#!/bin/bash function cryptsetup_open { for DEVICE in /dev/disk/by-partlabel/ext*backup*; do if ! [ -L "$DEVICE" ]; then continue fi DISKNAME="$(basename "$DEVICE")" CRYPTNAME="crypt-$DISKNAME" echo "> cryptsetup luksOpen $DEVICE $CRYPTNAME" cryptsetup luksOpen "$DEVICE" "$CRYPTNAME" --key-file "/etc/lukskeys/${DISKNAME}" mkdir -p /run/ext-backup-crypt/ ln -s "/dev/mapper/$CRYPTNAME" /run/ext-backup-crypt/ done } function cryptsetup_close { for CRYPTDEVICE in /dev/mapper/crypt-ext*backup*; do if ! [ -L "$CRYPTDEVICE" ]; then continue fi CRYPTNAME="$(basename "$CRYPTDEVICE")" echo "> cryptsetup luksClose $CRYPTNAME" cryptsetup luksClose "$CRYPTNAME" rm -f "/run/ext-backup-crypt/$CRYPTNAME" done } function pool_import { echo "> zpool import -d /run/ext-backup-crypt -a" zpool import -d /run/ext-backup-crypt -a ZPOOLNAME="$(zpool list -H -o name|grep 'ext.*backup'|head -n1)" if [ -z "$ZPOOLNAME" ]; then echo "Error! Could not find pool!" return 1 fi echo "> Found: $ZPOOLNAME" } function pool_export { echo "> zpool export $ZPOOLNAME" for _ in $(seq 60); do zpool export "$ZPOOLNAME" && break sleep 1 done } function pool_setup { zfs set mountpoint="/mnt/$ZPOOLNAME" "$ZPOOLNAME" chmod 0700 "/mnt/$ZPOOLNAME" zfs set compression=lz4 "$ZPOOLNAME" zfs set devices=off "$ZPOOLNAME" zfs set exec=off "$ZPOOLNAME" zfs set setuid=off "$ZPOOLNAME" zfs set xattr=sa "$ZPOOLNAME" zfs set acltype=posixacl "$ZPOOLNAME" } function cleanup_snapshots { echo "> Cleaning snapshots" sanoid --configdir=/etc/sanoid/ext-backup --verbose --prune-snapshots zfs list -t snapshot -r "$ZPOOLNAME" -H -o name \ | grep -F @syncoid_ \ | grep -Fv "@syncoid_$ZPOOLNAME" \ | xargs -rn1 zfs destroy -v } function syncoidw { syncoid --identifier "$ZPOOLNAME" "$@" } function main { zfs get all -s local -H > /root/zfs-props.txt cryptsetup_open pool_import pool_setup sync_snapshots cleanup_snapshots pool_export cryptsetup_close }