mirror of
https://github.com/offen/docker-volume-backup.git
synced 2024-11-10 00:30:29 +01:00
44ad3bbda2
GPG is known to have usability issues and is generally cumbersome to use. age [0] is a modern alternative to GPG that is designed by a cryptographer that has worked and continues to work on Golang's crypto packages for years. Allowing age to be used to encrypt backups dramatically simplifies the backup process. [0]: https://age-encryption.org/
40 lines
932 B
Bash
Executable File
40 lines
932 B
Bash
Executable File
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
cd "$(dirname "$0")"
|
|
. ../util.sh
|
|
current_test=$(basename "$(pwd)")
|
|
|
|
export LOCAL_DIR="$(mktemp -d)"
|
|
|
|
docker compose up -d --quiet-pull
|
|
sleep 5
|
|
|
|
docker compose exec backup backup
|
|
|
|
expect_running_containers "2"
|
|
|
|
TMP_DIR=$(mktemp -d)
|
|
|
|
# complex usage of expect(1) due to age not have a way to programmatically
|
|
# provide the passphrase
|
|
expect -i <<EOL
|
|
spawn age --decrypt -o "$LOCAL_DIR/decrypted.tar.gz" "$LOCAL_DIR/test.tar.gz.age"
|
|
expect -exact "Enter passphrase: "
|
|
send -- "Dance.0Tonight.Go.Typical\r"
|
|
sleep 1
|
|
EOL
|
|
tar -xf "$LOCAL_DIR/decrypted.tar.gz" -C "$TMP_DIR"
|
|
|
|
if [ ! -f "$TMP_DIR/backup/app_data/offen.db" ]; then
|
|
fail "Could not find expected file in untared archive."
|
|
fi
|
|
rm -vf "$LOCAL_DIR/decrypted.tar.gz"
|
|
|
|
pass "Found relevant files in decrypted and untared local backup."
|
|
|
|
if [ ! -L "$LOCAL_DIR/test-latest.tar.gz.age" ]; then
|
|
fail "Could not find local symlink to latest encrypted backup."
|
|
fi
|