Last active
February 2, 2023 17:44
-
-
Save gekitsuu/e8a9eb96807e00b86030b78d0050627c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# I wanted a script to pull secrets from 1Password and use them | |
# to perform a backup with restic. Putting this up as an example | |
# in case it's useful to other people. This script expects a | |
# file in your $HOME named .restic_excludes.txt which will | |
# allow you to list paths you want to skip | |
export AWS_ACCESS_KEY_ID="op://vault/AWS S3/username" # AWS IAM Cred from 1Password | |
export AWS_SECRET_ACCESS_KEY="op://vault/AWS S3/credential" # AWS IAM Cred from 1Password | |
export AWS_DEFAULT_REGION="us-east-1" # Because why not :) | |
export RESTIC_PASSWORD="op://vault/Restic/encryptionkey" # Encryption key for restic to use | |
export BUCKET_NAME="somebackupbucketname" | |
# I use a here doc to make sure the creds are loaded for all backups otherwise | |
# my authed 1password session might time out before some of the backups start | |
op run -- bash - <<EOF | |
restic -vvv backup --exclude-file=$HOME/.restic_excludes.txt -r s3:s3.amazonaws.com/$BUCKET_NAME $HOME/ | |
# Check to see if my other_disk is mounted and back it up, if it is. | |
if [[ ! -z "$(mount|grep other_disk)" ]]; then | |
restic -vvv backup --exclude-file=$HOME/.restic_excludes.txt -r s3:s3.amazonaws.com/$BUCKET_NAME /media/username/other_disk | |
fi | |
EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment