--- /dev/null
+#!/bin/bash
+
+function cryptsetup_open {
+ for DEVICE in /dev/disk/by-partlabel/ext*backup*; do
+ if ! [ -L "$DEVICE" ]; then
+ continue
+ fi
+ DISKNAME="$(basename "$DEVICE")"
+ CRYPTNAME="crypt-$DISKNAME"
+ echo "> cryptsetup luksOpen $DEVICE $CRYPTNAME"
+ cryptsetup luksOpen "$DEVICE" "$CRYPTNAME" --key-file "/etc/lukskeys/${DISKNAME}"
+ mkdir -p /run/ext-backup-crypt/
+ ln -sf "/dev/mapper/$CRYPTNAME" /run/ext-backup-crypt/
+ done
+}
+
+function cryptsetup_close {
+ for CRYPTDEVICE in /dev/mapper/crypt-ext*backup*; do
+ if ! [ -L "$CRYPTDEVICE" ]; then
+ continue
+ fi
+ CRYPTNAME="$(basename "$CRYPTDEVICE")"
+ echo "> cryptsetup luksClose $CRYPTNAME"
+ cryptsetup luksClose "$CRYPTNAME"
+ rm -f "/run/ext-backup-crypt/$CRYPTNAME"
+ done
+}
+
+function pool_import {
+ echo "> zpool import -d /run/ext-backup-crypt -a"
+ zpool import -d /run/ext-backup-crypt -a
+
+ ZPOOLNAME="$(zpool list -H -o name|grep 'ext.*backup'|head -n1)"
+ if [ -z "$ZPOOLNAME" ]; then
+ echo "Error! Could not find pool!"
+ return 1
+ fi
+
+ echo "> Found: $ZPOOLNAME"
+}
+
+function pool_export {
+ echo "> zpool export $ZPOOLNAME"
+ for _ in $(seq 60); do
+ zpool export "$ZPOOLNAME" && break
+ sleep 1
+ done
+}
+
+function pool_setup {
+ zfs set mountpoint="/mnt/$ZPOOLNAME" "$ZPOOLNAME"
+ chmod 0700 "/mnt/$ZPOOLNAME"
+ zfs set compression=lz4 "$ZPOOLNAME"
+ zfs set devices=off "$ZPOOLNAME"
+ zfs set exec=off "$ZPOOLNAME"
+ zfs set setuid=off "$ZPOOLNAME"
+ zfs set xattr=sa "$ZPOOLNAME"
+ zfs set acltype=posixacl "$ZPOOLNAME"
+}
+
+function pool_maybe_scrub {
+ local now
+ local last_scrub
+ local last_scrub_days_ago
+ now="$(date +%s)"
+ last_scrub="$(zpool status "$ZPOOLNAME"|sed -nE 's/scan: scrub repaired.* on (.*)/\1/p')"
+ last_scrub_days_ago=$(((now - $(date --date="${last_scrub:-1970-01-01}" +%s)) / 86400))
+
+ if [ $last_scrub_days_ago -lt 7 ]; then
+ return
+ fi
+
+ echo "> zpool scrub $ZPOOLNAME"
+ zpool scrub "$ZPOOLNAME"
+
+ while zpool status "$ZPOOLNAME" | grep -q "scrub in progress"; do
+ echo -n .
+ sleep 60
+ done
+ echo " done"
+}
+
+function syncoidw {
+ echo "> syncoid $1"
+ syncoid "$@" --identifier "$ZPOOLNAME"
+}
+
+function snapshot_cleanup {
+ echo "> Cleaning snapshots"
+ sanoid --configdir=/etc/sanoid/ext-backup --verbose --prune-snapshots
+
+ zfs list -t snapshot -H -o name -r "$ZPOOLNAME" \
+ | grep -F @syncoid_ \
+ | grep -Fv "@syncoid_$ZPOOLNAME" \
+ | xargs -rn1 zfs destroy -v
+}
+
+function main {
+ zfs get all -s local -H > /root/zfs-props.txt
+ cryptsetup_open
+ pool_import
+ pool_setup
+ snapshot_sync
+ snapshot_cleanup
+ pool_maybe_scrub
+ pool_export
+ cryptsetup_close
+}