This commit is contained in:
parent
2e1770e931
commit
47c3a14269
GPG Key ID:
0FCCD13AE1CF7ED8
30
.drone.yml
Normal file
30
.drone.yml
Normal file
@ -0,0 +1,30 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: docker-build
|
||||
|
||||
steps:
|
||||
|
||||
- name: docker
|
||||
image: plugins/docker
|
||||
settings:
|
||||
registry: c8n.io
|
||||
repo: c8n.io/simonburblecom/rsync
|
||||
username:
|
||||
from_secret: DOCKER_USER
|
||||
password:
|
||||
from_secret: DOCKER_PW
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: DOCKER_USER
|
||||
get:
|
||||
path: burble.dn42/kv/data/drone/docker
|
||||
name: username
|
||||
|
||||
---
|
||||
kind: secret
|
||||
name: DOCKER_PW
|
||||
get:
|
||||
path: burble.dn42/kv/data/drone/docker
|
||||
name: password
|
||||
5
Dockerfile
Normal file
5
Dockerfile
Normal file
@ -0,0 +1,5 @@
|
||||
FROM alpine
|
||||
RUN apk add --update bash jq openssh-client rsync && rm -rf /var/cache/apk/*
|
||||
ADD rsync.sh /rsync.sh
|
||||
ENTRYPOINT [ '/rsync.sh' ]
|
||||
|
||||
@ -1,2 +1,7 @@
|
||||
# docker-rsync
|
||||
|
||||
[](https://ci.burble.dn42/burble.dn42/docker-rsync)
|
||||
|
||||
burble.dn42 specific docker image to rsync application data to a host
|
||||
|
||||
|
||||
|
||||
78
rsync.sh
Executable file
78
rsync.sh
Executable file
@ -0,0 +1,78 @@
|
||||
#!/bin/bash
|
||||
##########################################################################
|
||||
|
||||
tdir=''
|
||||
|
||||
function cleanup {
|
||||
if [ -n "$tdir" -a -d "$tdir" ]
|
||||
then
|
||||
rm -rf "$tdir"
|
||||
fi
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
##########################################################################
|
||||
# figure out args
|
||||
|
||||
rsync_hosts=( ${1//,/ } )
|
||||
rsync_src="$2"
|
||||
rsync_dst="$3"
|
||||
|
||||
if [ -z "$rsync_dst" ]
|
||||
then
|
||||
echo "Usage: $0 <hosts> <src> <dst>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
opts='-av'
|
||||
extra_args=''
|
||||
|
||||
if [ -n "$RSYNC_CHOWN" ]
|
||||
then
|
||||
opts+='og'
|
||||
extra_args+=" --chown ${RSYNC_CHOWN}"
|
||||
fi
|
||||
|
||||
if [ -n "$RSYNC_CHMOD" ]
|
||||
then
|
||||
opts+='p'
|
||||
extra_args+=" --chmod=${RSYNC_CHMOD}"
|
||||
fi
|
||||
|
||||
##########################################################################
|
||||
# generate a temporary key
|
||||
|
||||
tdir=$(mktemp -d rsync.XXXXXX)
|
||||
key="${tdir}/rsync"
|
||||
ssh-keygen -t ed25519 -a 100 -N '' -f "$key"
|
||||
pubkey=$(cat "${key}.pub")
|
||||
|
||||
url='https://vault.burble.dn42/v1/'
|
||||
url+='burble.dn42/ssh/user/sign/rsync'
|
||||
|
||||
json="{\"public_key\":\"${pubkey}\"}"
|
||||
|
||||
wget -O- -q --header "X-Vault-Token: ${VAULT_TOKEN}" \
|
||||
--post-data="$json" "$url" \
|
||||
| jq -r .data.signed_key > "${key}-cert.pub"
|
||||
if [ ! -s "${key}-cert.pub" ]
|
||||
then
|
||||
echo "Failed to sign ssh key"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
##########################################################################
|
||||
# do the rsync thing
|
||||
|
||||
echo "Copying: $rsync_src -> $rsync_dst"
|
||||
echo "Options: $opts $extra_args"
|
||||
|
||||
for host in "${rsync_hosts[@]}"
|
||||
do
|
||||
echo "Syncing to host: $host"
|
||||
rsync $opts --delete -e "ssh -i '${key}'" $extra_args \
|
||||
"$rsync_src" "root@${host}:${rsync_dst}"
|
||||
done
|
||||
|
||||
##########################################################################
|
||||
# end of file
|
||||
Loading…
x
Reference in New Issue
Block a user