mirror of
https://github.com/offen/docker-volume-backup.git
synced 2024-11-14 10:30:27 +01:00
8a64da4b0b
* feat: asym encryption * tests * docs * refactor * logs & errs * comment * Update docs/reference/index.md use correct env var in example Co-authored-by: Frederik Ring <frederik.ring@gmail.com> * Update cmd/backup/encrypt_archive.go use errwarp for initial error msg Co-authored-by: Frederik Ring <frederik.ring@gmail.com> * rm orphaned code in encryption functions * inline readArmoredKeys * naming -GPG_PUBLIC_KEYS- to GPG_PUBLIC_KEY_RING * add eror handling for closing func * use dynamically generated keys for testing * rm explicit gpg-agent start * rm unnecessary private_key export * pass PASSPHRASE correctly to the decryption command * capture defer errors * log & err msg --------- Co-authored-by: Frederik Ring <frederik.ring@gmail.com>
50 lines
1.1 KiB
Bash
Executable File
50 lines
1.1 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
cd "$(dirname "$0")"
|
|
. ../util.sh
|
|
current_test=$(basename $(pwd))
|
|
|
|
export LOCAL_DIR=$(mktemp -d)
|
|
|
|
export KEY_DIR=$(mktemp -d)
|
|
|
|
export PASSPHRASE="test"
|
|
|
|
gpg --batch --gen-key <<EOF
|
|
Key-Type: RSA
|
|
Key-Length: 4096
|
|
Name-Real: offen
|
|
Name-Email: docker-volume-backup@local
|
|
Expire-Date: 0
|
|
Passphrase: $PASSPHRASE
|
|
%commit
|
|
EOF
|
|
|
|
gpg --export --armor --batch --yes --pinentry-mode loopback --passphrase $PASSPHRASE --output $KEY_DIR/public_key.asc
|
|
|
|
docker compose up -d --quiet-pull
|
|
sleep 5
|
|
|
|
docker compose exec backup backup
|
|
|
|
expect_running_containers "2"
|
|
|
|
TMP_DIR=$(mktemp -d)
|
|
|
|
gpg -d --pinentry-mode loopback --yes --passphrase $PASSPHRASE "$LOCAL_DIR/test.tar.gz.gpg" > "$LOCAL_DIR/decrypted.tar.gz"
|
|
|
|
tar -xf "$LOCAL_DIR/decrypted.tar.gz" -C $TMP_DIR
|
|
|
|
if [ ! -f $TMP_DIR/backup/app_data/offen.db ]; then
|
|
fail "Could not find expected file in untared archive."
|
|
fi
|
|
rm "$LOCAL_DIR/decrypted.tar.gz"
|
|
|
|
pass "Found relevant files in decrypted and untared local backup."
|
|
|
|
if [ ! -L "$LOCAL_DIR/test-latest.tar.gz.gpg" ]; then
|
|
fail "Could not find local symlink to latest encrypted backup."
|
|
fi
|