From: Steinar H. Gunderson <sgunderson@bigfoot.com>
Date: Wed, 8 Oct 2014 22:48:53 +0000 (+0200)
Subject: Support switching out cat for something that e.g. encrypts before storing.
X-Git-Url: https://git.sesse.net/?p=backup.sh;a=commitdiff_plain;h=90f2496f39fe058d9cb325d0f8a47fe006401309

Support switching out cat for something that e.g. encrypts before storing.
---

diff --git a/backup.sh b/backup.sh
index 7fc7ffb..cfac607 100755
--- a/backup.sh
+++ b/backup.sh
@@ -107,6 +107,16 @@ backup()
 		lastcmd="--listed-incremental=$remotesnar"
 	fi
 
+	# The file is usually stored to disk with a simple cat > $TARFILE,
+	# but in some cases, like backing up to a remote and untrusted
+	# file system, it could be useful to replace it with e.g.
+	# a GPG command line.
+	if [ -f $confdir/storageprogram.$computer ]; then
+		storageprogram=`cat $confdir/storageprogram.$computer`
+	else
+		storageprogram=cat
+	fi
+
 	# We try to run tar on the remote computer
 	#    c create archive
 	#    C change to directory first
@@ -119,7 +129,7 @@ backup()
 	#    file and build a file list, respectivly.  
 	TARFILE=$DATE.tmp
 	TARCMD="ssh -n $username@$computer \"nice -n 19 ionice -c3 tar --one-file-system --use-compress-program $compressor -cf - -C $filesystem . $lastcmd \
-		--exclude-from=$remotehome/.backup/exclude\" | pee \"cat > $TARFILE\" \"tar tzvf -\""
+		--exclude-from=$remotehome/.backup/exclude\" | pee \"$storageprogram > $TARFILE\" \"tar tzvf -\""
 	infomsg "Running $TARCMD"
 	eval $TARCMD > $DATE.idx
 
@@ -161,6 +171,8 @@ backup()
 #  - No touching of .lastbackup for Nagios.
 #  - Failed tar operations may go undetected, since we only see the error code
 #    the last process in the pipe chain, which is gpg.
+#  - No storageprogram support (see above), because the file is typically already
+#    encrypted.
 nonprivbackup()
 {
 	infomsg "$computer:$filesystem $backuplevel non-privileged backup"