scripts

Scripts for general automations
git clone git://git.laack.co/scripts.git
Log | Files | Refs
commit 64262878e248b5f46afe79328df726e93134d292
parent 1d097d87018e4fb9cbc188c8b6db54d09a06658d
Author: Andrew Laack <andrew@laack.co>
Date:   Wed, 13 May 2026 18:07:51 -0500

Added blob encrypted backup for pf directory, added it to status bar.

Diffstat:

Mbackups/encrypted-backup.sh | 18+++++++++++++++---


Mbackups/restic.sh | 1+


Minstallers/arch-private-installation.sh | 3+++


Minstallers/arch-public-installation.sh | 4+++-


Mstatusbar.sh | 5+++--


5 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/backups/encrypted-backup.sh b/backups/encrypted-backup.sh
@@ -1,7 +1,19 @@
 #!/bin/bash
-NOW=$(date +%s)
 
+set -e pipefail
+
+source ~/.bashrc || true # TODO: Why does this fail?
+
+# This should really never happen because of the above ~/.bashrc sourcing
+if [[ -z "$ENCRYPTION_PW" ]]; then
+    echo "Encryption PW not set..."
+    exit 1
+fi
+
+NOW=$(date +%s)
+umount -l $HOME/backup || true
 
-sudo umount -l $HOME/backup
 sshfs root@andrew-1.selfhost.imbue.com:/home/host/.openhost/local_compute_space/app_archive/backup $HOME/backup
-tar -czf - $HOME/personal-files | gpg -c --batch --yes --passphrase "$ENCRYPTION_PW" -o $HOME/backup/personal-files-$NOW.tar.gz.gpg
+tar -czf - $HOME/personal-files | gpg -c --batch --yes --passphrase "$ENCRYPTION_PW" -o /home/andrew/backup/personal-files-$NOW.tar.gz.gpg
+
+date | tee -a $HOME/logs/backup-encrypted-times.txt
diff --git a/backups/restic.sh b/backups/restic.sh
@@ -17,6 +17,7 @@ source ~/.bashrc
 
 restic -vv -r sftp:root@andrew-1.selfhost.imbue.com:/backup/ backup /home/backup $HOME/personal-files | tee -a ~/logs/backup-restic.log 2>&1
 
+# TODO: This isn't great; we don't have pipefail -e set...
 echo "$(date)" >> $HOME/logs/backup-restic-times.txt
 
 # restic -r sftp:root@andrew-1.selfhost.imbue.com:/backup/ -r restore latest --target /restored
diff --git a/installers/arch-private-installation.sh b/installers/arch-private-installation.sh
@@ -40,6 +40,9 @@ sudo chown andrew /home/backup
 echo "0 8,14 * * * andrew /home/andrew/bin/backup.sh" | sudo tee -a /etc/crontab
 echo "0 9,15 * * * andrew /home/andrew/bin/backups/restic.sh" | sudo tee -a /etc/crontab
 
+# This is quite the slow backup process...
+echo "0 24 * * * andrew /home/andrew/bin/backups/encrypted-backup.sh" | sudo tee -a /etc/crontab
+
 # TODO: Is there a way to automatically trust fully this key?
 # Locally, I ran:
 gpg --list-secret-keys
diff --git a/installers/arch-public-installation.sh b/installers/arch-public-installation.sh
@@ -3,7 +3,9 @@
 
 cd
 
-sudo pacman -S curl git gnome-keyring gcc make xorg-server libxft libxinerama freetype2 pkgconf ttf-fira-code zoxide fzf openssh less arandr pass pass-otp xclip xorg-xsetroot base-devel i3lock pandoc entr ripgrep wget jq man-db btop tmux rsync cronie mpv podman pavucontrol otf-latin-modern proton-vpn-gtk-app proton-vpn-cli tk brightnessctl zip unzip signal-desktop xorg-xset lynx figlet flameshot feh ffmpeg zathura-pdf-mupdf websocat xorg-xhost yt-dlp qemu-full qbittorrent alsa-utils pipewire-alsa pipewire-pulse sshfs iotop lsof neovim wireshark-qt nmap torbrowser-launcher bandwhich ghidra bind-tools whois dunst thunderbird graphviz restic dictd amfora i2pd wireguard-tools systemd-resolvconf
+sudo pacman -S curl git gnome-keyring gcc make xorg-server libxft libxinerama freetype2 pkgconf ttf-fira-code zoxide fzf openssh less arandr pass pass-otp xclip xorg-xsetroot base-devel i3lock pandoc entr ripgrep wget jq man-db btop tmux rsync cronie mpv podman pavucontrol otf-latin-modern proton-vpn-gtk-app proton-vpn-cli tk brightnessctl zip unzip signal-desktop xorg-xset lynx figlet flameshot feh ffmpeg zathura-pdf-mupdf websocat xorg-xhost yt-dlp qemu-full qbittorrent alsa-utils pipewire-alsa pipewire-pulse sshfs iotop lsof neovim wireshark-qt nmap torbrowser-launcher bandwhich ghidra bind-tools whois dunst thunderbird graphviz restic dictd amfora i2pd wireguard-tools systemd-resolvconf perf valgrind
+
+# perf and valgrind for performance profiling binaries (useful in go, c, c++)
 
 # systemd-resolvconf for wireguard
 
diff --git a/statusbar.sh b/statusbar.sh
@@ -8,9 +8,10 @@
 # NEW:
 LAST_SUCCESS_MAIN=$(tail -n 1 ~/logs/backup-times.txt 2>/dev/null || true)
 LAST_SUCCESS_RESTIC=$(tail -n 1 ~/logs/backup-restic-times.txt 2>/dev/null || true)
+LAST_SUCCESS_ENCRYPTED=$(tail -n 1 ~/logs/backup-encrypted-times.txt 2>/dev/null || true)
 
-if [ -n "$LAST_SUCCESS_MAIN" ] || [ -n "$LAST_SUCCESS_RESTIC" ]; then
-    STATUS="MAIN: ${LAST_SUCCESS_MAIN:-never} | RESTIC: ${LAST_SUCCESS_RESTIC:-never} | TIME: $(date)"
+if [ -n "$LAST_SUCCESS_MAIN" ] || [ -n "$LAST_SUCCESS_RESTIC" ] || [ -n "$LAST_SUCCESS_ENCRYPTED" ] ; then
+    STATUS="ENCRYPTED: ${LAST_SUCCESS_ENCRYPTED:-never} | MAIN: ${LAST_SUCCESS_MAIN:-never} | RESTIC: ${LAST_SUCCESS_RESTIC:-never} | TIME: $(date)"
     xsetroot -name "$STATUS"
 else
     xsetroot -name "$(date)"