28 lines
675 B
Bash
Executable File
28 lines
675 B
Bash
Executable File
#!/bin/ash
|
|
|
|
echo "backupinator :D"
|
|
|
|
if [ ! -d /in ] || [ ! -d /out ] || [ ! -d /keys ]; then
|
|
echo "Please start this container with /in, /out and /keys mounted"
|
|
exit 1
|
|
fi
|
|
|
|
tar czf /tmp/backup.tar.gz -C /in .
|
|
|
|
# encryption
|
|
|
|
openssl rand -out /tmp/secret.key 32
|
|
openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -salt -pass file:/tmp/secret.key \
|
|
-in /tmp/backup.tar.gz \
|
|
-out /out/backup.tar.gz.enc
|
|
|
|
for keyfile in $(ls /keys); do
|
|
tmpkey=$(mktemp)
|
|
ssh-keygen -e -f "/keys/$keyfile" -m PKCS8 > "$tmpkey"
|
|
openssl rsautl -encrypt -oaep -pubin -inkey "$tmpkey" \
|
|
-in /tmp/secret.key \
|
|
-out "/out/key-${keyfile%.*}.enc"
|
|
rm $tmpkey
|
|
done
|
|
|