From 99434c8b07f29fd45d1db55b30b5820a47d5a1ab Mon Sep 17 00:00:00 2001 From: intrigeri Date: Thu, 6 May 2010 20:05:20 +0200 Subject: Added ftp_password option. This is the only way to securely transmit the FTP password from backupninja to duplicity. --- ChangeLog | 2 ++ examples/example.dup | 7 ++++++- handlers/dup.helper.in | 5 ++++- handlers/dup.in | 7 +++++++ 4 files changed, 19 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index cfa0959..26cac5c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,8 @@ version 0.9.8 -- UNRELEASED than the default /root/.cache/duplicity, unless the user has specified it (Closes: 580213) . Better example.dup documentation. Thanks, Alster! + . Added ftp_password option to securely transmit the FTP password + from backupninja to duplicity. version 0.9.7 -- January 27, 2010 backupninja changes diff --git a/examples/example.dup b/examples/example.dup index 2c0c41d..f260d3a 100644 --- a/examples/example.dup +++ b/examples/example.dup @@ -170,7 +170,7 @@ exclude = /home/*/.gnupg ## desturl = file:///usr/local/backup ## desturl = rsync://user@other.host//var/backup/bla ## desturl = s3+http:// -## desturl = ftp://myftpuser[:myftppassword]@ftp.example.org/remote/ftp/path +## desturl = ftp://myftpuser@ftp.example.org/remote/ftp/path ## the default value of this configuration option is not set: ## ## Default: @@ -185,6 +185,11 @@ exclude = /home/*/.gnupg # awsaccesskeyid = # awssecretaccesskey = +## FTP password, needed for backups using desturl = ftp://... +## +## Default: +# ftp_password = + ## bandwith limit, in kbit/s ; default is 0, i.e. no limit ## if using 'desturl' above, 'bandwidthlimit' must not be set ## an example setting of 128 kbps would be: diff --git a/handlers/dup.helper.in b/handlers/dup.helper.in index a47064d..ea27844 100644 --- a/handlers/dup.helper.in +++ b/handlers/dup.helper.in @@ -430,13 +430,16 @@ keep = $dup_keep #desturl = file:///usr/local/backup #desturl = rsync://user@other.host//var/backup/bla #desturl = s3+http://your_bucket -#desturl = ftp://myftpuser[:myftppassword]@ftp.example.org/remote/ftp/path +#desturl = ftp://myftpuser@ftp.example.org/remote/ftp/path # Amazon Web Services Access Key ID and Secret Access Key, needed for backups # to S3 buckets. #awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID #awssecretaccesskey = YOUR_AWS_SECRET_KEY +# FTP password, needed for backups using desturl = ftp://... +#ftp_password = + # bandwith limit, in kbit/s ; default is 0, i.e. no limit # if using 'desturl' above, 'bandwidthlimit' must not be set # an example setting of 128 kbps would be: diff --git a/handlers/dup.in b/handlers/dup.in index b881b0a..4e0bbcf 100644 --- a/handlers/dup.in +++ b/handlers/dup.in @@ -29,6 +29,7 @@ getconf keep 60 getconf desturl getconf awsaccesskeyid getconf awssecretaccesskey +getconf ftp_password getconf sshoptions getconf bandwidthlimit 0 getconf desthost @@ -44,6 +45,9 @@ destdir=${destdir%/} if [ "`echo $desturl | @AWK@ -F ':' '{print $1}'`" == "s3+http" ]; then [ -n "$awsaccesskeyid" -a -n "$awssecretaccesskey" ] || fatal "AWS access keys must be set for S3 backups." fi +if [ "`echo $desturl | @AWK@ -F ':' '{print $1}'`" == "ftp" ]; then + [ -n "$ftp_password" ] || fatal "ftp_password must be set for FTP backups." +fi ### VServers # If vservers are configured, check that the ones listed in $vsnames do exist. @@ -269,6 +273,7 @@ if [ "$duplicity_major" -ge 0 -a "$duplicity_minor" -ge 4 -a "$duplicity_sub" -g debug "$precmd duplicity cleanup --force $execstr_options $execstr_serverpart" if [ ! $test ]; then export PASSPHRASE=$password + export FTP_PASSWORD=$ftp_password output=`nice -n $nicelevel \ su -c \ "$precmd duplicity cleanup --force $execstr_options $execstr_serverpart 2>&1"` @@ -289,6 +294,7 @@ if [ "$keep" != "yes" ]; then debug "$precmd duplicity remove-older-than $keep --force $execstr_options $execstr_serverpart" if [ ! $test ]; then export PASSPHRASE=$password + export FTP_PASSWORD=$ftp_password output=`nice -n $nicelevel \ su -c \ "$precmd duplicity remove-older-than $keep --force $execstr_options $execstr_serverpart 2>&1"` @@ -309,6 +315,7 @@ debug "$precmd duplicity $execstr_command $execstr_options $execstr_source --exc if [ ! $test ]; then outputfile=`maketemp backupout` export PASSPHRASE=$password + export FTP_PASSWORD=$ftp_password output=`nice -n $nicelevel \ su -c \ "$precmd duplicity $execstr_command $execstr_options $execstr_source --exclude '**' / $execstr_serverpart >$outputfile 2>&1"` -- cgit v1.2.3