29 lines
1.0 KiB
Plaintext
Executable File
29 lines
1.0 KiB
Plaintext
Executable File
#!/usr/bin/env nix-shell
|
|
#!nix-shell -i bash -p bash -p nettools -p openssh -p rsync -p sane-scripts.vpn -p sanebox
|
|
|
|
# rsync password auth doesn't work with rsync.net.
|
|
# ssh keyfile auth *does* work, so i use that.
|
|
# for setup, see: <https://www.rsync.net/resources/howto/ssh_keys.html>
|
|
# - requires my pubkey to be copied to .ssh/authorized_keys on the remote.
|
|
|
|
set -x
|
|
|
|
# secret should include RN_USER
|
|
source /run/secrets/rsync-net-env
|
|
RN_ID=/run/secrets/rsync-net-id_ed25519
|
|
PREFIX=$(hostname)
|
|
|
|
test -n "$PREFIX" && test -n "$RN_USER" && test -f "$RN_ID"
|
|
|
|
for dir in "$@"; do
|
|
if [[ "$dir" != */ ]]; then
|
|
dir="$dir/"
|
|
fi
|
|
remote_dir="$RN_USER@$RN_USER.rsync.net:$PREFIX$dir"
|
|
|
|
echo "syncing '$dir' to '$remote_dir'"
|
|
# N.B.: the `--exclude=$RN_ID` flag is a noop to get the ID file to be included in the sandbox...
|
|
# N.B.: manual flags instead of `-a -> -rlptgoD` because device files have a max path length which is too restricted
|
|
sane-vpn do unmetered rsync --exclude="$RN_ID" -e "ssh -i $RN_ID" --mkpath -rlptgov --delete "$dir" "$remote_dir"
|
|
done
|