Skip to content

Commit

Permalink
add random suffix to backup file name for Swift
Browse files Browse the repository at this point in the history 
Use a cryptographically secure random suffix combined with not granting
read access to work around Swift's access control system not having a
way to add new files without being able to modify or delete previous
files.
  • Loading branch information
@thestinger
thestinger committed May 28, 2024
1 parent e64d5c5 commit c8d3514
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion remote-backup
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ cp -r /var/lib/mjolnir remote-backup/$timestamp/mjolnir
tar -cC remote-backup $timestamp | zstd -9 | age -r $(cat backup-public-key.txt) -o remote-backup/$timestamp.tar.zst.age

source cloud-archive.sh
swift upload --skip-container-put --leave-segments --segment-size 5368709122 -H "X-Delete-After: 5184000" --object-name $timestamp.tar.zst.age backup remote-backup/$timestamp.tar.zst.age
swift upload --skip-container-put --leave-segments --segment-size 5368709122 -H "X-Delete-After: 5184000" \
--object-name $timestamp-$(openssl rand -hex 32).tar.zst.age backup remote-backup/$timestamp.tar.zst.age

rm -rf remote-backup

0 comments on commit c8d3514

Please sign in to comment.