Allows specifying a custom location of the tar command to use.
Also, the flags sent to ta" are sent individually (tar -cf becomes tar -c -f).
This allows easily customizing how the archiving is performed without having to add
lots of new options. For example, you could encrypt backup data via a simple shell script
and specify via --archive.tar.binary:
#!/bin/bash
gpg_pubkey_id=XXXXXXX
new_args=""
while [ "${#}" -gt 0 ]; do
case "$1" in
-f)
shift;
original_output_file="${1}"
shift
new_args="${new_args} --to-stdout"
;;
*)
new_args="${new_args} ${1}"
shift
;;
esac
done
tar ${new_args} | gpg --always-trust --encrypt --recipient ${gpg_pubkey_id} -z 0 --output ${original_output_file}
This has several advantages:
Backups are never written to disk unencrypted
Encryption can be done in one go, instead of causing the potentially heavy additional
I/O a separate encryption step would incur.
It's transparent for the upload stages, so you can still benefit from the integrated
S3 (or other) uploads.
Allows specifying a custom location of the
tar
command to use. Also, the flags sent tota
" are sent individually (tar -cf
becomestar -c -f
).This allows easily customizing how the archiving is performed without having to add lots of new options. For example, you could encrypt backup data via a simple shell script and specify via
--archive.tar.binary
:This has several advantages: