[mod] Umsetzung von borg-repokey-encryption

misc/conf-example-complex.mmr.json

@@ -7,6 +7,12 @@
 		"parameters": {
 			"repository": "ssh://backup.example.org///repos/example",
 			"compression": "lz4",
+			"encryption": {
+				"kind": "repokey",
+				"data": {
+					"passphrase": "top_secret"
+				}
+			},
 			"pruning": {
 				"keep_weekly": 1,
 				"keep_yearly": 2

source/conf.ts

@@ -101,6 +101,57 @@ namespace _mimir.conf
 										],
 										"default": "lz4"
 									},
+									"encryption": {
+										"anyOf": [
+											{
+												"nullable": false,
+												"type": "object",
+												"properties": {
+													"kind": {
+														"type": "string",
+														"enum": ["none"]
+													}
+												},
+												"additionalProperties": false,
+												"required": [
+													"kind"
+												],
+											},
+											{
+												"nullable": false,
+												"type": "object",
+												"properties": {
+													"kind": {
+														"type": "string",
+														"enum": ["repokey"]
+													},
+													"data": {
+														"nullable": true,
+														"type": "object",
+														"properties": {
+															"passphrase": {
+																"nullable": false,
+																"type": "string"
+															},
+														},
+														"additionalProperties": false,
+														"required": [
+															"passphrase"
+														]
+													}
+												},
+												"additionalProperties": false,
+												"required": [
+													"kind",
+													"data"
+												]
+											}
+										],
+										"default": {
+											"kind": "none",
+											"data": null
+										}
+									},
 									"pruning": {
 										"nullable": false,
 										"type": "object",
@@ -287,15 +338,7 @@ namespace _mimir.conf
 	
 	/**
 	 */
-	type type_target_parameters_borg = {
+	type type_target_parameters_borg = _mimir.transfer.borg.type_parameters;
-		repository : string;
-		compression : string;
-		pruning : {
-			keep_within : string;
-			keep_weekly : int;
-			keep_yearly : int;
-		}
-	};
 	
 	
 	/**

source/helpers/borg.ts

@@ -30,15 +30,29 @@ namespace _mimir.helpers.borg
 		repository_directory : string,
 		{
 			"encryption": encryption = "none",
+			"passphrase": passphrase = null,
 		} : {
 			encryption ?: string;
+			passphrase ?: (null | string);
 		} = {
 		}
 	) : string
 	{
 		return lib_plankton.string.coin(
-			"borg init --encryption={{encryption}} {{repository_directory}}",
+			"{{macro_env_passphrase}}borg init --encryption={{encryption}} {{repository_directory}}",
 			{
+				"macro_env_passphrase": (
+					(passphrase === null)
+					?
+					""
+					:
+					lib_plankton.string.coin(
+						"BORG_PASSPHRASE='{{passphrase}}' BORG_DISPLAY_PASSPHRASE=n ",
+						{
+							"passphrase": passphrase,
+						}
+					)
+				),
 				"repository_directory": repository_directory,
 				"encryption": encryption,
 			}
@@ -54,15 +68,29 @@ namespace _mimir.helpers.borg
 		directories : Array<string>,
 		{
 			"compression": compression = "none",
+			"passphrase": passphrase = null,
 		} : {
 			compression ?: string;
+			passphrase ?: (null | string);
 		} = {
 		}
 	) : string
 	{
 		return lib_plankton.string.coin(
-			"borg create --compression={{compression}} {{repository_directory}}::{{archive_name}} {{directories}}",
+			"{{macro_env_passphrase}}borg create --compression={{compression}} {{repository_directory}}::{{archive_name}} {{directories}}",
 			{
+				"macro_env_passphrase": (
+					(passphrase === null)
+					?
+					""
+					:
+					lib_plankton.string.coin(
+						"BORG_PASSPHRASE='{{passphrase}}' ",
+						{
+							"passphrase": passphrase,
+						}
+					)
+				),
 				"repository_directory": repository_directory,
 				"archive_name": archive_name,
 				"compression": compression,
@@ -80,16 +108,30 @@ namespace _mimir.helpers.borg
 		{
 			"keep_weekly": keep_weekly = null,
 			"keep_yearly": keep_yearly = null,
+			"passphrase": passphrase = null,
 		} : {
 			keep_weekly ?: (null | int);
 			keep_yearly ?: (null | int);
+			passphrase ?: (null | string);
 		} = {
 		}
 	) : string
 	{
 		return lib_plankton.string.coin(
-			"borg prune --keep-within={{keep_within}}{{macro_keep_weekly}}{{macro_keep_yearly}} {{repository_directory}}",
+			"{{macro_env_passphrase}}borg prune --keep-within={{keep_within}}{{macro_keep_weekly}}{{macro_keep_yearly}} {{repository_directory}}",
 			{
+				"macro_env_passphrase": (
+					(passphrase === null)
+					?
+					""
+					:
+					lib_plankton.string.coin(
+						"BORG_PASSPHRASE='{{passphrase}}' ",
+						{
+							"passphrase": passphrase,
+						}
+					)
+				),
 				"repository_directory": repository_directory,
 				"keep_within": age,
 				"macro_keep_weekly": (

source/logic/transfer/_factory.ts

@@ -48,6 +48,7 @@ namespace _mimir.transfer
 					{
 						"repository": target.parameters.repository,
 						"compression": target.parameters.compression,
+						"encryption": target.parameters.encryption,
 						"pruning": target.parameters.pruning,
 					}
 				);

source/logic/transfer/borg.ts

@@ -20,11 +20,40 @@ along with »mimir«. If not, see <http://www.gnu.org/licenses/>.
 namespace _mimir.transfer.borg
 {
 	
+	/**
+	 */
+	export type type_encryption = (
+		{
+			kind : "none";
+			data : {
+			};
+		}
+		|
+		{
+			kind : "repokey";
+			data : {
+				passphrase : string;
+			};
+		}
+		/*
+		|
+		{
+			kind : "keyfile";
+			data : {
+				path : string;
+				passphrase : string;
+			};
+		}
+		 */
+	);
+	
+	
 	/**
 	 */
 	export type type_parameters = {
 		repository : string;
 		compression : string;
+		encryption : type_encryption;
 		pruning : {
 			keep_within : string;
 			keep_weekly : int;
@@ -55,6 +84,13 @@ namespace _mimir.transfer.borg
 				),
 				[directory],
 				{
+					"passphrase": (
+						(parameters.encryption.kind === "repokey")
+						?
+						parameters.encryption.data.passphrase
+						:
+						null
+					),
 					"compression": parameters.compression,
 				}
 			)