added example: rsync-sshd/docker-compose.yml

README.md

@@ -110,3 +110,7 @@ due to https://github.com/moby/moby/issues/36472 .
 
 1. Adapt paths & recipient in [docker-compose.yml](docker-compose.yml)
 2. `docker-compose up`
+
+### Serve encrypted data via rsync ssh server
+
+See [examples/rsync-sshd](examples/rsync-sshd/docker-compose.yml)

docker-compose.yml

@@ -16,7 +16,7 @@ services:
     devices: [/dev/fuse]
     cap_add: [SYS_ADMIN]
     security_opt: ['apparmor:unconfined']
-    # TODO investigate why some output gets lost without allocating a tty
+    # TODO investigate why some output gets lost when not allocating a tty
     tty: true
 
 # https://docs.docker.com/compose/compose-file/compose-file-v2/

examples/rsync-sshd/docker-compose.yml

@@ -0,0 +1,29 @@
+version: '2'
+
+volumes:
+  plain_data:
+  sshd_host_keys:
+
+services:
+  rgpgfs:
+    image: fphammerle/rgpgfs
+    environment:
+      RECIPIENT: 1234567890ABCDEF1234567890ABCDEF12345678
+    volumes:
+    - plain_data:/plain:ro
+    # TODO replace host path with named volume
+    - /mnt/rgpgfs:/encrypted:shared
+    devices: [/dev/fuse]
+    cap_add: [SYS_ADMIN]
+    security_opt: ['apparmor:unconfined']
+    tty: true
+  rsync_sshd:
+    image: fphammerle/rsync-sshd:0.1-amd64
+    environment:
+      USERS: alice
+    volumes:
+    - /mnt/rgpgfs:/data/secrets:slave,ro
+    - sshd_host_keys:/etc/ssh/host_keys
+    - ~/.ssh/authorized_keys:/home/alice/.ssh/authorized_keys:ro
+    ports: ['127.0.0.1:2022:22']
+    # rsync -av --rsh='ssh -p 2022' alice@localhost:/secrets .