Перейти к содержанию

▍Rsyncd

Rsyncd

Настройка бекапов на основе Rsyncd

Сборка Rsyncd

Файл Dockerfile для сборки контейнера с сервером Rsyncd:

Dockerfile
FROM alpine
RUN apk add --no-cache rsync bash tzdata

ADD docker-entrypoint.sh /
RUN chmod +x /docker-entrypoint.sh
RUN mkdir -p /docker-entrypoint.d

ENV TZ="Europe/Moscow" \
    LANG="C.UTF-8"

EXPOSE 873
ENTRYPOINT [ "/docker-entrypoint.sh" ]

CMD [ "/usr/bin/rsync", "--no-detach", "--daemon", "--log-file=/dev/stdout" ]

Содержимое файла docker-entrypoint.sh:

docker-entrypoint.sh
#!/bin/bash
set -e

# Allow to run complementary processes or to enter the container without
# running this init script.
if [ "$1" == '/usr/bin/rsync' ]; then

  # Ensure time is in sync with host
  # see https://wiki.alpinelinux.org/wiki/Setting_the_timezone
  if [ -n ${TZ} ] && [ -f /usr/share/zoneinfo/${TZ} ]; then
    ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime
    echo ${TZ} > /etc/timezone
  fi

  # Defaults
  VOLUME_PATH=${VOLUME_PATH:-/docker}
  HOSTS_ALLOW=${HOSTS_ALLOW:-0.0.0.0/0}
  READ_ONLY=${READ_ONLY:-false}
  CHROOT=${CHROOT:-no}
  VOLUME_NAME=${VOLUME_NAME:-volume}
  USERNAME=${USERNAME:-rsyncuser}

  # Ensure VOLUME PATH exists
  if [ ! -e $VOLUME_PATH ]; then
    mkdir -p /$VOLUME_PATH
  fi

  # Grab UID of owner of the volume directory
  if [ -z $OWNER_ID ]; then
    OWNER_ID=$(stat -c '%u' $VOLUME_PATH)
  else
    echo "OWNER_ID is set forced to: $OWNER_ID"
  fi
  if [ -z $GROUP_ID ]; then
    GROUP_ID=$(stat -c '%g' $VOLUME_PATH)
  else
    echo "GROUP_ID is set forced to: $GROUP_ID"
  fi

  # Generate password file
  if [ ! -z $PASSWORD ]; then
    echo "$USERNAME:$PASSWORD" >  /etc/rsyncd.secrets
    chmod 600 /etc/rsyncd.secrets
  fi

  # Generate configuration
cat <<EOF > /etc/rsyncd.conf
pid file = /var/run/rsyncd.pid

uid = ${OWNER_ID}
gid = ${GROUP_ID}
use chroot = ${CHROOT}
reverse lookup = no
[${VOLUME_NAME}]
    hosts deny = *
    hosts allow = ${HOSTS_ALLOW}
    read only = ${READ_ONLY}
    path = ${VOLUME_PATH}
    auth users = , ${USERNAME}:rw
    secrets file = /etc/rsyncd.secrets
    timeout = 600
    transfer logging = true
EOF

  # Check if a script is available in /docker-entrypoint.d and source it
  # You can use it for example to create additional sftp users
  for f in /docker-entrypoint.d/*; do
    case "$f" in
      *.sh)  echo "$0: running $f"; . "$f" ;;
      *)     echo "$0: ignoring $f" ;;
    esac
  done

fi

exec "$@"

Compose для Rsyncd

version: '3.3'

services:
   rsyncd:
        image: rsyncd
        build: ./build
        container_name: rsyncd
        restart: always
        environment:
          - USERNAME=username
          - PASSWORD=passwd
          - VOLUME_PATH=/data
          - VOLUME_NAME=data
          - HOSTS_ALLOW=0.0.0.0/0
        volumes:
          - /mnt/backup:/data
        ports:
          - 873:873

Запуск синхронизации с Rsyncd

$ rsync -av /your/folder/ rsync://[email protected]/data
Password: 
sending incremental file list
./
...
К началу