diff options
author | Jesse Luehrs <doy@tozt.net> | 2021-03-26 01:36:50 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2021-03-26 01:36:50 -0400 |
commit | f81b920c9e1405d9e40ae912a225c2d44c93ed68 (patch) | |
tree | f5bb953af8a2266e7c0d084d414464f59cc83c40 /modules | |
parent | be3269232762ef93774cc907d3462931aea7a374 (diff) | |
download | puppet-tozt-f81b920c9e1405d9e40ae912a225c2d44c93ed68.tar.gz puppet-tozt-f81b920c9e1405d9e40ae912a225c2d44c93ed68.zip |
encrypt rclone backups
Diffstat (limited to 'modules')
-rw-r--r-- | modules/partofme/files/rclone-cron | 2 | ||||
-rw-r--r-- | modules/partofme/manifests/backups.pp | 2 | ||||
-rw-r--r-- | modules/partofme/templates/rclone.conf | 8 |
3 files changed, 11 insertions, 1 deletions
diff --git a/modules/partofme/files/rclone-cron b/modules/partofme/files/rclone-cron index 96627d3..13d6476 100644 --- a/modules/partofme/files/rclone-cron +++ b/modules/partofme/files/rclone-cron @@ -1,3 +1,3 @@ #!/bin/sh -rclone --config /etc/rclone.conf sync /media/persistent b2:doy-rclone/partofme --exclude '/duplicati/**' +rclone --config /etc/rclone.conf sync /media/persistent crypt:partofme --exclude '/duplicati/**' diff --git a/modules/partofme/manifests/backups.pp b/modules/partofme/manifests/backups.pp index e06d57c..81b876b 100644 --- a/modules/partofme/manifests/backups.pp +++ b/modules/partofme/manifests/backups.pp @@ -61,6 +61,8 @@ class partofme::backups { $b2_account = secret::value('b2-account') $b2_key = secret::value('b2-key') + $b2_password = secret::value('b2-password') + $b2_salt = secret::value('b2-salt') file { '/etc/rclone.conf': content => template('partofme/rclone.conf'); } diff --git a/modules/partofme/templates/rclone.conf b/modules/partofme/templates/rclone.conf index efba716..9dd4c77 100644 --- a/modules/partofme/templates/rclone.conf +++ b/modules/partofme/templates/rclone.conf @@ -2,3 +2,11 @@ type = b2 account = <%= @b2_account %> key = <%= @b2_key %> + +[crypt] +type = crypt +remote = b2:doy-rclone +password = <%= @b2_password %> +password2 = <%= @b2_salt %> +filename_encryption = off +directory_name_encryption = false |