encrypt rclone backups

3 files changed, 11 insertions, 1 deletions

diff --git a/modules/partofme/files/rclone-cron b/modules/partofme/files/rclone-cron
index 96627d3..13d6476 100644
--- a/modules/partofme/files/rclone-cron
+++ b/modules/partofme/files/rclone-cron
@@ -1,3 +1,3 @@
 #!/bin/sh
 
-rclone --config /etc/rclone.conf sync /media/persistent b2:doy-rclone/partofme --exclude '/duplicati/**'
+rclone --config /etc/rclone.conf sync /media/persistent crypt:partofme --exclude '/duplicati/**'
diff --git a/modules/partofme/manifests/backups.pp b/modules/partofme/manifests/backups.pp
index e06d57c..81b876b 100644
--- a/modules/partofme/manifests/backups.pp
+++ b/modules/partofme/manifests/backups.pp
@@ -61,6 +61,8 @@ class partofme::backups {
 
   $b2_account = secret::value('b2-account')
   $b2_key = secret::value('b2-key')
+  $b2_password = secret::value('b2-password')
+  $b2_salt = secret::value('b2-salt')
   file { '/etc/rclone.conf':
     content => template('partofme/rclone.conf');
   }
diff --git a/modules/partofme/templates/rclone.conf b/modules/partofme/templates/rclone.conf
index efba716..9dd4c77 100644
--- a/modules/partofme/templates/rclone.conf
+++ b/modules/partofme/templates/rclone.conf
@@ -2,3 +2,11 @@
 type = b2
 account = <%= @b2_account %>
 key = <%= @b2_key %>
+
+[crypt]
+type = crypt
+remote = b2:doy-rclone
+password = <%= @b2_password %>
+password2 = <%= @b2_salt %>
+filename_encryption = off
+directory_name_encryption = false