docker-compose.yml 1.1 KB

1234567891011121314151617181920212223242526272829303132333435
  1. version: '2'
  2. volumes:
  3. plain_data:
  4. encfs_password:
  5. sshd_host_keys:
  6. services:
  7. encfs:
  8. image: fphammerle/reverse-encfs:0.1.1-encfs1.9.5-amd64
  9. volumes:
  10. - plain_data:/plain/data:ro
  11. - encfs_password:/secret
  12. # Currently docker does not allow changing
  13. # the mount propagation setting for named volumes.
  14. # https://github.com/moby/moby/pull/17034#issuecomment-163361073
  15. # https://github.com/moby/moby/pull/17034/files#diff-6896c3d2994ef80758bb7e38c07eb76bR103
  16. # So we bind mount a host dir instead.
  17. - /mnt/encrypted:/encrypted:shared
  18. networks: []
  19. devices: [/dev/fuse]
  20. cap_add: [SYS_ADMIN]
  21. security_opt: ['apparmor:unconfined']
  22. rsync_sshd:
  23. image: fphammerle/rsync-sshd:0.1-amd64
  24. environment:
  25. USERS: alice
  26. volumes:
  27. - /mnt/encrypted:/data:slave,ro
  28. - sshd_host_keys:/etc/ssh/host_keys
  29. - ~/.ssh/authorized_keys:/home/alice/.ssh/authorized_keys:ro
  30. ports: ['127.0.0.1:2022:22']
  31. # rsync -av --rsh='ssh -p 2022' alice@localhost:/ encrypted
  32. # https://docs.docker.com/compose/compose-file/compose-file-v2/