diff options
author | Luke Shumaker <lukeshu@lukeshu.com> | 2018-12-24 15:38:14 -0500 |
---|---|---|
committer | Luke Shumaker <lukeshu@lukeshu.com> | 2018-12-24 15:40:51 -0500 |
commit | ae3da7d908ae3573bfd027b9fa30358c6def81dd (patch) | |
tree | 2d50b2e48d7e4cbc6b9dc72cc01bd367d01df4df | |
parent | 34261cdf52757ae7512d0890cf80103871e40f3e (diff) |
config-parabola-mgmt-backup: Tidy quoting
-rw-r--r-- | config-parabola-mgmt-backup.PKGBUILD | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/config-parabola-mgmt-backup.PKGBUILD b/config-parabola-mgmt-backup.PKGBUILD index 3a896f7..3293fce 100644 --- a/config-parabola-mgmt-backup.PKGBUILD +++ b/config-parabola-mgmt-backup.PKGBUILD @@ -6,7 +6,7 @@ preamble depends+=(duplicity) -add-file -m755 etc/systemd/system/backup <<EOF +add-file -m755 etc/systemd/system/backup <<'EOF' #!/usr/bin/env bash { set -euE @@ -19,34 +19,34 @@ add-file -m755 etc/systemd/system/backup <<EOF ###################################################################### # Signing key - if ! [[ -d "\$GNUPGHOME" ]]; then - install -d -m 700 "\$GNUPGHOME" - printf '%s\n' \\ - '%no-protection' \\ - 'Key-Type: default' \\ - 'Subkey-Type: default' \\ - 'Name-Real: Backup' \\ - "Name-Email: backup@\$HOSTNAME" \\ - 'Expire-Date: 0' \\ + if ! [[ -d "$GNUPGHOME" ]]; then + install -d -m 700 "$GNUPGHOME" + printf '%s\n' \ + '%no-protection' \ + 'Key-Type: default' \ + 'Subkey-Type: default' \ + 'Name-Real: Backup' \ + "Name-Email: backup@$HOSTNAME" \ + 'Expire-Date: 0' \ | gpg --gen-key --batch fi - key_sign="\$(gpg --list-secret-keys --with-colons | awk -F: '/^sec:/{print \$5}')" + key_sign="$(gpg --list-secret-keys --with-colons | awk -F: '/^sec:/{print $5}')" key_sign_pass='' # Encryption keys keys_encrypt=( '99195DD3BB6FE10A2F36ED8445698744D4FFBFC9' # Luke Shumaker ) - gpg --recv-keys "\${keys_encrypt[@]}" || true - keys_encrypt+=("\$key_sign") + gpg --recv-keys "${keys_encrypt[@]}" || true + keys_encrypt+=("$key_sign") key_encrypt_pass='' ###################################################################### backup_args=( - "\${keys_encrypt[@]/#/--encrypt-key=}" - --sign-key="\$key_sign" + "${keys_encrypt[@]/#/--encrypt-key=}" + --sign-key="$key_sign" --gpg-options='--always-trust' # Trust that keys_encrypt is verified before putting it in this script --exclude-other-filesystems @@ -68,22 +68,22 @@ add-file -m755 etc/systemd/system/backup <<EOF ###################################################################### - export PASSPHRASE="\${key_encrypt_pass}" - export SIGN_PASSPHRASE="\${key_sign_pass}" + export PASSPHRASE="${key_encrypt_pass}" + export SIGN_PASSPHRASE="${key_sign_pass}" declare -i r=0 - for backup in "\${!backups[@]}"; do + for backup in "${!backups[@]}"; do duplicity=( duplicity --archive-dir='/var/lib/backup/private/duplicity' - --name="\$backup" + --name="$backup" ) - printf '======================> %s <======================\n' "\$backup" - "\${duplicity[@]}" "\${backup_args[@]}" \${backups[\$backup]} "file:///var/lib/backup/public/\$backup" || r=\$? - chmod 644 "/var/lib/backup/public/\$backup"/*.gpg || r=\$? - "\${duplicity[@]}" "\${prune_args[@]}" "file:///var/lib/backup/public/\$backup" || r=\$? + printf '======================> %s <======================\n' "$backup" + "${duplicity[@]}" "${backup_args[@]}" ${backups[$backup]} "file:///var/lib/backup/public/$backup" || r=$? + chmod 644 "/var/lib/backup/public/$backup"/*.gpg || r=$? + "${duplicity[@]}" "${prune_args[@]}" "file:///var/lib/backup/public/$backup" || r=$? done - exit \$r + exit $r } EOF |