Following up on I modified the content of 'secret' in $CONFIG, is it possible to recover from here? - #2 by nicoco , I’d like to use my backup to recover just the config.php file.
I have my backup key (exported from the backup app web ui), and a 00001-xxxx which I believe correspond to my config.php. How do I decrypt and uncompress these files? My attempt so far have been unsuccessful: openssl enc -d -aes-256-cbc -in 00001-sLydKIlOWWn1cRr -k 'MY_KEY'. Skimming through the backup app code, it seems that aes-256-gcm is the cipher actually used, so I am now trying to find how I can use that. Am I on the right track? Thanks for any help.
EDIT: I managed to decrypt settings.asc, so I know have the aes-256-gcm and aes-256-gcm-nonce I suppose I have to use to decrypt that config.php file which is probably in that 00001-xxxx file… But I’m not there yet…
EDIT2: I think I’m almost there, but I’m failing to understand what AAD I should use to decrypt the file. In the php code it’s here, I’m still investigating… https://github.com/nextcloud/backup/blob/master/lib/Service/PackService.php#L841
EDIT3: pfffeew I did it. I will try to make a blog post + a script with the full process, because nothing was obvious to me, others might find it useful.