Support encrypting backups prior to uploading them offsite

I would like to see the option to support encrypting the backups with a passphrase prior to uploading them offsite, perhaps using gnupg to do so. (gpg -c)

How difficult would that be to implement? The only difficulty I can see would be in the restoring phase. It might require twice the disk space since you would have to download the encrypted backup, and then decrypt it, which would leave 2 copies temporarily on disk.

It would be a very nice feature to have, however.

Status: 
Active

Comments

That's not a bad idea .. although the backup / restore function already has support for running a command after a backup, so you could create one that backs up locally, runs gpg, then uploads the encrypted file.

Also, you could make use of the virtualmin backup-domain and virtualmin restore-domain command-line API commands.

Yeah, the only problem is, for my current server, I am limited on disk space. So unfortunately do not have the ability to have everything backed up locally on a scheduled backup, then encrypt all of it and upload it on my own using a shell script.

I suppose I could write a shell script that backups up each virtualserver individually (calls virtualmin list-domains, parses the output, and then runs it through a backup-domain), then encrypt it, upload it, and delete the local backup and continues on to the next domain.

I like keeping it in the graphical interface though, and being able to review the backup logs that the scheduled backups keep. It would be nice to have the functionality built right in so that Virtualmin can encrypt the contents after each individual domain backup before uploading it to the offsite location.

Hence..... why I was hoping this could make it into a future virtualmin release =)

I'll add this to my TODO list, but it will take a while before it gets done.

It would still require that Virtualmin save the data locally and encrypt it though, so your disk space usage would still be high..

I understand. My major issue is I do not have the space to be able to backup all of the domains to the local server before encrypting them, but could do one account at a time.

Glad it's in the todo list! Thanks!

Just out of curiosity, while I wait for this feature to be added, is there an easy way to make Virtualmin encrypt the contents of each backup before its uploaded? Some way of throwing in the gpg command and syntax in the code before it does the upload? I currently have it uploading each account separately in the configuration.

Unfortunately, no .. you can have Virtualmin run a command after the backup is complete, but not before transferring each domain file.