--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/sync-to-usb.sh	Fri Feb 17 10:15:51 2012 +0100
@@ -0,0 +1,183 @@
+#!/bin/sh -e
+#
+# 
+# Copyright (C) 2012  Christian Arnold <arnold@schlittermann.de>
+#
+# Schlittermann internet & unix support
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+export LANG=C LANGUAGE=C LC_ALL=C
+
+ME=$(basename $0)
+LOGGING=1
+DEBUG=0
+
+### DON'T TOUCH ANYTHING BELOW THIS LINES ###
+
+SUUID=$1
+SPATH=$2
+DUUID=$3
+DPATH=$4
+KEY=$5
+
+usage() {
+    cat <<__ >&2
+Usage: $ME <suuid> <spath> <duuid> <dpath>
+
+       <suuid> UUID of the source LUKS partition
+       <spath> Mount point for the source filesystem
+       <duuid> UUID of the destination LUKS partition
+       <dpath> Mount point for the destination filesystem
+       <key>   Key file to decrypt LUKS partition
+__
+}
+
+debug() {
+    if [ $DEBUG -gt 0 ]; then 
+		echo "$@" >&2
+	fi
+}
+
+check_mountpoint() {
+    MOUNTPOINT=$1
+    if [ ! -d $MOUNTPOINT ]; then
+        debug "ERROR: [$ME] $MOUNTPOINT don't exists"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: $MOUNTPOINT don't exist"
+        exit 1
+    fi
+
+    debug "OK: [$ME] $MOUNTPOINT exists"
+    if cut -d' ' -f2 /proc/mounts | grep -q "^$MOUNTPOINT$"; then
+        debug "ERROR: [$ME] anything is mounted on $MOUNTPOINT"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: anything is mounted on $MOUNTPOINT"
+        exit 1
+    fi
+
+    debug "OK: [$ME] nothing is mounted on $MOUNTPOINT"
+    [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: nothing is mounted on $MOUNTPOINT"
+    return 0
+}
+
+open_cryptdev() {
+	TYPE=$1
+	if [ ! $(blkid -U $2) ]; then
+		debug "ERROR: [$ME] can't get device path for UUID: $2"
+		exit 1
+	fi
+	DEV=$(blkid -U $2)
+	CRYPTDEV="cbackup.$TYPE.$$"
+	KEYFILE=$3
+    cryptsetup luksOpen $DEV $CRYPTDEV --key-file $KEYFILE 2>/dev/null
+    if [ ! -h /dev/mapper/$CRYPTDEV ]; then
+        debug "ERROR: [$ME] can't luksOpen cryptdev '$CRYPTDEV'"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't luksOpen cryptdev '$CRYPTDEV'"
+        exit 1
+    fi
+
+    debug "OK: [$ME] luksOpen cryptdev '$CRYPTDEV'"
+    [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: luksOpen cryptdev $CRYPTDEV"
+    return 0
+}
+
+mount_cryptdev() {
+	TYPE=$1
+	CRYPTDEV="cbackup.$TYPE.$$"
+	MOUNTPOINT=$2
+    if mount /dev/mapper/$CRYPTDEV $MOUNTPOINT; then
+        debug "OK: [$ME] mount $CRYPTDEV to $MOUNTPOINT"
+        [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: mount $CRYPTDEV to $MOUNTPOINT"
+    else
+        debug "ERROR: [$ME] can't mount $CRYPTDEV to $MOUNTPOINT"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't mount $CRYPTDEV to $MOUNTPOINT"
+        exit 1
+    fi
+    return 0
+}
+
+umount_cryptdev() {
+	MOUNTPOINT=$1
+    if umount $MOUNTPOINT 2>/dev/null; then
+        debug "OK: [$ME] umount $MOUNTPOINT"
+        [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: umount $MOUNTPOINT"
+    else
+        debug "ERROR: [$ME] can't umount $MOUNTPOINT"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't umount $MOUNTPOINT"
+        exit 1
+    fi
+    return 0
+}
+
+close_cryptdev() {
+	TYPE=$1
+	CRYPTDEV="cbackup.$TYPE.$$"
+    if [ -h /dev/mapper/$CRYPTDEV ]; then
+        cryptsetup luksClose $CRYPTDEV
+        if [ -h /dev/mapper/$CRYPTDEV ]; then
+            debug "ERROR: [$ME] can't luksClose cryptdev '$CRYPTDEV'"
+            [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: can't luksClose cryptdev '$CRYPTDEV'"
+            exit 1
+        fi
+
+        debug "OK: [$ME] luksClose cryptdev '$CRYPTDEV'"
+        [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: luksClose cryptdev '$CRYPTDEV'"
+    fi
+    return 0
+}
+
+do_sync() {
+	SOURCE=$1
+	DESTINATION=$2
+	if rsync -Ha --numeric-ids --delete $SOURCE $DESTINATION; then
+		debug "OK: [$ME] sync is done from '$SOURCE' to '$DESTINATION'"
+        [ $LOGGING -eq 1 ] && logger -p local0.notice -t $ME "OK: sync is done from '$SOURCE' to '$DESTINATION'"
+	else
+		debug "ERROR: [$ME] sync error from '$SOURCE' to '$DESTINATION'"
+        [ $LOGGING -eq 1 ] && logger -p local0.err -t $ME "ERROR: sync error from '$SOURCE' to '$DESTINATION'"
+		exit 1
+	fi
+	return 0
+}
+
+cleanup() {
+    check_mountpoint $SPATH || umount_cryptdev $SPATH
+    check_mountpoint $DPATH || umount_cryptdev $DPATH
+    close_cryptdev source
+    close_cryptdev destination
+}
+
+# MAIN
+
+trap cleanup INT EXIT
+
+if [ $# -ne 5 ]; then
+	usage
+	exit 1
+fi
+
+check_mountpoint $SPATH
+check_mountpoint $DPATH
+open_cryptdev src $SUUID $KEY
+open_cryptdev dst $DUUID $KEY
+mount_cryptdev src $SPATH
+mount_cryptdev dst $DPATH
+
+do_sync $SPATH $DPATH
+
+umount_cryptdev $SPATH
+umount_cryptdev $DPATH
+close_cryptdev src
+close_cryptdev dst
+