freydis 0.2.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e071855bc8658bc5c785f31c78782e5551f21c007527d5198110c6040f1c8ca
-  data.tar.gz: b3b106797d2bddfafb5e9aeabd4b353e4f88d2d7fcd8ad82867fb103f56ea50a
+  metadata.gz: 8609f817dc7fdbd37760c0f0a2afe0652a2eba1841a062c595d00c16806def93
+  data.tar.gz: 97393b88c28dfc4ac136dbdb73c8cb624142cc9928b318bff3abff20d6df7354
 SHA512:
-  metadata.gz: 80a41013b5a8f8c5bbefea435e32d5f6fa52a4b2dafb3f712d67191b2a16e29d3ff869132ad86d67100fb43e4048ced45e4ec8d60cc8796076ee449b07f4594d
-  data.tar.gz: af96444a6d4c3047adf667cd98dddbfb19a80caf4e094d3dab869575b7b3a61ca51f2693bb166e0306d57498bbe1ea881239cfb4ac9c0c564de166122d260b8d
+  metadata.gz: 3b9c9fc5a32b2cc4e4af1227705e93c3c4030bbacfce9d756d6d8f968a86fa72f498c28c57bfdae71ec2ece5ffb39c383b76afb1921a5874963bbf6aadbba12d
+  data.tar.gz: f20fd09c1cb93e12e5d493e160a3f4515e032aaeebb1393fec44c04fc9b70740e0c8c7a76f73572a00e86e67e99f1013c9fbc680208df42bddf4853a1737bbf8

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.8.0, release 2024/09/17
+* Drop support for gpg, use [sgpg](https://github.com/szorfein/sgpg) instead.
+* New workflow (github gem)
+* New option `--restore-at PATH` to change the default `/`.
+* Option `--disk PATH` now require the full path (e.g: `/dev/sdx`), you can add yourself by-id, by-uuid, etc...
+* User can customize what paths to include `--paths-add PATHS` or exclude `--paths-del PATHS`.
+* Encrypted disk is no more default, use `--disk-encrypt` if need.
+
 ## 0.2.0, release 2023/10/23
 * Define constant OPTIONS and ACTIONS
 * Correct rsync options

data/README.md

@@ -9,10 +9,10 @@
 
 </div>
 
-Backup and restore data on encrypted device.
+Backup and restore data (on encrypted) device.
 
 ## Requirements
-Freydis use `rsync` and `cryptsetup` and optionnal `bsdtar`, `shred`, `gnupg`.
+Freydis use `rsync` and `cryptsetup`.
 
 ## Install freydis locally
 
@@ -25,45 +25,38 @@ Freydis use `rsync` and `cryptsetup` and optionnal `bsdtar`, `shred`, `gnupg`.
 ## Examples
 
 #### 0x01 - Initialisation
-First, you need a config file and a disk encrypted.
+First, you need to configure freydis and optionnaly encrypt a device disk.
 
-    $ freydis --disk sdc --encrypt --save
+    $ freydis --disk /dev/sdc --encrypt --save
 
 The config file will be created at `~/.config/freydis/freydis.yaml`.
 
 ```yaml
 ---
-:disk: /dev/disk/by-id/usb-SABRENT_SABRENT_DB9876543214E-0:0
-:paths: []
+:disk: '/dev/sdc'
+:disk_is_encrypt: true
+:gpg_recipient: ''
+:backup_paths: []
+:exclude_paths: []
+:restore_at: '/'
 ```
 
-+ disk: save the full path `by-id` for `sdc` here.
-+ paths -> An Array which contain a list of absolute paths for backup.
-
 #### 0x02 - First backup
 Freydis will use `rsync`, all paths must be separated by a comma:
 
-    $ freydis --backup --paths-add /home,/etc --save
+    $ freydis --paths-add /home,/etc --save
 
-#### 0x03 - Restore
-With `--disk` and `--paths-add` saved in the config file, you only need to write:
-
-    $ freydis --restore
+You can also exclude some paths with `--paths-del`
 
-Freydis will restore all files in `/`.
+    $ freydis --paths-del ~/.cache,~/.npm --save
 
-#### 0x04 - Secrets
-Freydis can store secrets ([GPG Key](https://www.gnupg.org/) and [pass](https://www.passwordstore.org/) directory for now) and restore them if need:
+And backup
 
-    $ freydis --gpg-recipient szorfein@protonmail.com --secrets-backup
-    $ freydis --gpg-recipient szorfein@protonmail.com --secrets-restore
+    $ freydis --backup
 
-The option `--secrets-restore` use `gpg --import` if the key is no found on your system.
-
-### Tips
-If you lost the config file, `freydis` has made a copy on your device when you're done your first `--backup`:
+#### 0x03 - Restore
+With `--disk` and `--paths-add` saved in the config file, you only need to write:
 
-    $ freydis --open --disk sdc
-    $ cp -a /mnt/freydis/home/user/.config/freydis ~/.config/
+    $ freydis --restore
 
-And you can use `freydis` normally.
+Freydis will restore all files in `/` by default, use `--restore-at PATH` to change.

data/bin/freydis

@@ -1,10 +1,92 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 require 'freydis'
+require 'optparse'
 
-freydis = Freydis::Main.new(
-  :argv => ARGV
-)
+# Load options from YAML
+config = Freydis::Config.new
+config.load
 
-freydis.start
-freydis.bye
+options = config.opts
+
+# puts "config file #{options}"
+
+OptionParser.new do |opts|
+  opts.banner = 'Usage: freydis.rb [options]'
+  opts.version = Freydis::VERSION
+
+  opts.on('--disk PATH', String,
+          'Use the disk e.g /dev/sdc.') do |disk|
+    puts "choosed disk #{disk}"
+    options[:disk] = Freydis::Guard.disk(disk)
+  end
+
+  opts.on('--disk-encrypt', 'If need to use cryptsetup to open disk.') do
+    options[:disk_is_encrypt] = true
+  end
+
+  opts.on('-p PATHS', '--paths-add PATHS', Array,
+          'Add absolute PATHS to backup, separate by \',\'.') do |paths|
+    paths.each do |p|
+      Freydis::Guard.path? p
+
+      puts p
+      options[:backup_paths] << p unless options[:backup_paths].include? p
+    end
+  end
+
+  opts.on('-d PATHS', '--paths-del PATHS', Array,
+          'Add absolute PATHS to exclude for the backup, separate by \',\'.') do |paths|
+    paths.each do |p|
+      Freydis::Guard.path? p
+
+      puts p
+      options[:exclude_paths] << p unless options[:exclude_paths].include? p
+    end
+  end
+
+  opts.on('-L', '--list-opts', 'List all options currently used.') do
+    puts options
+  end
+
+  opts.on('--restore-at PATH', 'Restore saved datas on your system, default is /.') do |path|
+    Freydis::Guard.path? path
+
+    options[:restore_at] = path
+  end
+
+  # Engines options
+
+  opts.on('-e', '--encrypt', 'Encrypt and format (ext4) your device.') do
+    Freydis::DiskLuks.encrypt(options)
+  end
+
+  opts.on('-o', '--open', 'Open and mount disk at /mnt/freydis.') do
+    Freydis::DiskLuks.open(options)
+  end
+
+  opts.on('-c', '--close', 'Umount (and close encrypted) disk.') do
+    Freydis::DiskLuks.close(options)
+  end
+
+  opts.on('-b', '--backup', 'Perform a backup.') do
+    Freydis::DiskLuks.open(options)
+    Freydis::Rsync.new(options).backup
+    Freydis::DiskLuks.close(options)
+  end
+
+  opts.on('-r', '--restore', 'Restore saved datas on your system.') do
+    Freydis::DiskLuks.open(options)
+    Freydis::Rsync.new(options).restore
+    Freydis::DiskLuks.close(options)
+  end
+
+  opts.on('-s', '--save', 'Save current arguments in the config file.') do
+    config.save(options)
+  end
+end.parse!
+
+puts
+puts 'Bye !'
+puts

data/freydis.gemspec

@@ -22,7 +22,7 @@ Gem::Specification.new do |s|
     'bug_tracker_uri' => 'https://github.com/szorfein/freydis/issues',
     'changelog_uri' => 'https://github.com/szorfein/freydis/blob/main/CHANGELOG.md',
     'source_code_uri' => 'https://github.com/szorfein/freydis',
-    'funding_uri' => 'https://patreon.com/szorfein',
+    'funding_uri' => 'https://patreon.com/szorfein'
   }
 
   s.files = Dir.glob('{lib,bin}/**/*', File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
@@ -35,11 +35,10 @@ Gem::Specification.new do |s|
   s.executables << 'freydis'
   s.require_paths = ['lib']
 
-  s.cert_chain = ['certs/szorfein.pem']
-  s.signing_key = File.expand_path('~/.ssh/gem-private_key.pem')
+  # s.cert_chain = ['certs/szorfein.pem']
+  # s.signing_key = File.expand_path('~/.ssh/gem-private_key.pem')
 
   s.required_ruby_version = '>= 2.6'
   s.requirements << 'cryptsetup'
   s.requirements << 'rsync'
 end
-

data/lib/freydis/config.rb

@@ -6,33 +6,49 @@ require 'pathname'
 require 'mods/msg'
 
 module Freydis
+  # Loads/Save config variable from a yaml file
   class Config
     include Msg
+    attr_reader :opts
 
     def initialize
       @cpath = ENV['XDG_CONFIG_HOME'] ?
                  "#{ENV['XDG_CONFIG_HOME']}/freydis/freydis.yaml" :
                  "#{ENV['HOME']}/.config/freydis/freydis.yaml"
-
+      @opts = {
+        disk: '',
+        disk_is_encrypt: false,
+        backup_paths: [],
+        exclude_paths: [],
+        restore_at: '/'
+      }
     end
 
-    def save
+    def save(opts)
       FileUtils.mkdir_p Pathname.new(@cpath).parent.to_s
-      File.write @cpath, YAML::dump(OPTIONS)
+      load_opts(opts)
+      File.write @cpath, YAML.dump(@opts)
       success "Saving options to #{@cpath}..."
     end
 
     def load
       if File.exist? @cpath
         info 'Loading config...'
-        data_load = YAML.load_file @cpath
-        OPTIONS[:disk] = data_load[:disk]
-        OPTIONS[:gpg_recipient] = data_load[:gpg_recipient]
-        OPTIONS[:backup_paths] = data_load[:backup_paths]
+        @opts = YAML.load_file @cpath
       else
         info "Creating config file #{@cpath}..."
         save
       end
     end
+
+    private
+
+    def load_opts(args)
+      @opts[:disk] = args[:disk] || ''
+      @opts[:disk_is_encrypt] = args[:disk_is_encrypt] || false
+      @opts[:backup_paths] = args[:backup_paths] || []
+      @opts[:exclude_paths] = args[:exclude_paths] || []
+      @opts[:restore_at] = args[:restore_at] || '/'
+    end
   end
 end

data/lib/freydis/cryptsetup.rb

@@ -4,14 +4,13 @@ require 'mods/exec'
 require 'mods/msg'
 
 module Freydis
+  # Interact with cryptsetup from unix.
   class Cryptsetup
     include Exec
     include Msg
 
-    def initialize
-      Guard.disk_id(OPTIONS[:disk])
-
-      @disk = Disk.new(OPTIONS[:disk]).search_sdx
+    def initialize(disk)
+      @disk = Guard.disk(disk)
       @mapper_name = 'freydis-encrypt'
       @mountpoint = '/mnt/freydis'
     end
@@ -27,7 +26,6 @@ module Freydis
     end
 
     def close
-      umount
       if File.exist? "/dev/mapper/#{@mapper_name}"
         x "cryptsetup -v close #{@mapper_name}"
       else
@@ -46,8 +44,6 @@ module Freydis
       x "mount -t ext4 /dev/mapper/#{@mapper_name} #{@mountpoint}"
     end
 
-    protected
-
     def umount
       if mounted?
         x "umount #{@mountpoint}"

data/lib/freydis/disk_luks.rb

@@ -3,31 +3,37 @@
 require 'mods/msg'
 
 module Freydis
+  # Open, close a device disk (located at /dev)
   module DiskLuks
     extend Msg
+
     module_function
 
-    def encrypt
-      cryptsetup = Freydis::Cryptsetup.new
+    def encrypt(opts)
+      cryptsetup = Cryptsetup.new(opts[:disk])
       cryptsetup.encrypt
+      opts[:disk_is_encrypt] = true
       cryptsetup.open
       cryptsetup.format
       cryptsetup.close
-      success "Disk #{OPTIONS[:disk]} fully encrypted."
+      success "Disk #{opts[:disk]} fully encrypted."
     end
 
-    def open
-      cryptsetup = Freydis::Cryptsetup.new
-      cryptsetup.close
-      cryptsetup.open
+    def open(opts)
+      cryptsetup = Cryptsetup.new(opts[:disk])
+      if opts[:disk_is_encrypt]
+        cryptsetup.close
+        cryptsetup.open
+      end
       cryptsetup.mount
-      success "Disk #{OPTIONS[:disk]} opened."
+      success "Disk #{opts[:disk]} opened."
     end
 
-    def close
-      cryptsetup = Freydis::Cryptsetup.new
-      cryptsetup.close
-      success "Disk #{OPTIONS[:disk]} closed."
+    def close(opts)
+      cryptsetup = Cryptsetup.new(opts[:disk])
+      cryptsetup.umount
+      cryptsetup.close if opts[:disk_is_encrypt]
+      success "Disk #{opts[:disk]} closed."
     end
   end
 end

data/lib/freydis/error.rb

@@ -5,5 +5,4 @@ module Freydis
   class DiskId < StandardError; end
   class InvalidLuksDev < StandardError; end
   class InvalidPath < StandardError; end
-  class GPG < StandardError; end
 end

data/lib/freydis/guard.rb

@@ -1,16 +1,16 @@
 # frozen_string_literal: true
 
 module Freydis
+  # Guard control argument/path/input and quit if no valid
   module Guard
     module_function
 
     def disk(name)
-      full_path = "/dev/#{name}"
-      raise Freydis::InvalidDisk, 'No disk, use with -d DISK.' unless name
-      raise Freydis::InvalidDisk, 'No disk, use with -d DISK.' if name == ''
-      raise Freydis::InvalidDisk, 'Bad name #{name}, should match with sd[a-z]' unless name.match(/^sd[a-z]{1}$/)
-      raise Freydis::InvalidDisk, "No disk #{full_path} available." unless File.exist? full_path
-      Freydis::Disk.new(full_path).search_id # return disk(name) by-id
+      raise Freydis::InvalidDisk, 'No disk, use with --disk PATH.' unless name
+      raise Freydis::InvalidDisk, 'No disk, use with --disk PATH.' if name == ''
+      raise Freydis::InvalidDisk, "No disk #{name} available." unless File.exist? name
+
+      name
     rescue Freydis::InvalidDisk => e
       puts "#{e.class} => #{e}"
       exit 1
@@ -23,11 +23,12 @@ module Freydis
       exit 1
     end
 
-    def isLuks(disk)
-      raise Freydis::InvalidLuksDev, "No disk." unless disk
+    def luks?(disk)
+      raise Freydis::InvalidLuksDev, 'No disk, use with --disk PATH.' unless disk
       raise Freydis::InvalidLuksDev, "#{disk} does not exist." unless File.exist? disk
+
       sudo = Process.uid != 0 ? 'sudo' : ''
-      if !system(sudo, 'cryptsetup', 'isLuks', disk)
+      unless system(sudo, 'cryptsetup', 'isLuks', disk)
         raise Freydis::InvalidLuksDev, "#{disk} is not valid Luks device."
       end
     rescue Freydis::InvalidLuksDev => e
@@ -35,19 +36,11 @@ module Freydis
       exit 1
     end
 
-    def path?(p)
-      raise Freydis::InvalidPath, "#{p} does not exist." unless File.exist? p
+    def path?(path)
+      raise Freydis::InvalidPath, "#{path} does not exist." unless File.exist? path
     rescue Freydis::InvalidPath => e
       puts "#{e.class} => #{e}"
       exit 1
     end
-
-    def gpg(recipient)
-      raise Freydis::GPG, "No recipient, use --gpg-recipient NAME" unless recipient
-      recipient
-    rescue Freydis::GPG => e
-      puts "#{e.class} => #{e}"
-      exit 1
-    end
   end
 end

data/lib/freydis/rsync.rb

@@ -3,60 +3,43 @@
 require 'mods/exec'
 
 module Freydis
+  # Interact with rsync from unix
   class Rsync
     include Exec
 
-    def initialize
+    def initialize(opts)
       @workdir = '/mnt/freydis/backup'
-      @exclude_paths = %w[
-        "/dev/*"
-        "/proc/*"
-        "/sys/*"
-        "/tmp/*"
-        "/run/*"
-        "/mnt/*"
-        "/media/*"
-        "/var/lib/dhcpcd/*"
-        "*/.gvfs"
-        "*/.vim/*"
-        "*/.weechat/*"
-        "*/.thumbnails/*"
-        "*/.oh-my-zsh/*"
-        "*/.cache/*"
-        "*/.emacs.d/*"
-        "*/.local/share/*"
-        "*/.Xauthority"
-        "*/.xsession-errors"
-        "*/.quickemu/*"
-        "*/.config/BraveSoftware/*"
-        "*/.config/Min/*"
-        "*/.config/emacs"
-        "*/build/*"
-        "*/tmp/*"
-        "*/.npm"
-        "*/.history"
-        "*lost+found"
-      ]
-      #@opts = '-aAXHvR'
-      @opts = '-aAXHv --relative'
-      #@opts = '-aAXHvRx'
+      @exclude_paths = %w['/dev/*' '/proc/*'
+                          '/sys/*' '/tmp/*'
+                          '/run/*' '/mnt/*'
+                          '/media/*' '/home/*/.gvfs'
+                          '/var/lib/dhcpcd/*' '*lost+found']
+      @backup = opts[:backup_paths] || []
+      @user_excludes = opts[:exclude_paths] || []
+      @restore_at = opts[:restore_at] || '/'
+      @opts = '-aAXHv --relative -hh'
     end
 
     def backup
-      DiskLuks.open
+      raise 'Nothing to backup, use --paths-add PATH' if @backup == []
+
       mkdir @workdir
-      exil = @exclude_paths * ','
-      save = OPTIONS[:backup_paths] * ' '
-      @opts += ' --delete'
+      exil = combine_exclude
+      save = @backup * ' '
+      @opts += ' --delete --recursive'
       x "rsync #{@opts} --exclude={#{exil}} #{save} #{@workdir}"
       puts "Saved path #{save}"
-      DiskLuks.close
     end
 
     def restore
-      DiskLuks.open
-      x "rsync #{@opts} #{@workdir} /"
-      DiskLuks.close
+      x "rsync #{@opts} #{@workdir} #{@restore_at}"
+    end
+
+    private
+
+    def combine_exclude
+      new_array = @exclude_paths << @user_excludes
+      new_array.flatten! * ','
     end
   end
 end

data/lib/freydis/version.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
 module Freydis
-  VERSION = '0.2.0'
+  VERSION = '0.8.0'
 end
-

data/lib/freydis.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require_relative 'freydis/version'
-require_relative 'freydis/options'
 require_relative 'freydis/config'
 require_relative 'freydis/disk'
 require_relative 'freydis/disk_luks'
@@ -9,30 +8,7 @@ require_relative 'freydis/cryptsetup'
 require_relative 'freydis/rsync'
 require_relative 'freydis/error'
 require_relative 'freydis/guard'
-require_relative 'freydis/secrets'
-require_relative 'freydis/main'
 
+# Freydis - tool to backup data using rsync, cryptsetup.
 module Freydis
-  OPTIONS = {
-    disk: '',
-    gpg_recipient: '',
-    backup_paths: []
-  }
-
-  ACTIONS = {
-    encrypt: false,
-    open: false,
-    close: false,
-    backup: false,
-    restore: false,
-    secrets_backup: false,
-    secrets_restore: false,
-    config_save: true
-  }
-
-  # Load options from YAML
-  Config.new.load
-
-  # If problem with the config load
-  OPTIONS[:backup_paths] = [] if OPTIONS[:backup_paths] == nil
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: freydis
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.8.0
 platform: ruby
 authors:
 - szorfein
@@ -36,7 +36,7 @@ cert_chain:
   urXgRIzALxd/xazPCnoLSXPzfJSI6Y77S1EBvhPd9RaSO8IyH9RhPDP9mnTvW2Kl
   NAUnoL+txK5a
   -----END CERTIFICATE-----
-date: 2023-10-23 00:00:00.000000000 Z
+date: 2024-09-17 00:00:00.000000000 Z
 dependencies: []
 description: 'Freydis is a CLI tool to encrypt a disk device, backup and restore easyly.
   Freydis use `cryptsetup` and `rsync` mainly.
@@ -60,12 +60,7 @@ files:
 - lib/freydis/disk_luks.rb
 - lib/freydis/error.rb
 - lib/freydis/guard.rb
-- lib/freydis/main.rb
-- lib/freydis/options.rb
 - lib/freydis/rsync.rb
-- lib/freydis/secrets.rb
-- lib/freydis/secrets/archive.rb
-- lib/freydis/secrets/gpg.rb
 - lib/freydis/version.rb
 - lib/mods/exec.rb
 - lib/mods/msg.rb

data/lib/freydis/main.rb

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-# lib/main.rb
-
-module Freydis
-  class Main
-    # Code here
-    def initialize(args)
-      Options.new(args[:argv])
-    end
-
-    def start
-      DiskLuks.encrypt if ACTIONS[:encrypt]
-      DiskLuks.open if ACTIONS[:open]
-      DiskLuks.close if ACTIONS[:close]
-      Rsync.new.backup if ACTIONS[:backup]
-      Rsync.new.restore if ACTIONS[:restore]
-      Secrets.backup if ACTIONS[:secrets_backup]
-      Secrets.restore if ACTIONS[:secrets_restore]
-      Config.new.save if ACTIONS[:config_save]
-    end
-
-    def bye
-      puts
-      puts "Bye !"
-      exit
-    end
-  end
-end

data/lib/freydis/options.rb

@@ -1,104 +0,0 @@
-# frozen_string_literal: true
-
-require 'optparse'
-require 'mods/msg'
-
-module Freydis
-  class Options
-    include Msg
-
-    def initialize(argv)
-      parse(argv)
-    end
-
-    private
-
-    def parse(argv)
-      OptionParser.new do |opts|
-        opts.banner = 'Usage: freydis.rb [options]'
-        opts.version = VERSION
-
-        opts.on('--disk NAME', /^sd[a-z]$/,
-                'Use the disk NAME (e.g: sda, sdb).') do |disk|
-          OPTIONS[:disk] = Guard.disk(disk)
-        end
-
-        opts.on('--gpg-recipient NAME', String, 'Use gpg key NAME.') do |key|
-          OPTIONS[:gpg_recipient] = Guard.gpg(key)
-          info "Using key #{OPTIONS[:gpg_recipient]}"
-        end
-
-        opts.on('-p PATHS', '--paths-add PATHS', Array,
-                'Add absolute PATHS to the backup list.') do |paths|
-          paths.each do |p|
-            Freydis::Guard.path? p
-
-            info p
-            OPTIONS[:backup_paths] << p unless OPTIONS[:backup_paths].include? p
-          end
-        end
-
-        opts.on('-d PATH', '--path-del PATH', String,
-                'Remove absolute PATH from the backup list.') do |p|
-          Freydis::Guard.path? p
-
-          if OPTIONS[:backup_paths].include? p
-            OPTIONS[:backup_paths].delete p
-          else
-            error "#{p} is no found in #{OPTIONS[:backup_paths]}"
-          end
-        end
-
-        opts.on('-L', '--paths-list', 'List all paths from your list.') do
-          if OPTIONS[:backup_paths].nil?
-            error 'Nothing in paths yet...'
-          else
-            success "Listing paths to backup..."
-            OPTIONS[:backup_paths].each { |p| info p }
-          end
-        end
-
-        # Engines options
-
-        opts.on('-e', '--encrypt', 'Encrypt and format (ext4) your device.') do
-          ACTIONS[:encrypt] = true
-        end
-
-        opts.on('-o', '--open', 'Open and mount encrypted disk at /mnt/freydis.') do
-          ACTIONS[:open] = true
-        end
-
-        opts.on('-c', '--close', 'Umount and close encrypted disk.') do
-          ACTIONS[:close] = true
-        end
-
-        opts.on('-b', '--backup', 'Perform a backup.') do
-          ACTIONS[:backup] = true
-        end
-
-        opts.on('-r', '--restore', 'Restore saved datas on your system.') do
-          ACTIONS[:restore] = true
-        end
-
-        opts.on('--secrets-backup', 'Backup only secrets, including GPG keys.') do |s|
-          ACTIONS[:secrets_backup] = true
-        end
-
-        opts.on('--secrets-restore', 'Restore secrets.') do |s|
-          ACTIONS[:secrets_restore] = true
-        end
-
-        opts.on('-s', '--save', 'Save current arguments in the config file.') do
-          ACTIONS[:config_save] = true
-        end
-
-        begin
-          opts.parse!(argv)
-        rescue OptionParser::ParseError => e
-          warn e.message, "\n", opts
-          exit 1
-        end
-      end
-    end
-  end
-end

data/lib/freydis/secrets/archive.rb

@@ -1,73 +0,0 @@
-# frozen_string_literal: true
-
-require 'date'
-require 'fileutils'
-
-module Freydis
-  module Secrets
-    # Create or Restore an archive of secrets with bsdtar
-    class Archive
-      include Exec
-      include Msg
-
-      def initialize(gpg)
-        @workdir = '/mnt/freydis/secrets'
-        @filename = "#{@workdir}/#{OPTIONS[:gpg_recipient]}_#{Date.today}.tar.gz"
-        @restore_dir = '/tmp'
-        @include_paths = %w[]
-        @gpg = gpg
-      end
-
-      def create
-        populate_include
-        inc_paths = @include_paths * ' '
-
-        mkdir @workdir
-        info "Creating archive #{@filename}..."
-        bsdtar "--acls --xattrs -cpvf #{@filename} #{inc_paths}"
-        @gpg.clean_keys
-      end
-
-      # Restore the most recent archive in your $HOME
-      def restore
-        last_archive = find_last_archive
-        error 'No archive found.' unless last_archive
-
-        mkdir @restore_dir
-        info "Restoring #{last_archive}..."
-        bsdtar "-xvf #{last_archive} -C #{@restore_dir}"
-        @gpg.import_keys @restore_dir
-        @gpg.clean_keys @restore_dir
-      end
-
-      protected
-
-      def populate_include
-        @gpg.export_keys unless File.exist? @gpg.seckey_path
-        search_paths(%W[#{ENV['HOME']}/.password-store 
-                     #{@gpg.seckey_path}
-                     #{@gpg.pubkey_path}])
-      end
-
-      def find_last_archive
-        if Process.uid == 0
-          Dir.glob("#{@workdir}/#{CONFIG.gpg_recipient}*").sort[0]
-        else
-          archive = `sudo ls #{@workdir}/ | grep #{CONFIG.gpg_recipient} | sort | head -1`.chomp
-          "#{@workdir}/#{archive}" if archive
-        end
-      end
-
-      private
-
-      def search_paths(paths)
-        paths.each do |p|
-          if Dir.exist?(p) || File.exist?(p)
-            info "Found #{p}, add to archive..."
-            @include_paths << p
-          end
-        end
-      end
-    end
-  end
-end

data/lib/freydis/secrets/gpg.rb

@@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-module Freydis
-  module Secrets
-    class GPG
-      include Exec
-      include Msg
-
-      attr_reader :seckey_path, :pubkey_path
-
-      def initialize
-        @recipient = Guard.gpg(OPTIONS[:gpg_recipient])
-        @seckey_path = "/tmp/#{@recipient}-secret.key"
-        @pubkey_path = "/tmp/#{@recipient}-public.key"
-      end
-
-      def export_keys
-        info "Exporting keys for #{@recipient}..."
-        gpg "-a --export-secret-keys --armor #{@recipient} >#{@seckey_path}"
-        gpg "-a --export --armor #{@recipient} >#{@pubkey_path}"
-      end
-
-      def import_keys(prefix = nil)
-        is_key = `gpg -K | grep #{@recipient}`.chomp
-        if is_key.empty?
-          info "Importing key #{@recipient}..."
-          gpg_import(prefix)
-        else
-          info "Key #{@recipient} is alrealy present, skip import."
-        end
-      end
-
-      def clean_keys(prefix = nil)
-        if prefix
-          shred "#{prefix}#{@seckey_path}", "#{prefix}#{@pubkey_path}"
-        else
-          shred @seckey_path, @pubkey_path
-        end
-        success "Clean keys."
-      end
-
-      protected
-
-      def gpg_import(prefix)
-        if prefix
-          gpg "--armor --import #{prefix}#{@seckey_path}"
-          gpg "--armor --import #{prefix}#{@pubkey_path}"
-        else
-          gpg "--armor --import #{@seckey_path}"
-          gpg "--armor --import #{@pubkey_path}"
-        end
-      end
-
-      private
-
-      def gpg(command)
-        unless system("gpg #{command}")
-          error "Exe: gpg #{command}"
-        end
-      end
-    end
-  end
-end

data/lib/freydis/secrets.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-require 'mods/msg'
-require_relative 'secrets/gpg'
-require_relative 'secrets/archive'
-
-module Freydis
-  module Secrets
-    extend Msg
-
-    def self.backup
-      DiskLuks.open
-      info 'Backup secrets...'
-      gpg = GPG.new
-      archive = Archive.new(gpg)
-      archive.create
-      DiskLuks.close
-    end
-
-    def self.restore
-      DiskLuks.open
-      info 'Restoring secrets...'
-      gpg = GPG.new
-      archive = Archive.new(gpg)
-      archive.restore
-      DiskLuks.close
-    end
-  end
-end