rgpgfs/examples/rsync-sshd/docker-compose.yml

version: '2'

volumes:
  plain_data:
  sshd_host_keys:

services:
  rgpgfs:
    image: fphammerle/rgpgfs
    environment:
      RECIPIENT: 1234567890ABCDEF1234567890ABCDEF12345678
    volumes:
    - plain_data:/plain:ro
    # TODO replace host path with named volume
    - /mnt/rgpgfs:/encrypted:shared
    devices: [/dev/fuse]
    cap_add: [SYS_ADMIN]
    security_opt: ['apparmor:unconfined']
    tty: true
  rsync_sshd:
    image: fphammerle/rsync-sshd:0.1-amd64
    environment:
      USERS: alice
    volumes:
    - /mnt/rgpgfs:/data/secrets:slave,ro
    - sshd_host_keys:/etc/ssh/host_keys
    - ~/.ssh/authorized_keys:/home/alice/.ssh/authorized_keys:ro
    ports: ['127.0.0.1:2022:22']
    # rsync -av --rsh='ssh -p 2022' alice@localhost:/secrets .