Notice fopus is NOT suitable for professional application as it is not meant to be the most efficient, correct or secure.
In Linux and Unix, everything is a file. Directories are files, files are files and devices are files. Ubuntu documentation - FilePermissions (as 2022-12-12)
fopus is a command-line tool for Linux. It is a one-liner command to archive, compress, encrypt, split, hash and sign files. It aims consistency in the process of backup.
Backup archive is encrypted by age with a passphrase or to a recipient.
Large backups are split in pieces of 2G by default.
Hashes are signed by minisign. A minisign secret key is required.
- Archive & compress: The file is archived and compressed in
.tar.xzformat.
tar -cvvpf - -- FILE 2> FILE.txt | xz --threads=0 -z - > FILE.tar.xz
- Encrypt: With
age, the compressed file is encrypted in.ageformat.
age --encrypt --passphrase FILE.tar.xz > FILE.tar.xz.age
age --recipient RECIPIENT FILE.tar.xz > FILE.tar.xz.age
age --recipients-file PATH FILE.tar.xz > FILE.tar.xz.age
- Split: If the encrypted file is larger than
SIZEbytes, it is split and putSIZEbytes per output file.
split -b SIZE FILE.tar.xz.age FILE.tar.xz.age_
- Hash: Files are hashed with BLAKE3, BLAKE2, or SHA-256.
b3sum FILE.tar.xz FILE.tar.xz.age [FILE.tar.xz.age_aa ...] FILE.txt > CHECKSUMS.txt
b2sum FILE.tar.xz FILE.tar.xz.age [FILE.tar.xz.age_aa ...] FILE.txt > CHECKSUMS.txt
sha256sum FILE.tar.xz FILE.tar.xz.age [FILE.tar.xz.age_aa ...] FILE.txt > CHECKSUMS.txt
- Sign: The hashes are signed with
minisign.
minisign [-s KEY] [-t COMMENT] -Sm CHECKSUMS.txt
- Permissions: Permission of files are set to 600, and 700 for directories.
$ cd ~/Images
$ fopus Photos/
Output:
A directory ./backup_yyyy-mm-dd/ and:
Photos-15e2ef83315/where15e2ef83315is the first eleven digits of SHA-1 of/home/username/Images/PhotosPhotos.tar.xzthe compressed archive (plaintext)Photos.tar.xz.agethe encrypted archivePhotos.tar.xz.age_aa,Photos.tar.xz.age_ab, ... the pieces of the encrypted archivePhotos.txta list of files processed in compression (plaintext)label.txta label with a random UUID, timestamp and a checksum if label option is selectedCHECKSUMS.txthash of the filesCHECKSUMS.txt.minisignsignature of the hashes
SHA1SUMS.txthash of files inPhotos-15e2ef83315/to ensure that the data has not changed due to accidental corruption - if label option is not select.
The directory backup_yyyy-mm-dd have file permission set to 700. Regular files in backup_yyyy-mm-dd/ have file permission set to 600; for directories, 700.
age, minisign, xz
sudo curl -L https://github.com/guimspace/fopus/releases/latest/download/fopus.sh -o /usr/local/bin/fopus
sudo chmod a+rx /usr/local/bin/fopus
Syntax:
fopus [-1gnql] [-s | -b SIZE] [-o OUTPUT] [-k SECKEY] [-t COMMENT] \
[-r RECIPIENT | -R PATH] FILE...
Options:
-1 Put FILEs in one backup.
-g Group backups by file/date instead of date/name.
-o OUTPUT Put the backup in path OUTPUT.
-n Don't perform any action.
-q Quieter mode.
-l Create a label for the backup.
-b SIZE Split backup pieces of SIZE. Default is 2G.
Specify 0 to not split.
-s SECKEY Minisign with SECKEY.
-t COMMENT Minisign add a one-line trusted COMMENT.
-r RECIPIENT Age encrypt to the specified RECIPIENT.
-R PATH Age encrypt to recipients listed at PATH.
$ fopus -o ~/Backups -b 1G Documents/ lorem-ipsum.txt
$ fopus -1 -b 0 Pictures/ Videos/
$ fopus -l -t "Trusted lorem ipsum" -R ~/.age/projects.pub Projects/
Contributors sign-off that they adhere to the Developer Certificate of Origin (DCO) by adding a Signed-off-by line to commit messages.
$ git commit -s -m 'This is my commit message'
For straight forward patches and minor changes, create a pull request.
For larger changes and feature ideas, please open an issue first for a discussion before implementation.
Copyright (C) 2019-2024 Guilherme Tadashi Maeoka
2022-2024 MIT License
2019-2022 License GPLv3+: GNU GPL version 3 or later https://www.gnu.org/licenses/.