# ๐Ÿ› ๏ธ `admin.sh` โ€” Smart Admin CLI for Backups & Sync A powerful admin helper script to manage cloud **backups** (via Restic) and **syncs** (via Rclone) using encrypted credentials with **Tang** and **ZFS metadata emulation**. --- ## ๐Ÿ“ฆ Features - ๐Ÿ” Secure credential storage via Tang + Clevis - โ˜๏ธ Cloud sync to **pCloud** using Rclone - ๐Ÿ“ฆ Cloud backup using **Restic** - โš™๏ธ Configuration stored in extended attributes (ZFS-style) - ๐Ÿ”‘ Decryption/encryption with clevis and jose tools - ๐Ÿชช Fake ZFS & Zpool compatibility - ๐Ÿ“‚ Temporary mount in RAM for config isolation - ๐Ÿ”„ Dry-run & full sync support - ๐Ÿ” Encrypted credential introspection - ๐Ÿ“Š Detailed logging for sync and backup tasks --- ## ๐Ÿš€ Usage ```bash ./admin.sh [command] [arguments] ``` --- ## ๐Ÿ“‹ Commands ### ๐Ÿ”ง Configuration ```bash admin.sh config ``` > Interactively set or update encrypted credentials and cloud paths. --- ### โ˜๏ธ Cloud Sync (Rclone) ```bash admin.sh sync [now|dryrun|copy|view|ls|check] ``` - `now` โ€“ Real-time sync to cloud - `dryrun` โ€“ Simulation only - `copy` โ€“ Download specific item from cloud - `view` โ€“ Browse cloud storage interactively - `ls` โ€“ List all cloud files - `check` โ€“ Verify data consistency --- ### ๐Ÿงฐ Cloud Backup (Restic) ```bash admin.sh backup [init|view|ls|check|now|prune|remove|unlock] ``` - `init` โ€“ Initialize remote repository - `now` โ€“ Backup now (with retention) - `view` โ€“ List snapshots - `ls` โ€“ Show files in snapshot - `check` โ€“ Integrity check - `prune` โ€“ Clean old snapshots - `remove` โ€“ Delete a specific snapshot - `unlock` โ€“ Unlock repository --- ### ๐Ÿ” Encryption / Decryption ```bash admin.sh tangcrypt admin.sh tangdecrypt ``` - `tangcrypt` โ€“ Encrypt stdin using Tang - `tangdecrypt` โ€“ Decrypt stdin --- ## ๐Ÿง  How it works - Uses **ZFS metadata** (or simulated `.data` file) to manage configurations per dataset - Mounts temporary RAMFS (`/mnt/usb`) to store decrypted `rclone.conf` - Invokes external tools: - `rclone` - `restic` - `jose` - `clevis` - Credentials are encrypted and decrypted on the fly --- ## ๐Ÿ“ Required Dependencies - `rclone` - `restic` - `clevis` - `jose` (CLI) - `curl`, `awk`, `sed`, `bash` --- ## ๐Ÿงช Simulated Environment You can use `fake-zfs.sh` and `fake-zpool.sh` to simulate ZFS-like behavior in environments without ZFS installed. Metadata is saved to: ``` /home/user/scripts/zfs_meta.data ``` --- ## ๐Ÿ“‚ Config File A basic `admin.conf` will be generated automatically if missing. Example: ```bash RCLONE_CMD="rclone" RESTIC_CMD="restic" ZFS="/home/user/scripts/fake-zfs.sh" URL="https://tang.ia86.cc" ... ``` --- ## ๐Ÿ“ License This script is personal and provided **as is**. Use it at your own risk. Encryption is strong, but your **threat model matters**.