Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?

2011-01-09 Thread Mark Haylock 
Question #140813 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/140813

Status: Answered = Open

Mark Haylock is still having a problem:
Will removing the archive dir fix the GPG error? I thought the error is
because it is attempting to pull information into the archive dir?

-- 
You received this question notification because you are a member of
duplicity-team, which is an answer contact for Duplicity.

___
Mailing list: https://launchpad.net/~duplicity-team
Post to : duplicity-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~duplicity-team
More help   : https://help.launchpad.net/ListHelp

Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?

2011-01-09 Thread Mark Haylock 
Question #140813 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/140813

Status: Answered = Open

Mark Haylock is still having a problem:
My main concern is how can I run remove-older-than without it ending up
in this state where I need the private key to fix things and get the
backup running again?

Just discovered a really confusing twist... running that cleanup command
on the machine enough times seems to have somehow set things in a state
where it no longer produces that error. I didn't change anything though,
so that leaves me suspicious of the reliability of the backup all
together?

-- 
You received this question notification because you are a member of
duplicity-team, which is an answer contact for Duplicity.

___
Mailing list: https://launchpad.net/~duplicity-team
Post to : duplicity-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~duplicity-team
More help   : https://help.launchpad.net/ListHelp

Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?

2011-01-09 Thread Mark Haylock 
Question #140813 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/140813

Mark Haylock gave more information on the question:
Note that I am already using the solution of the separate encrypt key
and sign keys.

I was running my script fine until I noticed that the remove-older-
than wasn't actually deleting, it told me to add --force to actually
delete - which is what I've done. Now after running the script again
this time with --force added to the remove-older-than command I am
unable to run it without encountering the GPG error.

I'm also not clear on how I would even provide the private encryption
key to get things started again?

My script looks something like this:

export PASSPHRASE=*removed*

export SSH_AUTH_SOCK=/tmp/ssh-agent

GPG_ENCRYPT_KEY=*removed*
GPG_SIGN_KEY=*removed*

#
# Duplicity Cleanups
#
echo
echo /(1)// DUPLICITY cleanup started.
echo

duplicity cleanup ${REMOTE_FILES_PATH}
duplicity cleanup ${REMOTE_MYSQL_PATH}

echo
echo // DUPLICITY cleanup completed.
echo

#
# File Backups.
#
echo /(2)// FILE backup started.
echo

duplicity --gpg-options='--compress-algo=bzip2 --bzip2-compress-level=9'
--sign-key=${GPG_SIGN_KEY} --encrypt-key=${GPG_ENCRYPT_KEY} --full-if-
older-than=7D ${FILES_DIR} ${REMOTE_FILES_PATH}

echo
echo // FILE backup completed.

echo /(6)// OLD BACKUP DELETE started.
echo

# Delete duplicity backups older than 30 days.
duplicity remove-older-than --force 30D ${REMOTE_FILES_PATH}

echo
echo // OLD BACKUP DELETE completed.
echo

-- 
You received this question notification because you are a member of
duplicity-team, which is an answer contact for Duplicity.

___
Mailing list: https://launchpad.net/~duplicity-team
Post to : duplicity-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~duplicity-team
More help   : https://help.launchpad.net/ListHelp

Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?

2011-01-09 Thread edso 
Question #140813 on Duplicity changed:
https://answers.launchpad.net/duplicity/+question/140813

Status: Open = Answered

edso proposed the following answer:
again, because this is important. you will always need a secret key to encrypt 
to so duplicity can refresh your archive dir when it needs to. that it seems to 
work without one is a bug, read the link above.
consider changing your strategy to encrypt also to the sign key. this is easy 
because it is there anyways. simply add another

--encrypt-key=${GPG_SIGN_KEY}

to solve your current misery:

A: implement the above solution and do a new full
B: keep the old way but import your secret key and enter the pass in ssh-agent. 
this by the way works for the sign key as well. you wont have to define a 
PASSPHRASE env var then. 

ede/duply.net

-- 
You received this question notification because you are a member of
duplicity-team, which is an answer contact for Duplicity.

___
Mailing list: https://launchpad.net/~duplicity-team
Post to : duplicity-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~duplicity-team
More help   : https://help.launchpad.net/ListHelp