() ()

Bupstash encrypted and deduplicated backups.

Run one of the following bupstash subcommands.

bupstash init ...
bupstash new-key ...
bupstash new-sub-key ...
bupstash put ...
bupstash list ...
bupstash list-contents ...
bupstash diff ...
bupstash get ...
bupstash restore ...
bupstash rm ...
bupstash recover-removed ...
bupstash gc ...
bupstash sync ...
bupstash exec-with-locks ...
bupstash serve ...
bupstash help ...
bupstash version ...

bupstash is a tool for storing (and retrieving) files and data in an encrypted bupstash-repostory(7).

Some notable features of bupstash include:

Automatic deduplication of stored data.
Client side encryption of data.
Incremental file uploads.
A tag based query language.
Optional role based encryption and decryption key separation.
Remote repositories over ssh ssh.
Optional, per ssh key access repository controls.
A multi layered approach to security.

The bupstash tool itself is divided into subcommands that each have their own documentation.

Initialize a bupstash repository.
Create a new primary key for creating/reading repository items.
Derive a sub key for a subset of operations.
Add data to a bupstash repository.
Fetch data from the bupstash repository matching a query.
Restore a snapshot into a local directory.
List repository items matching a given query.
List directory snapshot contents.
Diff snapshot contents.
Remove repository items matching a given query.
Recover removed items that are pending garbage collection.
Reclaim diskspace in a repository.
Sync items between repositories.
Exec a command with exclusive locks held on the repository.
Serve a repository over stdin/stdout using the bupstash-protocol(7).

$ bupstash init -r ssh://$SERVER/home/me/backups $ bupstash new-key -o backups.key

$ export BUPSTASH_REPOSITORY=ssh://$SERVER/home/me/backups $ export BUPSTASH_KEY=backups.key

``` $ bupstash put ./some-data ebb66f3baa5d432e9f9a28934888a23d

$ bupstash list-contents id=ebb66f3baa5d432e9f9a28934888a23d drwxr-xr-x 0 2020/11/05 10:42:48 . -rw-r--r-- 177B 2020/07/12 17:13:42 data.txt ```

$ bupstash list hostname=$(hostname) id="bcb8684e6bf5cb453e77486decf61685" name="some-file.txt" hostname="my-server" timestamp="2020-07-27 11:26:16" ...

``` $ bupstash put --send-log /var/backup.sendlog ./some-data ebb66f3baa5d432e9f9a28934888a23d$ bupstash put --send-log /var/backup.sendlog ./some-data ebb66f3baa5d432e9f9a28934888a23d ```

# Checks for errors before saving new item. $ bupstash put --exec name=database.sql pgdump mydatabase 14ebd2073b258b1f55c5bbc889c49db4

$ bupstash get id=bcb8684e6bf5cb453e77486decf61685 some data.

$ bupstash restore --to ./dir name=dir.tar

$ bupstash rm name=some-data.txt

$ bupstash rm --allow-many id=*

$ bupstash gc

``` # Create a key, a put only key, and a metadata (list/rm only) key. $ bupstash new-key -o backups.key $ bupstash new-sub-key --put -k backups.key -o backups-put.key $ bupstash new-sub-key --list -k backups.key -o backups-metadata.key

... Copy backups.key to secure offline storage ...$ shred backups.key

$ bupstash put -k backups-put.key ./data 14ebd2073b258b1f55c5bbc889c49db4

... When you need to list or remove backups, you may use the metadata key ...

$ bupstash list -k backups-metadata.key ... $ bupstash rm -k backups-metadata.key

... After emergency, get decryption key from offline storage ...$ bupstash get -k backups.key id=14ebd2073b258b1f55c5bbc889c49db4 | tar -C ./restore -xf - ```

bupstash-repository(7), bupstash-keyfiles(7)