add option to pgp/gpg encrypt scp dumps

diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index 6f7b2d6..d35b1ac 100644 (file)
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -1178,6 +1178,13 @@ httemplate/docs/config.html
   },
 
   {
   },
 
   {

+    'key'         => 'dump-pgpid',
+    'section'     => '',
+    'description' => "Optional PGP public key user or key id for database dumps.  The public key should exist on the freeside user's public keyring, and the gpg binary and GnuPG perl module should be installed.",
+    'type'        => 'text',
+  },
+
+  {

     'key'         => 'users-allow_comp',
     'section'     => '',
     'description' => 'Usernames (Freeside users, created with <a href="../docs/man/bin/freeside-adduser.html">freeside-adduser</a>) which can create complimentary customers, one per line.  If no usernames are entered, all users can create complimentary accounts.',
     'key'         => 'users-allow_comp',
     'section'     => '',
     'description' => 'Usernames (Freeside users, created with <a href="../docs/man/bin/freeside-adduser.html">freeside-adduser</a>) which can create complimentary customers, one per line.  If no usernames are entered, all users can create complimentary accounts.',

diff --git a/FS/bin/freeside-daily b/FS/bin/freeside-daily
index 00de298..99d95d5 100755 (executable)
--- a/FS/bin/freeside-daily
+++ b/FS/bin/freeside-daily
@@ -63,7 +63,6 @@ if ( driver_name eq 'Pg' ) {
   }
 }
 
   }
 }
 

-#local hack

 my $conf = new FS::Conf;
 my $dest = $conf->config('dump-scpdest');
 if ( $dest ) {
 my $conf = new FS::Conf;
 my $dest = $conf->config('dump-scpdest');
 if ( $dest ) {


@@ -75,7 +74,18 @@ if ( $dest ) {
   } else {
     die "database dumps not yet supported for ". driver_name;
   }
   } else {
     die "database dumps not yet supported for ". driver_name;
   }

-  scp("/var/tmp/$database.sql", $dest);
+  if ( $conf->config('dump-pgpid') ) {
+    eval 'use GnuPG';
+    my $gpg = new GnuPG;
+    $gpg->encrypt( plaintext => "/var/tmp/$database.sql",
+                   output    => "/var/tmp/$database.gpg",
+                   recipient => $conf->config('dump-pgpid'),
+                 );
+    scp("/var/tmp/$database.gpg", $dest);
+    unlink "/var/tmp/$database.gpg" or die $!;
+  } else {
+    scp("/var/tmp/$database.sql", $dest);
+  }

   unlink "/var/tmp/$database.sql" or die $!;
 }
 
   unlink "/var/tmp/$database.sql" or die $!;
 }