Added --backup-server and --restore-server

To aid in backing up keysafe servers with minimal information leakage. This commit was sponsored by Andrea Rota.
author: Joey Hess <joeyh@joeyh.name> 2016-09-15 22:49:38 -0400
committer: Joey Hess <joeyh@joeyh.name> 2016-09-15 22:49:38 -0400
commit: 845fb2d60585be5567ac10aa0a53ab45c628648c (patch)
tree: e58456868911cd16451f4695ff7d076a701a78bb /CmdLine.hs
parent: 4fc681f78b2e659d3db3da99fe7c640416fb3b43 (diff)
download: keysafe-845fb2d60585be5567ac10aa0a53ab45c628648c.tar.gz
1 files changed, 69 insertions, 54 deletions
diff --git a/CmdLine.hs b/CmdLine.hs
index 686fcb5..f4a6b92 100644
--- a/CmdLine.hs
+++ b/CmdLine.hs
@@ -29,7 +29,7 @@ data CmdLine = CmdLine
 	, serverConfig :: ServerConfig
 	}
 
-data Mode = Backup | Restore | UploadQueued | Server | Chaff HostName | Benchmark | Test
+data Mode = Backup | Restore | UploadQueued | Server | GenBackup FilePath | RestoreBackup FilePath | Chaff HostName | Benchmark | Test
 	deriving (Show)
 
 data ServerConfig = ServerConfig
@@ -40,7 +40,7 @@ data ServerConfig = ServerConfig
 
 parse :: Parser CmdLine
 parse = CmdLine
-	<$> optional (backup <|> restore <|> uploadqueued <|> server <|> chaff <|> benchmark <|> test)
+	<$> optional parseMode
 	<*> optional (gpgswitch <|> fileswitch)
 	<*> localstorageswitch
 	<*> localstoragedirectoryopt
@@ -49,37 +49,8 @@ parse = CmdLine
 	<*> optional (ShareParams <$> totalobjects <*> neededobjects)
 	<*> nameopt
 	<*> othernameopt
-	<*> serverconfig
+	<*> parseServerConfig
   where
-	backup = flag' Backup
-		( long "backup"
-		<> help "Store a secret key in keysafe."
-		)
-	restore = flag' Restore
-		( long "restore"
-		<> help "Retrieve a secret key from keysafe."
-		)
-	uploadqueued = flag' UploadQueued
-		( long "uploadqueued"
-		<> help "Upload any data to servers that was queued by a previous --backup run."
-		)
-	server = flag' Server
-		( long "server"
-		<> help "Run as a keysafe server, accepting objects and storing them to ~/.keysafe/objects/local/"
-		)
-	chaff = Chaff <$> strOption
-		( long "chaff"
-		<> metavar "HOSTNAME"
-		<> help "Upload random data to a keysafe server."
-		)
-	benchmark = flag' Benchmark
-		( long "benchmark"
-		<> help "Benchmark speed of keysafe's cryptographic primitives."
-		)
-	test = flag' Test
-		( long "test"
-		<> help "Run test suite."
-		)
 	gpgswitch = GpgKey . KeyId . T.pack <$> strOption
 		( long "gpgkeyid"
 		<> metavar "KEYID"
@@ -127,28 +98,72 @@ parse = CmdLine
 		<> metavar "N"
 		<> help "Specify other name used for key backup/restore, avoiding the usual prompt."
 		)
-	serverconfig = ServerConfig
-		<$> option auto
-			( long "port"
-			<> metavar "P"
-			<> value 80
-			<> showDefault
-			<> help "Port for server to listen on."
-			)
-		<*> option str
-			( long "address"
-			<> metavar "A"
-			<> value "127.0.0.1"
-			<> showDefault
-			<> help "Address for server to bind to. (Use \"*\" to bind to all addresses.)"
-			)
-		<*> option auto
-			( long "months-to-fill-half-disk"
-			<> metavar "N"
-			<> value 12
-			<> showDefault
-			<> help "Server rate-limits requests and requires proof of work, to avoid too many objects being stored. This is an lower bound on how long it could possibly take for half of the current disk space to be filled."
-			)
+
+parseMode :: Parser Mode
+parseMode = 
+	flag' Backup
+		( long "backup"
+		<> help "Store a secret key in keysafe."
+		)
+	<|> flag' Restore
+		( long "restore"
+		<> help "Retrieve a secret key from keysafe."
+		)
+	<|> flag' UploadQueued
+		( long "uploadqueued"
+		<> help "Upload any data to servers that was queued by a previous --backup run."
+		)
+	<|> flag' Server
+		( long "server"
+		<> help "Run as a keysafe server, accepting objects and storing them to ~/.keysafe/objects/local/"
+		)
+	<|> GenBackup <$> strOption
+		( long "backup-server"
+		<> metavar "BACKUPDIR"
+		<> help "Run on a server, populates the directory with a gpg encrypted backup of all objects stored in the --store-directory. This is designed to be rsynced offsite (with --delete) to back up the a keysafe server with minimal information leakage."
+		)
+	<|> RestoreBackup <$> strOption
+		( long "restore-server"
+		<> metavar "BACKUPDIR"
+		<> help "Restore all objects present in the gpg-encrypted backups in the specified directory."
+		)
+	<|> Chaff <$> strOption
+		( long "chaff"
+		<> metavar "HOSTNAME"
+		<> help "Upload random data to a keysafe server."
+		)
+	<|> flag' Benchmark
+		( long "benchmark"
+		<> help "Benchmark speed of keysafe's cryptographic primitives."
+		)
+	<|> flag' Test
+		( long "test"
+		<> help "Run test suite."
+		)
+
+parseServerConfig :: Parser ServerConfig
+parseServerConfig = ServerConfig
+	<$> option auto
+		( long "port"
+		<> metavar "P"
+		<> value 80
+		<> showDefault
+		<> help "Port for server to listen on."
+		)
+	<*> option str
+		( long "address"
+		<> metavar "A"
+		<> value "127.0.0.1"
+		<> showDefault
+		<> help "Address for server to bind to. (Use \"*\" to bind to all addresses.)"
+		)
+	<*> option auto
+		( long "months-to-fill-half-disk"
+		<> metavar "N"
+		<> value 12
+		<> showDefault
+		<> help "Server rate-limits requests and requires proof of work, to avoid too many objects being stored. This is an lower bound on how long it could possibly take for half of the current disk space to be filled."
+		)
 
 get :: IO CmdLine
 get = execParser opts
author	Joey Hess <joeyh@joeyh.name>	2016-09-15 22:49:38 -0400
committer	Joey Hess <joeyh@joeyh.name>	2016-09-15 22:49:38 -0400
commit	845fb2d60585be5567ac10aa0a53ab45c628648c (patch)
tree	e58456868911cd16451f4695ff7d076a701a78bb /CmdLine.hs
parent	4fc681f78b2e659d3db3da99fe7c640416fb3b43 (diff)
download	keysafe-845fb2d60585be5567ac10aa0a53ab45c628648c.tar.gz