diff options
| author | Aaron Ball <nullspoon@oper.io> | 2018-04-07 10:20:40 -0600 |
|---|---|---|
| committer | Aaron Ball <nullspoon@oper.io> | 2018-04-07 10:20:40 -0600 |
| commit | e1e47e71c325f4283fa5befe094757aca4d1f1dc (patch) | |
| tree | 4d1952f4e41711bf09ea07ab259f13aca2adb1cd /gpgsecure.sh | |
| parent | 6f342ac6d0af9daacf76be5e096a04b5b646320f (diff) | |
| download | gpgsecure-e1e47e71c325f4283fa5befe094757aca4d1f1dc.tar.gz gpgsecure-e1e47e71c325f4283fa5befe094757aca4d1f1dc.tar.xz | |
Added backgrounded writeback
This allows the user to open the encrypted archive and detach from the
polling operation. Because of this, the command line syntax has changed
a bit. We now require an action before the archive name: open, close,
and status.
Open (obviously) opens the archive and close the opposite. Status will
tell if the archive is opened or close. It will also detect stale
pidfiles and clean them up of the corresponding process is not running.
Note that default writeback duration is 15 seconds and it not
configurable [yet].
Diffstat (limited to 'gpgsecure.sh')
| -rwxr-xr-x | gpgsecure.sh | 144 |
1 files changed, 123 insertions, 21 deletions
diff --git a/gpgsecure.sh b/gpgsecure.sh index bcb974d..261d046 100755 --- a/gpgsecure.sh +++ b/gpgsecure.sh @@ -35,23 +35,111 @@ shutdown() { exit } + writeback() { + trap shutdown SIGINT SIGTERM SIGKILL SIGQUIT SIGHUP + # Sync back to disk every 10 seconds while [ 0 ]; do - printf '%s Syncing back to encrypted storage\n' "$(date '+%F %T')" + #printf '%s Syncing back to encrypted storage\n' "$(date '+%F %T')" tar -C "${TMP}" -c . | gpg -e --recipient "${KEY}" > "${DIR}.tar.gpg" if [ $? -gt 0 ]; then printf 'WARNING: Something went wrong syncing back to encrypted storage\n' printf 'Your data is likely in danger.\n' printf 'If you see this message more than once, take a manual backup\n' fi - sleep 15 + sleep 20 & + wait $! done } + +open() { + local archive="${1}" + + # Convert DIR to absolute path to avoid cd issues + local dirname="$(cd $(dirname ${archive}) && pwd)" + local basename="$(basename ${archive})" + local dir="${dirname}/${basename}" + # Create a temp dir in memory to extract to for safety + export TMP=$(mktemp -d /tmp/dec-XXXXXXXXXXXXXX) + # Link! + ln -s "${TMP}" "${dir}" + + if [ ! -f "${dir}.tar.gpg" ]; then + # Tell the user if that encrypted archive does not exist. + printf 'Encrypted archive does not exist. Creating.\n' + else + # Extract the encrypted tarchive if it exists + gpg -d "${dir}.tar.gpg" | tar -C "${TMP}" -x + fi + + writeback & + echo $! > "${dirname}/.${basename}.pid" +} + + +status() { + local archive=${1} + + local dirname="$(dirname ${archive})" + local basename="$(basename ${archive})" + local pidfile="${dirname}/.${basename}.pid" + + # If no pidfile, assume closed + if [ ! -f "${pidfile}" ]; then + printf '%s is closed\n' "${archive}" + return 0 + fi + + local pid="$(cat ${pidfile})" + + ps "${pid}" 2>/dev/null 1>/dev/null + if [ $? -eq 0 ]; then + printf '%s is open\n' "${archive}" + elif [ $? -gt 0 ]; then + printf '%s is closed but a stale pidfile was found. Removing\n' "${archive}" + rm -f "${pidfile}" + else + printf '%s is closed\n' "${archive}" + fi +} + + +close() { + local archive=${1} + + local dirname="$(dirname ${archive})" + local basename="$(basename ${archive})" + local pidfile="${dirname}/.${basename}.pid" + local pid="$(cat ${pidfile})" + + ps "${pid}" 2>/dev/null 1>/dev/null + if [ $? -gt 0 ]; then + printf "Stale pidfile detected but share is not open. Removing\n" + rm -f "${pidfile}" + return 1 + else + # Send SIGTERM (15) to tell the process to exit cleanly + kill -15 "${pid}" + [ $? -eq 0 ] && rm "${pidfile}" && return 0 + + printf 'Error closing archive "%s"\n' "${archive}" + return 1 + fi +} + + main() { - DIR="${1}" - if [ -z "${DIR:-}" ]; then - printf 'Directory to decrypt required\n' + local action="${1}" + local archive="${2}" + + # Input validation + if [ -z "${action:-}" ]; then + printf 'Action (open, close, or status) required\n' + return 1 + fi + if [ -z "${archive:-}" ]; then + printf 'Archive to decrypt required\n' return 1 fi @@ -66,24 +154,38 @@ main() { return 1 fi - # Convert DIR to absolute path to avoid cd issues - DIR="$(cd $(dirname ${DIR}) && pwd)/$(basename ${DIR})" - # Create a temp dir in memory to extract to for safety - TMP=$(mktemp -d /tmp/dec-XXXXXXXXXXXXXX) - # Link! - ln -s "${TMP}" "${DIR}" - - if [ ! -f "${DIR}.tar.gpg" ]; then - # Tell the user if that encrypted archive does not exist. - printf 'Encrypted archive does not exist. Creating.\n' - else - # Extract the encrypted tarchive if it exists - gpg -d ${DIR}.tar.gpg | tar -C "${TMP}" -x + local dirname="$(dirname ${archive})" + local basename="$(basename ${archive})" + export DIR="${dirname}/${basename}" + + if [ "${action}" = 'open' ]; then + # Check if already open + if [ -f "${dirname}/.${basename}.pid" ]; then + printf 'ERROR: Archive "%s" is already open\n' "${archive}" + return 1 + else + printf 'Opening!\n' + open "${archive}" + return $? + fi + elif [ "${action}" = 'close' ]; then + # Check if already closed + if [ ! -f "${dirname}/.${basename}.pid" ]; then + printf 'ERROR: Archive "%s" is not open\n' "${archive}" + exit 1 + else + printf 'Closing!\n' + close "${archive}" + return $? + fi + elif [ "${action}" = 'status' ]; then + status "${archive}" + return $? fi - writeback - shutdown - return $? + # If we make it here, something went wrong. + printf 'ERROR: Unknown action "%s"\n' "${action}" + return 1 } main ${@} |