From 5d06f119cd27a73cecd78975b081c4fd78b52c7f Mon Sep 17 00:00:00 2001 From: Fenris Wolf Date: Mon, 2 Mar 2026 22:28:59 +0100 Subject: [PATCH] [mod] Umsetzung von borg-repokey-encryption --- misc/conf-example-complex.mmr.json | 6 +++ source/conf.ts | 61 +++++++++++++++++++++++++----- source/helpers/borg.ts | 48 +++++++++++++++++++++-- source/logic/transfer/_factory.ts | 1 + source/logic/transfer/borg.ts | 36 ++++++++++++++++++ 5 files changed, 140 insertions(+), 12 deletions(-) diff --git a/misc/conf-example-complex.mmr.json b/misc/conf-example-complex.mmr.json index ef9ade9..0e6d22e 100644 --- a/misc/conf-example-complex.mmr.json +++ b/misc/conf-example-complex.mmr.json @@ -7,6 +7,12 @@ "parameters": { "repository": "ssh://backup.example.org///repos/example", "compression": "lz4", + "encryption": { + "kind": "repokey", + "data": { + "passphrase": "top_secret" + } + }, "pruning": { "keep_weekly": 1, "keep_yearly": 2 diff --git a/source/conf.ts b/source/conf.ts index fc9a43a..f640963 100644 --- a/source/conf.ts +++ b/source/conf.ts @@ -101,6 +101,57 @@ namespace _mimir.conf ], "default": "lz4" }, + "encryption": { + "anyOf": [ + { + "nullable": false, + "type": "object", + "properties": { + "kind": { + "type": "string", + "enum": ["none"] + } + }, + "additionalProperties": false, + "required": [ + "kind" + ], + }, + { + "nullable": false, + "type": "object", + "properties": { + "kind": { + "type": "string", + "enum": ["repokey"] + }, + "data": { + "nullable": true, + "type": "object", + "properties": { + "passphrase": { + "nullable": false, + "type": "string" + }, + }, + "additionalProperties": false, + "required": [ + "passphrase" + ] + } + }, + "additionalProperties": false, + "required": [ + "kind", + "data" + ] + } + ], + "default": { + "kind": "none", + "data": null + } + }, "pruning": { "nullable": false, "type": "object", @@ -287,15 +338,7 @@ namespace _mimir.conf /** */ - type type_target_parameters_borg = { - repository : string; - compression : string; - pruning : { - keep_within : string; - keep_weekly : int; - keep_yearly : int; - } - }; + type type_target_parameters_borg = _mimir.transfer.borg.type_parameters; /** diff --git a/source/helpers/borg.ts b/source/helpers/borg.ts index a9031d3..ec029e2 100644 --- a/source/helpers/borg.ts +++ b/source/helpers/borg.ts @@ -30,15 +30,29 @@ namespace _mimir.helpers.borg repository_directory : string, { "encryption": encryption = "none", + "passphrase": passphrase = null, } : { encryption ?: string; + passphrase ?: (null | string); } = { } ) : string { return lib_plankton.string.coin( - "borg init --encryption={{encryption}} {{repository_directory}}", + "{{macro_env_passphrase}}borg init --encryption={{encryption}} {{repository_directory}}", { + "macro_env_passphrase": ( + (passphrase === null) + ? + "" + : + lib_plankton.string.coin( + "BORG_PASSPHRASE='{{passphrase}}' BORG_DISPLAY_PASSPHRASE=n ", + { + "passphrase": passphrase, + } + ) + ), "repository_directory": repository_directory, "encryption": encryption, } @@ -54,15 +68,29 @@ namespace _mimir.helpers.borg directories : Array, { "compression": compression = "none", + "passphrase": passphrase = null, } : { compression ?: string; + passphrase ?: (null | string); } = { } ) : string { return lib_plankton.string.coin( - "borg create --compression={{compression}} {{repository_directory}}::{{archive_name}} {{directories}}", + "{{macro_env_passphrase}}borg create --compression={{compression}} {{repository_directory}}::{{archive_name}} {{directories}}", { + "macro_env_passphrase": ( + (passphrase === null) + ? + "" + : + lib_plankton.string.coin( + "BORG_PASSPHRASE='{{passphrase}}' ", + { + "passphrase": passphrase, + } + ) + ), "repository_directory": repository_directory, "archive_name": archive_name, "compression": compression, @@ -80,16 +108,30 @@ namespace _mimir.helpers.borg { "keep_weekly": keep_weekly = null, "keep_yearly": keep_yearly = null, + "passphrase": passphrase = null, } : { keep_weekly ?: (null | int); keep_yearly ?: (null | int); + passphrase ?: (null | string); } = { } ) : string { return lib_plankton.string.coin( - "borg prune --keep-within={{keep_within}}{{macro_keep_weekly}}{{macro_keep_yearly}} {{repository_directory}}", + "{{macro_env_passphrase}}borg prune --keep-within={{keep_within}}{{macro_keep_weekly}}{{macro_keep_yearly}} {{repository_directory}}", { + "macro_env_passphrase": ( + (passphrase === null) + ? + "" + : + lib_plankton.string.coin( + "BORG_PASSPHRASE='{{passphrase}}' ", + { + "passphrase": passphrase, + } + ) + ), "repository_directory": repository_directory, "keep_within": age, "macro_keep_weekly": ( diff --git a/source/logic/transfer/_factory.ts b/source/logic/transfer/_factory.ts index 7e3eb0d..a475ffb 100644 --- a/source/logic/transfer/_factory.ts +++ b/source/logic/transfer/_factory.ts @@ -48,6 +48,7 @@ namespace _mimir.transfer { "repository": target.parameters.repository, "compression": target.parameters.compression, + "encryption": target.parameters.encryption, "pruning": target.parameters.pruning, } ); diff --git a/source/logic/transfer/borg.ts b/source/logic/transfer/borg.ts index ec005e3..4956d32 100644 --- a/source/logic/transfer/borg.ts +++ b/source/logic/transfer/borg.ts @@ -20,11 +20,40 @@ along with »mimir«. If not, see . namespace _mimir.transfer.borg { + /** + */ + export type type_encryption = ( + { + kind : "none"; + data : { + }; + } + | + { + kind : "repokey"; + data : { + passphrase : string; + }; + } + /* + | + { + kind : "keyfile"; + data : { + path : string; + passphrase : string; + }; + } + */ + ); + + /** */ export type type_parameters = { repository : string; compression : string; + encryption : type_encryption; pruning : { keep_within : string; keep_weekly : int; @@ -55,6 +84,13 @@ namespace _mimir.transfer.borg ), [directory], { + "passphrase": ( + (parameters.encryption.kind === "repokey") + ? + parameters.encryption.data.passphrase + : + null + ), "compression": parameters.compression, } )