Last active
December 27, 2021 13:50
-
-
Save bindi/1fe5c20214f325e645f43cfde9d1d739 to your computer and use it in GitHub Desktop.
rclone encrypted zfs snapshot selector and mounter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Edit these | |
| $USERNAME = "bindi" | |
| $REMOTE = "unencrypted" | |
| #Stop editing after this line (meaning end-users, you as the admin should preconfigure directory structure below) | |
| $filename = "snapshotmounter_for_$REMOTE.xml" | |
| if (!(Test-Path $filename)) { | |
| $rclone_config_password = (Read-Host -Prompt 'Enter rclone encryption **password** for current remote (saved (**as encrypted**) for future use of the same remote)' -AsSecureString) | |
| $rclone_config_password2 = (Read-Host -Prompt 'Enter rclone encryption **SALT** (password2) for current remote (hit ENTER for empty / not used) (saved (**as encrypted**) for future use of the same remote)' -AsSecureString) | |
| Get-Variable rclone_config_* | Export-Clixml $filename | |
| } else { | |
| Import-Clixml $filename | %{ Set-Variable $_.Name $_.Value } | |
| } | |
| $basedir = "$REMOTE" + ":/bigboi/backup/$USERNAME/.zfs/snapshot" | |
| $regex = "autosnap_(?<timestamp>\d\d\d\d-\d\d-\d\d_\d\d:\d\d:\d\d)_(?<Type>daily|hourly|monthly)" | |
| # list of snapshots | |
| $list = rclone lsd $basedir | |
| $snapshot = ($list | Select-String -Pattern $regex | Select -ExpandProperty Matches | Select Value,@{n="Local time"; e={[DateTime]::ParseExact($_.Groups['timestamp'].value,"yyyy-MM-dd_HH:mm:ss", $null).toLocalTime()}} | Out-Gridview -Title "Select a snapshot to mount" -Passthru | Select-Object -ExpandProperty "Value") | |
| if ($snapshot -match $regex) { | |
| $snapremote = $snapshot.replace(":","_") | |
| rclone config create $snapremote crypt remote "$basedir/$snapshot/encrypted" | |
| $pass = (New-Object PSCredential "user",$rclone_config_password).GetNetworkCredential().Password | |
| $escapedpass = $pass -replace , '"', '\"' # https://stackoverflow.com/questions/59036580/pwsh-command-is-removing-quotation-marks/59036879#59036879 | |
| rclone config update $snapremote password $escapedpass --obscure | |
| $salt = (New-Object PSCredential "user",$rclone_config_password2).GetNetworkCredential().Password | |
| if ($salt) { | |
| $escapedsalt = $salt -replace , '"', '\"' # same as above | |
| rclone config update $snapremote password2 $escapedsalt --obscure | |
| } | |
| $test = rclone ls ($snapremote + ":") --max-depth=1 --max-duration=10s | |
| if (!$test) { Write-Host "Something went wrong, bad password? Delete file $filename and run this script again to re-set it" } | |
| else { | |
| try { rclone mount ($snapremote + ":") \\bindibox\$snapremote --read-only } | |
| finally { rclone config delete $snapremote } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment