	print("\n----> ccrypt $filename.tgz .. ");
+	# TODO: force ueberschreibt gnadenlos - vorher abchecken
+	system("ccrypt -k $keyfilename $filename.tgz --force");
+	system("rm $keyfilename");
+	system("mv $keyfilename.gpg $keyfilename$filename.gpg");
+	print(" ccrypt done!\n");
+}
+
+sub mail_it{
+	print("\n----> mail goes out .. ");
+	# mit mutt verschicken
+	# (-n -F /dev/null) umgehen die configs
+	# (-a filename) haengt datei ran; (-s subject) und body bleibt leer
+	system("mutt -n -F /dev/null -a $keyfilename$filename.gpg -i reminder.txt -s \"key-$dir\" $mailuser\@systemausfall.org < /dev/null");
+	print(" mail done!\n");
+}
+
+sub generateSessionKey{
+	# den key verschluesseln
+	print("\n----> delete existing key of today: ");
+	system("gpg --batch -q -r $gpgkey_id -e $keyfilename");
+}
+
+sub generateRandomBits{
+	# 4069 alphanumerische zeichen als key generieren
+	@chars = ("A" .. "Z", "a" .. "z", 0 .. 9); 
+	$haltdenrand = join("", @chars[ map{rand @chars} (1 .. 4096) ]);
+	# datei zum schreiben oeffnen und als ausgabe auswaehlen
+	open(DERKEY, "> $keyfilename")
+		or die "$keyfilename could not be opened";
+	#alten ausgabekanal merken
+	$oldoutput = select(DERKEY);
+	print $haltdenrand;
+	select ($oldoutput);
+	close(DERKEY);
+	system("chmod 600 $keyfilename");
+}
+
+sub getDate{
+	use Time::localtime;
+	$tm = localtime;
+	return ($tm->year+1900, $tm->mon+1, $tm->mday);
+}
+

backe123/logback

@@ -0,0 +1,156 @@
+[02004-10-27] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: gpg: WARNING: unsafe ownership on configuration file "/home/age/.gnupg/gpg.conf"
+
+----> tar zcf: /etc .. tar: Removing leading `/' from member names
+ done!
+----> ccrypt etc-backup.tgz .. done!
+
+----> delete existing key of today: gpg: WARNING: unsafe ownership on configuration file "/home/age/.gnupg/gpg.conf"
+
+----> tar zcf: /home .. tar: Removing leading `/' from member names
+ done!
+----> ccrypt hom-backup.tgz .. done!
+
+----> delete existing key of today: gpg: WARNING: unsafe ownership on configuration file "/home/age/.gnupg/gpg.conf"
+
+----> tar zcf: /lib .. tar: Removing leading `/' from member names
+ done!
+----> ccrypt lib-backup.tgz .. done!
+
+----> delete existing key of today: gpg: WARNING: unsafe ownership on configuration file "/home/age/.gnupg/gpg.conf"
+
+----> tar zcf: /boot .. tar: Removing leading `/' from member names
+ done!
+----> ccrypt boo-backup.tgz .. done!
+
+----> delete existing key of today: gpg: WARNING: unsafe ownership on configuration file "/home/age/.gnupg/gpg.conf"
+
+----> tar zcf: /var .. tar: Removing leading `/' from member names
+tar: /var/run/mysqld/mysqld.sock: socket ignored
+tar: /var/run/gcache_port: socket ignored
+ done!
+----> ccrypt var-backup.tgz .. done!
+
+[02004-11-3] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. [02004-11-3] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /home ..  done!
+----> ccrypt hom-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /lib ..  done!
+----> ccrypt lib-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /boot ..  done!
+----> ccrypt boo-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /var ..  done!
+----> ccrypt var-backup.tgz .. done!
+
+[02004-11-17] Now I will make a backup of:
+	/etc
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. done!
+
+[02004-11-17] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /home ..  done!
+----> ccrypt hom-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /lib ..  done!
+----> ccrypt lib-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /boot ..  done!
+----> ccrypt boo-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /var ..  done!
+----> ccrypt var-backup.tgz .. done!
+
+[02004-11-23] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /home ..  done!
+----> ccrypt hom-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /lib ..  done!
+----> ccrypt lib-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /boot ..  done!
+----> ccrypt boo-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /var ..  done!
+----> ccrypt var-backup.tgz .. done!
+
+[02004-11-30] Now I will make a backup of:
+	/etc
+	/home
+	/lib
+	/boot
+	/var
+----> delete existing key of today: 
+----> tar zcf: /etc ..  done!
+----> ccrypt etc-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /home ..  done!
+----> ccrypt hom-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /lib ..  done!
+----> ccrypt lib-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /boot ..  done!
+----> ccrypt boo-backup.tgz .. done!
+
+----> delete existing key of today: 
+----> tar zcf: /var ..  done!
+----> ccrypt var-backup.tgz .. done!
+

backe123/quellsaft/boot

@@ -0,0 +1,2 @@
+test
+test3

backe123/reminder.txt

@@ -0,0 +1,9 @@
+Hi AGE!
+
+Faxe hat ein neues Backup generiert.
+Sicher es doch bitte an einem anderen Ort in dem du z.B. folgendes tust:
+
+scp -r systemausfall.org:/home/backe123 .
+
+recht herzlichen Dank!
+