Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?
Question #140813 on Duplicity changed: https://answers.launchpad.net/duplicity/+question/140813 Status: Answered = Open Mark Haylock is still having a problem: Will removing the archive dir fix the GPG error? I thought the error is because it is attempting to pull information into the archive dir? -- You received this question notification because you are a member of duplicity-team, which is an answer contact for Duplicity. ___ Mailing list: https://launchpad.net/~duplicity-team Post to : duplicity-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~duplicity-team More help : https://help.launchpad.net/ListHelp
Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?
Question #140813 on Duplicity changed: https://answers.launchpad.net/duplicity/+question/140813 Status: Answered = Open Mark Haylock is still having a problem: My main concern is how can I run remove-older-than without it ending up in this state where I need the private key to fix things and get the backup running again? Just discovered a really confusing twist... running that cleanup command on the machine enough times seems to have somehow set things in a state where it no longer produces that error. I didn't change anything though, so that leaves me suspicious of the reliability of the backup all together? -- You received this question notification because you are a member of duplicity-team, which is an answer contact for Duplicity. ___ Mailing list: https://launchpad.net/~duplicity-team Post to : duplicity-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~duplicity-team More help : https://help.launchpad.net/ListHelp
Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?
Question #140813 on Duplicity changed: https://answers.launchpad.net/duplicity/+question/140813 Mark Haylock gave more information on the question: Note that I am already using the solution of the separate encrypt key and sign keys. I was running my script fine until I noticed that the remove-older- than wasn't actually deleting, it told me to add --force to actually delete - which is what I've done. Now after running the script again this time with --force added to the remove-older-than command I am unable to run it without encountering the GPG error. I'm also not clear on how I would even provide the private encryption key to get things started again? My script looks something like this: export PASSPHRASE=*removed* export SSH_AUTH_SOCK=/tmp/ssh-agent GPG_ENCRYPT_KEY=*removed* GPG_SIGN_KEY=*removed* # # Duplicity Cleanups # echo echo /(1)// DUPLICITY cleanup started. echo duplicity cleanup ${REMOTE_FILES_PATH} duplicity cleanup ${REMOTE_MYSQL_PATH} echo echo // DUPLICITY cleanup completed. echo # # File Backups. # echo /(2)// FILE backup started. echo duplicity --gpg-options='--compress-algo=bzip2 --bzip2-compress-level=9' --sign-key=${GPG_SIGN_KEY} --encrypt-key=${GPG_ENCRYPT_KEY} --full-if- older-than=7D ${FILES_DIR} ${REMOTE_FILES_PATH} echo echo // FILE backup completed. echo /(6)// OLD BACKUP DELETE started. echo # Delete duplicity backups older than 30 days. duplicity remove-older-than --force 30D ${REMOTE_FILES_PATH} echo echo // OLD BACKUP DELETE completed. echo -- You received this question notification because you are a member of duplicity-team, which is an answer contact for Duplicity. ___ Mailing list: https://launchpad.net/~duplicity-team Post to : duplicity-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~duplicity-team More help : https://help.launchpad.net/ListHelp
Re: [Duplicity-team] [Question #140813]: secret key not available after remove-older-than?
Question #140813 on Duplicity changed: https://answers.launchpad.net/duplicity/+question/140813 Status: Open = Answered edso proposed the following answer: again, because this is important. you will always need a secret key to encrypt to so duplicity can refresh your archive dir when it needs to. that it seems to work without one is a bug, read the link above. consider changing your strategy to encrypt also to the sign key. this is easy because it is there anyways. simply add another --encrypt-key=${GPG_SIGN_KEY} to solve your current misery: A: implement the above solution and do a new full B: keep the old way but import your secret key and enter the pass in ssh-agent. this by the way works for the sign key as well. you wont have to define a PASSPHRASE env var then. ede/duply.net -- You received this question notification because you are a member of duplicity-team, which is an answer contact for Duplicity. ___ Mailing list: https://launchpad.net/~duplicity-team Post to : duplicity-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~duplicity-team More help : https://help.launchpad.net/ListHelp