SCRIPT_TIME_START=$(date +%Y%m%dT%H%M%S.%N);
PATH="$HOME/.local/bin:$PATH"; # Add "$(systemd-path user-binaries)" path in case apps saved there
SCRIPT_HOSTNAME=$(hostname); # Save hostname of system running this script.
-SCRIPT_VERSION="0.3.7"; # Define version of script.
+SCRIPT_VERSION="0.3.9"; # Define version of script.
SCRIPT_NAME="bkgpslog"; # Define basename of script file.
SCRIPT_URL="https://gitlab.com/baltakatei/ninfacyzga-01"; # Define wesite hosting this script.
AGE_VERSION="1.0.0-beta2"; # Define version of age (encryption program)
declare -Ag appRollCall # Associative array for storing app status
declare -Ag fileRollCall # Associative array for storing file status
declare -Ag dirRollCall # Associative array for storing dir status
-declare -a recPubKeys # for processArguments function
-declare recipients # for main function
+declare -a argRecPubKeys # for processArguments function
## Initialize variables
OPTION_VERBOSE=""; OPTION_ENCRYPT=""; OPTION_COMPRESS=""; OPTION_TMPDIR="";
echoerr "OPTIONS:"
echoerr " -h, --help"
echoerr " Display help information."
- echoerr
echoerr " --version"
echoerr " Display script version."
- echoerr
echoerr " -v, --verbose"
echoerr " Display debugging info."
- echoerr
echoerr " -e, --encrypt"
echoerr " Encrypt output."
- echoerr
echoerr " -r, --recipient [ pubkey string ]"
echoerr " Specify recipient. May be age or ssh pubkey."
echoerr " See https://github.com/FiloSottile/age"
- echoerr
echoerr " -o, --output [ directory ]"
echoerr " Specify output directory to save logs."
- echoerr
echoerr " -c, --compress"
echoerr " Compress output with gzip (before encryption if enabled)."
- echoerr
echoerr " -z, --time-zone"
echoerr " Specify time zone. (ex: \"America/New_York\")"
- echoerr
echoerr " -t, --temp-dir"
echoerr " Specify parent directory for temporary working directory."
echoerr " Default: \"/dev/shm\""
+ echoerr " -R, --recipient-dir"
+ echoerr " Specify directory containing files whose first lines are"
+ echoerr " to be interpreted as pubkey strings (see \'-r\' option)."
echoerr
echoerr "EXAMPLE: (bash script lines)"
- echoerr "/bin/bash bkgpslog -e -c \\"
+ echoerr "/bin/bash bkgpslog -v -e -c \\"
+ echoerr "-z \"UTC\" -t \"/dev/shm\" \\"
echoerr "-r age1mrmfnwhtlprn4jquex0ukmwcm7y2nxlphuzgsgv8ew2k9mewy3rs8u7su5 \\"
echoerr "-r age1ala848kqrvxc88rzaauc6vc5v0fqrvef9dxyk79m0vjea3hagclswu0lgq \\"
echoerr "-o ~/Sync/Location"
--version) showVersion; exit 1;; # Show version
-v | --verbose) OPTION_VERBOSE="true"; vbm "DEBUG:Verbose mode enabled.";; # Enable verbose mode.
-o | --output) if [ -d "$2" ]; then DIR_OUT="$2"; vbm "DEBUG:DIR_OUT:$DIR_OUT"; shift; fi ;; # Define output directory.
- -e | --encrypt) OPTION_ENCRYPT="true"; vbm "DEBUG:Encrypted output mode enabled.";;
- -r | --recipient) # Add 'age' recipient via public key string
- recPubKeys+=("$2"); vbm "STATUS:pubkey added:""$2"; shift;;
- -c | --compress) OPTION_COMPRESS="true"; vbm "DEBUG:Compressed output mode enabled.";;
- -z | --time-zone) try setTimeZoneEV "$2"; shift;;
- -t | --temp-dir) OPTION_TMPDIR="true" && TMP_DIR_PRIORITY="$2"; shift;;
+ -e | --encrypt) OPTION_ENCRYPT="true"; vbm "DEBUG:Encrypted output mode enabled.";; # Enable encryption
+ -r | --recipient) OPTION_RECIPIENTS="true"; argRecPubKeys+=("$2"); vbm "STATUS:pubkey added:""$2"; shift;; # Add recipients
+ -c | --compress) OPTION_COMPRESS="true"; vbm "DEBUG:Compressed output mode enabled.";; # Enable compression
+ -z | --time-zone) try setTimeZoneEV "$2"; shift;; # Set timestamp timezone
+ -t | --temp-dir) OPTION_TMPDIR="true" && argTmpDirPriority="$2"; shift;; # Set time zone
+ -R | --recipient-dir) OPTION_RECIPIENTS="true"; OPTION_RECDIR="true" && argRecDir="$2"; shift;; # Add recipient watch dir
*) echoerr "ERROR: Unrecognized argument: $1"; echoerr "STATUS:All arguments:$*"; exit 1;; # Handle unrecognized options.
esac
shift
appendArgTar(){
# Desc: Writes first argument to temporary file with arguments as options, then appends file to tar
# Usage: appendArgTar "$(echo "Data to be written.")" [name of file to be inserted] [tar path] [temp dir] ([cmd1] [cmd2] [cmd3] [cmd4]...)
- # Version: 1.0.2
+ # Version: 1.0.3
# Input: arg1: data to be written
# arg2: file name of file to be inserted into tar
# arg3: tar archive path (must exist first)
# appendArgTar "$(cat /tmp/largefile2.gpg)" "largefile2" $HOME/archive.tar /tmp "gpg --decrypt" &
# appendArgTar "$(cat /tmp/largefile3.gpg)" "largefile3" $HOME/archive.tar /tmp "gpg --decrypt" &
# Depends: bash 5
+ # Ref/Attrib: Using 'eval' to construct command strings https://askubuntu.com/a/476533
# Save function name
local FN="${FUNCNAME[0]}";
if ! [ -z "$7" ]; then CMD3="$7"; else CMD3="tee /dev/null "; fi # command string 3
if ! [ -z "$8" ]; then CMD4="$8"; else CMD4="tee /dev/null "; fi # command string 4
+ # Input command
+ CMD0="echo \"\$1\""
+
# # Debug
+ # yell "DEBUG:STATUS:$FN:CMD0:$CMD0"
# yell "DEBUG:STATUS:$FN:CMD1:$CMD1"
# yell "DEBUG:STATUS:$FN:CMD2:$CMD2"
# yell "DEBUG:STATUS:$FN:CMD3:$CMD3"
# yell "DEBUG:STATUS:$FN:TMP_DIR:$TMP_DIR"
# Write to temporary working dir
- echo "$1" | $CMD1 | $CMD2 | $CMD3 | $CMD4 > "$TMP_DIR"/"$FILENAME";
+ eval "$CMD0"" | ""$CMD1"" | ""$CMD2"" | ""$CMD3"" | ""$CMD4" > "$TMP_DIR"/"$FILENAME";
# Append to tar
try tar --append --directory="$TMP_DIR" --file="$TAR_PATH" "$FILENAME";
appendFileTar(){
# Desc: Processes first file and then appends to tar
# Usage: appendFileTar [file path] [name of file to be inserted] [tar path] [temp dir] ([cmd1] [cmd2] [cmd3] [cmd4]...)
- # Version: 1.0.1
+ # Version: 1.0.2
# Input: arg1: path of file to be (processed and) written
# arg2: name to use for file inserted into tar
# arg3: tar archive path (must exist first)
if ! [ -z "$6" ]; then CMD2="$6"; else CMD2="tee /dev/null "; fi # command string 2
if ! [ -z "$7" ]; then CMD3="$7"; else CMD3="tee /dev/null "; fi # command string 3
if ! [ -z "$8" ]; then CMD4="$8"; else CMD4="tee /dev/null "; fi # command string 4
+
+ # Input command string
+ CMD0="cat \"\$1\""
+
# # Debug
+ # yell "DEBUG:STATUS:$FN:CMD0:$CMD0"
# yell "DEBUG:STATUS:$FN:CMD1:$CMD1"
# yell "DEBUG:STATUS:$FN:CMD2:$CMD2"
# yell "DEBUG:STATUS:$FN:CMD3:$CMD3"
# yell "DEBUG:STATUS:$FN:TMP_DIR:$TMP_DIR"
# Write to temporary working dir
- cat "$1" | $CMD1 | $CMD2 | $CMD3 | $CMD4 > "$TMP_DIR"/"$FILENAME";
+ eval "$CMD0 | $CMD1 | $CMD2 | $CMD3 | $CMD4" > "$TMP_DIR"/"$FILENAME";
# Append to tar
try tar --append --directory="$TMP_DIR" --file="$TAR_PATH" "$FILENAME";
#yell "DEBUG:STATUS:$FN:Finished appendFileTar()."
} # Append file to Tar archive
+checkAgePubkey() {
+ # Desc: Checks if string is an age-compatible pubkey
+ # Usage: checkAgePubkey [str pubkey]
+ # Version: 0.1.2
+ # Input: arg1: string
+ # Output: return code 0: string is age-compatible pubkey
+ # return code 1: string is NOT an age-compatible pubkey
+ # age stderr (ex: there is stderr if invalid string provided)
+ # Depends: age (v0.1.0-beta2; https://github.com/FiloSottile/age/releases/tag/v1.0.0-beta2 )
+
+ argPubkey="$1";
+
+ if echo "test" | age -a -r "$argPubkey" 1>/dev/null; then
+ return 0;
+ else
+ return 1;
+ fi;
+} # Check age pubkey
+validateInput() {
+ # Desc: Validates Input
+ # Usage: validateInput [str input] [str input type]
+ # Version: 0.2.1
+ # Input: arg1: string to validate
+ # arg2: string specifying input type (ex:"ssh_pubkey")
+ # Output: return code 0: if input string matched specified string type
+ # Depends: bash 5, yell
+
+ # Save function name
+ local FN="${FUNCNAME[0]}";
+
+ # Process arguments
+ argInput="$1";
+ argType="$2";
+ if [[ $# -gt 2 ]]; then yell "ERROR:$0:$FN:Too many arguments."; exit 1; fi;
+
+ # Check for blank
+ if [[ -z "$argInput" ]]; then return 1; fi
+
+ # Define input types
+ ## ssh_pubkey
+ ### Check for alnum/dash base64 (ex: "ssh-rsa AAAAB3NzaC1yc2EAAA")
+ if [[ "$argType" = "ssh_pubkey" ]]; then
+ if [[ "$argInput" =~ ^[[:alnum:]-]*[\ ]*[[:alnum:]+/=]*$ ]]; then
+ return 0; fi; fi;
+
+ ## age_pubkey
+ ### Check for age1[:bech32:]
+ if [[ "$argType" = "age_pubkey" ]]; then
+ if [[ "$argInput" =~ ^age1[qpzry9x8gf2tvdw0s3jn54khce6mua7l]*$ ]]; then
+ return 0; fi; fi
+
+ # Return error if no condition matched.
+ return 1;
+} # Validates strings
magicWriteVersion() {
# Desc: Appends time-stamped VERSION to PATHOUT_TAR
# Usage: magicWriteVersion
rm "$PATHOUT_BUFFER" "$PATHOUT_NMEA" "$PATHOUT_GPX" "$PATHOUT_KML";
vbm "DEBUG:STATUS:$FN:Finished magicWriteBuffer().";
} # write buffer to disk
-
-main() {
- processArguments "$@" # Process arguments.
+magicParseRecipientDir() {
+ # Desc: Updates recPubKeysValid with pubkeys in dir specified by '-R' option ("recipient directory")
+ # Inputs: vars: OPTION_RECDIR, argRecDir,
+ # arry: recPubKeysValid
+ # Outputs: arry: recPubKeysValid (modified with pubkeys in argRecDir if pubkeys valid)
+ # Depends: processArguments,
+ local recFileLine updateRecipients recipientDir
+ declare -a candRecPubKeysValid
- # Determine working directory
- ## Set DIR_TMP_PARENT to user-specified value if specified
- if [[ "$OPTION_TMPDIR" = "true" ]]; then
- if [[ -d "$TMP_DIR_PRIORITY" ]]; then
- DIR_TMP_PARENT="$OPTION_TMPDIR";
+ if [[ "$OPTION_RECDIR" = "true" ]]; then
+ ### Check that argRecDir is a directory.
+ if [[ -d "$argRecDir" ]]; then
+ recipientDir="$argRecDir";
+ #### Initialize variable indicating outcome of pubkey review
+ unset updateRecipients
+ #### Add existing recipients
+ candRecPubKeysValid=(${recPubKeysValid[@]});
+ #### Parse files in recipientDir
+ for file in "$recipientDir"/*; do
+ ##### Read first line of each file
+ recFileLine="$(cat "$file" | head -n1)";
+ ##### check if first line is a valid pubkey
+ if checkAgePubkey "$recFileLine" && \
+ ( validateInput "$recFileLine" "ssh_pubkey" || validateInput "$recFileLine" "age_pubkey"); then
+ ###### T: add candidate pubkey to candRecPubKeysValid
+ candRecPubKeysValid+=("$recFileLine");
+ else
+ ###### F: throw warning;
+ yell "ERROR:Invalid recipient file detected. Not modifying recipient list."
+ updateRecipients="false";
+ fi;
+ done
+ #### Write updated recPubKeysValid array to recPubKeysValid if no failure detected
+ if ! updateRecipients="false"; then
+ recPubKeysValid=(${candRecPubKeysValid[@]});
+ fi;
else
- yell "WARNING:Specified temporary working directory not valid:$OPTION_TMPDIR";
- exit 1;
- fi
- fi
-
- ## Set DIR_TMP_PARENT to default or fallback otherwise
- if [[ -d "$DIR_TMP_DEFAULT" ]]; then
- DIR_TMP_PARENT="$DIR_TMP_DEFAULT";
- elif [[ -d /tmp ]]; then
- yell "WARNING:/dev/shm not available. Falling back to /tmp .";
- DIR_TMP_PARENT="/tmp";
- else
- yell "ERROR:No valid working directory available. Exiting.";
- exit 1;
- fi
+ yell "ERROR:$0:Recipient directory $argRecDir does not exist. Exiting."; exit 1;
+ fi;
+ fi;
+} # Update recPubKeysValid with argRecDir
+magicParseRecipientArgs() {
+ # Desc: Parses recipient arguments specified by '-r' option
+ # Input: vars: OPTION_ENCRYPT from processArguments()
+ # arry: argRecPubKeys from processArguments()
+ # Output: vars: CMD_ENCRYPT, CMD_ENCRYPT_SUFFIX
+ # arry: recPubKeysValid
+ # Depends: checkapp(), checkAgePubkey(), validateInput(), processArguments()
+ local recipients
- ## Set DIR_TMP using DIR_TMP_PARENT and nonce (SCRIPT_TIME_START)
- DIR_TMP="$DIR_TMP_PARENT"/"$SCRIPT_TIME_START""..bkgpslog" && vbm "DEBUG:Set DIR_TMP to:$DIR_TMP"; # Note: removed at end of main().
-
- # Set output encryption and compression option strings
- if [[ "$OPTION_ENCRYPT" = "true" ]]; then # Check if encryption option active.
+ # Check if encryption option active.
+ if [[ "$OPTION_ENCRYPT" = "true" ]] && [[ "$OPTION_RECIPIENTS" = "true" ]]; then
if checkapp age; then # Check that age is available.
- for pubkey in "${recPubKeys[@]}"; do # Validate recipient pubkey strings by forming test message
+ for pubkey in "${argRecPubKeys[@]}"; do # Validate recipient pubkey strings by forming test message
vbm "DEBUG:Testing pubkey string:$pubkey";
- if echo "butts" | age -a -r "$pubkey" 1>/dev/null; then
+ if checkAgePubkey "$pubkey" && \
+ ( validateInput "$pubkey" "ssh_pubkey" || validateInput "$pubkey" "age_pubkey"); then
#### Form age recipient string
recipients="$recipients""-r '$pubkey' ";
vbm "STATUS:Added pubkey for forming age recipient string:""$pubkey";
recPubKeysValid+=("$pubkey") && vbm "DEBUG:recPubkeysValid:pubkey added:$pubkey";
else
yell "ERROR:Exit code ""$?"". Invalid recipient pubkey string. Exiting."; exit 1;
- fi
+ fi;
done
- vbm "DEBUG:Finished processing recPubKeys array";
+ vbm "DEBUG:Finished processing argRecPubKeys array";
## Form age command string
CMD_ENCRYPT="age ""$recipients " && vbm "CMD_ENCRYPT:$CMD_ENCRYPT";
CMD_ENCRYPT_SUFFIX=".age" && vbm "CMD_ENCRYPT_SUFFIX:$CMD_ENCRYPT_SUFFIX";
else
yell "ERROR:Encryption enabled but \"age\" not found. Exiting."; exit 1;
- fi
+ fi;
else
CMD_ENCRYPT="tee /dev/null " && vbm "CMD_ENCRYPT:$CMD_ENCRYPT";
CMD_ENCRYPT_SUFFIX="" && vbm "CMD_ENCRYPT_SUFFIX:$CMD_ENCRYPT_SUFFIX";
vbm "DEBUG:Encryption not enabled."
- fi
+ fi;
+ # Catch case if '-e' is set but '-r' or '-R' is not
+ if [[ "$OPTION_ENCRYPT" = "true" ]] && [[ ! "$OPTION_RECIPIENTS" = "true" ]]; then
+ yell "ERROR:\'-e\' set but no \'-r\' or \'-R\' set."; exit 1; fi;
+ # Catch case if '-r' or '-R' set but '-e' is not
+ if [[ ! "$OPTION_ENCRYPT" = "true" ]] && [[ "$OPTION_RECIPIENTS" = "true" ]]; then
+ yell "ERROR:\'-r\' or \'-R\' set but \'-e\' is not set."; exit 1; fi;
+} # Populate recPubKeysValid with argRecPubKeys; form encryption cmd string and filename suffix
+magicParseCompressionArg() {
+ # Desc: Parses compression arguments specified by '-c' option
+ # Input: vars: OPTION_COMPRESS
+ # Output: CMD_COMPRESS, CMD_COMPRESS_SUFFIX
+ # Depends: checkapp(), vbm(), gzip,
if [[ "$OPTION_COMPRESS" = "true" ]]; then # Check if compression option active
if checkapp gzip; then # Check if gzip available
CMD_COMPRESS="gzip " && vbm "CMD_COMPRESS:$CMD_COMPRESS";
CMD_COMPRESS="tee /dev/null " && vbm "CMD_COMPRESS:$CMD_COMPRESS";
CMD_COMPRESS_SUFFIX="" && vbm "CMD_COMPRESS_SUFFIX:$CMD_COMPRESS_SUFFIX";
vbm "DEBUG:Compression not enabled.";
- fi
+ fi
+} # Form compression cmd string and filename suffix
+magicInitWorkingDir() {
+ # Desc: Determine temporary working directory from defaults or user input
+ # Input: vars: OPTION_TEMPDIR, argTmpDirPriority, DIR_TMP_DEFAULT
+ # Input: vars: SCRIPT_TIME_START
+ # Output: vars: DIR_TMP
+ # Depends: processArguments(), vbm(), yell()
+ # Parse '-t' option (user-specified temporary working dir)
+ ## Set DIR_TMP_PARENT to user-specified value if specified
+ local DIR_TMP_PARENT
+
+ if [[ "$OPTION_TMPDIR" = "true" ]]; then
+ if [[ -d "$argTempDirPriority" ]]; then
+ DIR_TMP_PARENT="$argTempDirPriority";
+ else
+ yell "WARNING:Specified temporary working directory not valid:$OPTION_TMPDIR";
+ exit 1; # Exit since user requires a specific temp dir and it is not available.
+ fi;
+ else
+ ## Set DIR_TMP_PARENT to default or fallback otherwise
+ if [[ -d "$DIR_TMP_DEFAULT" ]]; then
+ DIR_TMP_PARENT="$DIR_TMP_DEFAULT";
+ elif [[ -d /tmp ]]; then
+ yell "WARNING:$DIR_TMP_DEFAULT not available. Falling back to /tmp .";
+ DIR_TMP_PARENT="/tmp";
+ else
+ yell "ERROR:No valid working directory available. Exiting.";
+ exit 1;
+ fi
+ fi;
+ ## Set DIR_TMP using DIR_TMP_PARENT and nonce (SCRIPT_TIME_START)
+ DIR_TMP="$DIR_TMP_PARENT"/"$SCRIPT_TIME_START""..bkgpslog" && vbm "DEBUG:Set DIR_TMP to:$DIR_TMP"; # Note: removed at end of main().
+} # Sets working dir
+
+main() {
+ # Process arguments
+ processArguments "$@";
+ ## Act upon arguments
+ ### Determine working directory
+ magicInitWorkingDir;
+ ### Set output encryption and compression option strings
+ #### React to "-r" ("encryption recipients") option
+ magicParseRecipientArgs;
+ #### React to "-c" ("compression") option
+ magicParseCompressionArg;
+ #### React to "-R" ("recipient directory") option
+ magicParseRecipientDir;
- # Check that critical apps and dirs are available, displag missing ones.
- if ! checkapp gpspipe tar && ! checkdir "$DIR_OUT" "/dev/shm"; then
+ # Check that critical apps and dirs are available, display missing ones.
+ if ! checkapp gpspipe tar && ! checkdir "$DIR_OUT" "DIR_TMP"; then
yell "ERROR:Critical components missing.";
displayMissing; yell "Exiting."; exit 1; fi