41 lines
1.3 KiB
Plaintext
Executable File
41 lines
1.3 KiB
Plaintext
Executable File
#!/usr/bin/env nix-shell
|
|
#!nix-shell -i bash -p bash -p nettools -p openssh -p rsync -p sane-scripts.vpn
|
|
|
|
# rsync password auth doesn't work with rsync.net.
|
|
# ssh keyfile auth *does* work, so i use that.
|
|
# for setup, see: <https://www.rsync.net/resources/howto/ssh_keys.html>
|
|
# - requires my pubkey to be copied to .ssh/authorized_keys on the remote.
|
|
|
|
set -xeu
|
|
|
|
# secret should include RN_USER
|
|
source /run/secrets/rsync-net-env
|
|
RN_ID=/run/secrets/rsync-net-id_ed25519
|
|
PREFIX=$(hostname)
|
|
|
|
test -n "$PREFIX" && test -n "$RN_USER" && test -f "$RN_ID"
|
|
|
|
rc=
|
|
for dir in "$@"; do
|
|
if [[ "$dir" != */ ]]; then
|
|
dir="$dir/"
|
|
fi
|
|
remote_dir="$RN_USER@$RN_USER.rsync.net:$PREFIX$dir"
|
|
|
|
now=$(date '+%s')
|
|
echo "syncing '$dir' to '$remote_dir'"
|
|
echo "$now" > "$dir"/zzz-rsync-net/last-attempted
|
|
# N.B.: manual flags instead of `-a -> -rlptgoD` because device files have a max path length which is too restricted
|
|
# TODO: add `sane-vpn do unmetered --`, after fixing pasta/sane-vpn to preserve capabilities + not create a new user namespace unconditionally.
|
|
# until then, don't run over cellular!
|
|
if rsync --exclude="$RN_ID" -e "ssh -i $RN_ID" --mkpath -rlptgov --delete "$dir" "$remote_dir"; then
|
|
echo "$now" > "$dir"/zzz-rsync-net/last-completed
|
|
rc=0$rc
|
|
else
|
|
rc=1
|
|
echo "FAILED TO BACKUP $dir"
|
|
fi
|
|
done
|
|
|
|
test -n "$rc" && exit $rc
|