diff --git a/Dockerfile b/Dockerfile index 63e036d..6fd5624 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,3 +2,8 @@ FROM alpine:3.3 MAINTAINER "EEA: IDM2 A-Team" RUN apk add --no-cache --virtual .run-deps rsync openssh +COPY docker-entrypoint.sh / + +VOLUME /root +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["sh"] diff --git a/Readme.md b/Readme.md index 9cd5a0f..a02f439 100644 --- a/Readme.md +++ b/Readme.md @@ -1,8 +1,49 @@ # Simple rsync container based on alpine -A simple rsync Docker image to easily rsync data within Docker volumes +A simple rsync server/client Docker image to easily rsync data within Docker volumes -## Usage +## Simple Usage - $ docker run -it --rm -v blobstorage:/data/ eeacms/rsync \ - rsync user@remote.server.domain.or.ip:/var/local/blobs/ /data/ +Get files from remote server within a `docker volume`: + + $ docker run --rm -v blobstorage:/data/ eeacms/rsync \ + rsync -avz user@remote.server.domain.or.ip:/var/local/blobs/ /data/ + +Get files from `remote server` to a `data container`: + + $ docker run -d --name data -v /data busybox + $ docker run --rm --volumes-from=data eeacms/rsync \ + rsync -avz user@remote.server.domain.or.ip:/var/local/blobs/ /data/ + +## Advanced Usage + +### Client setup + +Start client to sync every night at 3AM: + + $ docker run --name=rsync_client -v client_vol_to_sync:/data \ + -e CRON_TASK="0 3 * * * rsync -e 'ssh -p 2222 -o StrictHostKeyChecking=no' -avz root@foo.bar.com:/data/ /data/" \ + eeacms/rsync client + +Copy the client SSH public key printed found in console + +### Server setup + +Start server on `foo.bar.com` + + # docker run --name=rsync_server -d -p 2222:22 -v server_vol_to_sync:/data \ + -e SSH_AUTH_KEY="" \ + eeacms/rsync server + +### Verify that it works + +Add `test` file on server: + + $ docker exec -it rsync_server sh + $ touch /data/test + +Bring the `file` on client: + + $ docker exec -it rsync_client sh + $ rsync -e 'ssh -p 2222 -o StrictHostKeyChecking=no' -avz root@foo.bar.com:/data/ /data/ + $ ls -l /data/ diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100755 index 0000000..5749260 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,68 @@ +#!/bin/sh + +################################################################################ +# INIT +################################################################################ + +# Provide SSH AUTHORIZED KEY via environment variable +if [ ! -z "$SSH_AUTH_KEY" ]; then + mkdir -p /root/.ssh + echo "$SSH_AUTH_KEY" > /root/.ssh/authorized_keys + chmod go-rwx /root/.ssh/authorized_keys + sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config +fi + +# Provide CRON_TASK via environment variable +if [ ! -z "$CRON_TASK" ]; then + echo "$CRON_TASK" > /etc/crontabs/root + echo "root" > /etc/crontabs/cron.update +fi + +# Generate host SSH keys +if [ ! -e /etc/ssh/ssh_host_rsa_key.pub ]; then + ssh-keygen -A +fi + +# Generate root SSH key +if [ ! -e /root/.ssh/id_rsa.pub ]; then + ssh-keygen -q -N "" -f /root/.ssh/id_rsa +fi + +################################################################################ +# START as SERVER +################################################################################ + +if [ "$1" == "server" ]; then + AUTH=`cat /root/.ssh/authorized_keys` + if [ -z "$AUTH" ]; then + echo "==================================================================================" + echo "ERROR: No SSH_AUTH_KEY provided, you'll not be able to connect to this container. " + echo "==================================================================================" + exit 1 + fi + + SSH_PARAMS="-D -e -p ${SSH_PORT:-22} $SSH_PARAMS" + echo "================================================================================" + echo "Running: /usr/sbin/sshd $SSH_PARAMS " + echo "================================================================================" + + exec /usr/sbin/sshd -D $SSH_PARAMS +fi + +echo "Please add this ssh key to your server /home/user/.ssh/authorized_keys " +echo "================================================================================" +echo "`cat /root/.ssh/id_rsa.pub`" +echo "================================================================================" + +################################################################################ +# START as CLIENT via crontab +################################################################################ + +if [ "$1" == "client" ]; then + exec /usr/sbin/crond -f +fi + +################################################################################ +# Anything else +################################################################################ +exec "$@"