Syncencrypt linux construction
From GnuCash
Revision as of 15:19, 11 August 2011 by Marekschmidt (talk | contribs) (Added not that compatible with windows script)
This script is fully compatible with syncencrypt_windows_construction.
Note: This is a modified script based on this script by Jose Antonio Martin and Johannes Buchner.
#!/bin/bash
# gpgarmor - based on code by Jose Antonio Martin
# rewritten by Johannes Buchner
#
# This shell script will wrap around any program and protect the data files
# by encrypting it using tar and gpg.
# You can put a link to this script on your desktop or in the menu.
#
# Adjust the following options:
# program to call
PROG="gnucash"
# executing directory (where your data file lives)
DIR="/home/username/Documents/GnuCash"
# File which is parameter for the program (PROG).
# The encrypted file will be called the $BOOK.tar.gz.asc
BOOK="gnucash"
# All files that should be protected (archived and encrypted).
FILES="${BOOK} ${BOOK}.*.gnucash ${BOOK}.*.log"
#INTERFACE_ERR='zenity --error --text'
#INTERFACE_PASS='zenity --entry --hide-text --text '
INTERFACE_ERR='kdialog --error'
INTERFACE_PASS='kdialog --password '
#INTERFACE_ERR='echo' # INTERFACE_PASS will be read from shell if this is set
function do_error {
$INTERFACE_ERR "$@"
cd - &> /dev/null
exit 1
}
function run_and_encrypt {
"$PROG" $BOOK
tar -czf "$BOOK.tar.gz" $FILES ||
do_error "tar failed on $BOOK"
if [[ "$INTERFACE_ERR" == 'echo' ]]; then
gpg --quiet -ca --output "$BOOK".tar.gz.asc "$BOOK".tar.gz ||
do_error "gpg encryption failed"
else
PASS1=`$INTERFACE_PASS "Enter passphrase"`
PASS2=`$INTERFACE_PASS "Repeat passphrase"`
while [ $PASS1 != $PASS2 ]
do
$INTERFACE_ERR 'Error. Passphrases do not match'
PASS1=`$INTERFACE_PASS "Enter passphrase"`
PASS2=`$INTERFACE_PASS "Repeat passphrase"`
done
gpg --quiet -ca --batch --passphrase $PASS1 \
--output "$BOOK".tar.gz.asc "$BOOK".tar.gz ||
do_error "gpg encryption failed"
fi
shred $FILES $BOOK.tar.gz > /dev/null
rm -f $FILES $BOOK.tar.gz
put_file
cd - &> /dev/null
exit 0
}
function get_file {
rm $BOOK.tar.gz.asc.bak
mv $BOOK.tar.gz.asc $BOOK.tar.gz.asc.bak
sftp -b /dev/stdin -i identityfile user@host <<++EOT++
cd gnucash
get $BOOK.tar.gz.asc
bye
++EOT++
}
function put_file {
sftp -b /dev/stdin -i identityfile user@host <<++EOT++
cd gnucash
put $BOOK.tar.gz.asc
bye
++EOT++
}
cd "$DIR"
get_file
test -f "$BOOK.tar.gz.asc" || \
if test -f "$BOOK"; then
echo "Found not-encrypted file (first-run)"
run_and_encrypt ||
do_error "file \"$BOOK\" not found"
fi
# Found encrypted file
if [[ "$INTERFACE_ERR" == 'echo' ]]; then
gpg --quiet --decrypt --output "$BOOK".tar.gz "$BOOK".tar.gz.asc ||
do_error "gpg decryption failed"
else
$INTERFACE_PASS 'Enter passphrase:' |
gpg --quiet --decrypt --batch --passphrase-fd 0 \
--output "$BOOK".tar.gz "$BOOK".tar.gz.asc ||
do_error "gpg decryption failed"
fi
# untar
tar -zxkf "$BOOK.tar.gz" &> /dev/null
shred $BOOK.tar.gz "$BOOK.tar.gz.asc"
rm -f $BOOK.tar.gz "$BOOK.tar.gz.asc"
run_and_encrypt
