aboutsummaryrefslogtreecommitdiff
path: root/app/build/backup-consul
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-11-15 19:43:33 +0100
committerAlex Auvolat <alex@adnab.me>2020-11-15 19:43:33 +0100
commitf931dd939cd5109906399bd470497c9831e5d2f7 (patch)
treee5524c199311595aa04581c58db09158f013822f /app/build/backup-consul
parente2a0c40e6bf3919e6cef6ed1789251b30367dc11 (diff)
downloadinfrastructure-f931dd939cd5109906399bd470497c9831e5d2f7.tar.gz
infrastructure-f931dd939cd5109906399bd470497c9831e5d2f7.zip
Add cryptography to consul backup
Diffstat (limited to 'app/build/backup-consul')
-rw-r--r--app/build/backup-consul/Dockerfile7
-rwxr-xr-xapp/build/backup-consul/do_backup.sh7
2 files changed, 11 insertions, 3 deletions
diff --git a/app/build/backup-consul/Dockerfile b/app/build/backup-consul/Dockerfile
index ff052bf..0a5c38f 100644
--- a/app/build/backup-consul/Dockerfile
+++ b/app/build/backup-consul/Dockerfile
@@ -1,5 +1,12 @@
+FROM golang:buster as builder
+
+WORKDIR /root
+RUN git clone https://filippo.io/age && cd age/cmd/age && go build -o age .
+
FROM amd64/debian:buster
+COPY --from=builder /root/age/cmd/age/age /usr/local/bin/age
+
RUN apt-get update && \
apt-get -qq -y full-upgrade && \
apt-get install -y rsync wget openssh-client unzip && \
diff --git a/app/build/backup-consul/do_backup.sh b/app/build/backup-consul/do_backup.sh
index 049c998..4dbae2a 100755
--- a/app/build/backup-consul/do_backup.sh
+++ b/app/build/backup-consul/do_backup.sh
@@ -13,7 +13,8 @@ Host backuphost
User $TARGET_SSH_USER
EOF
-consul kv export > consul_kv_dump.json
-gzip consul_kv_dump.json
+consul kv export | \
+ gzip | \
+ age -r "$(cat /root/.ssh/id_ed25519.pub)" | \
+ ssh backuphost "cat > $TARGET_SSH_DIR/consul/consul_kv_export.gz.age"
-rsync -vvvz --progress consul_kv_dump.json.gz "backuphost:$TARGET_SSH_DIR/consul/"
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-19 14:29:40 +0000