Create backup method for workstation config files

[rocodes]

[Issue based on today's SecureDrop tech meeting]

In order to preserve secrets/config files required for SecureDrop Workstation during a backiup/restore process, dom0's /usr/share/securedrop-workstation-dom0/config folder, which contains config.json (including the app-journalist.auth_private details) and the Submission Private Key (sd-journalist.sec), should be backed up to somewhere that will be preserved during a Qubes backup (such as somewhere in dom0's home directory), or bundled for the user to encrypt and export in their own way.

A proposal from today's tech meeting (minutes to be posted) was to bundle this folder and its contents into a .tar.gz and save it in dom0's home directory.

Related:

120

[zenmonkeykstop]

General sentiment is that we could just have the config in the dom0 user home dir ($HOME/.config/securedrop-workstation?), allowing us to leverage Qubes own backup functionality, but more discussion required as this is probably gonna be a bit of a migration-heavy change.

[zenmonkeykstop]

moving to ~/.config is still the best option and is an easy fix if done for 4.2, as we don't have to worry about migrations

[zenmonkeykstop]

Already in progress as part of the pilot migration script - needs to be promoted to the repo proper.