Name Mode Size
.gitignore 100644 0 kb
README.data-from.md 100644 1 kb
_new_cron.sh 100755 1 kb
cron.sh.sample 100644 0 kb
data-from.real.sh 100755 0 kb
data-from.setup.sh 100755 1 kb
data-from.sh 100755 0 kb
fediverse.sh 100755 0 kb
letsencrypt.sh 100755 0 kb
letsencrypt_check.sh 100755 0 kb
push-ext.sh 100755 0 kb
test.sh 100755 0 kb
README.data-from.md
# data-from.sh Pulls data from a remote cron2rss host. Syncs the remote data directory to `data-$source` and places links to the task into the `data` folder as `$task-$source`. Assumptions: - this repo is in ~/cron/ - cron2rss on remote host is at ~/cron2rss/ To limit the risk of host-hopping if one host is hacked, we use a ssh key that is limited to `rsync`ing the data files from the remote host. Set this up like written in [Restricting SSH Access to `rsync`](https://www.guyrutenberg.com/2014/01/14/restricting-ssh-access-to-rsync/): # generated a ssh key ssh-keygen -f ~/.ssh/cron2rss-copy_data -C "cron2rss copy data" # copy key to remote host scp ~/.ssh/cron2rss-copy_data.pub user@source:.ssh/ # continue on remote host ssh user@source # set up rrsync on remote host cp /usr/share/doc/rsync-*/support/rrsync ~/bin/ # CentOS # add restricted ssh key to authorized_keys cat <(echo -n 'command="$HOME/bin/rrsync -ro ~/cron2rss/",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ') \ ~/.ssh/cron2rss-copy_data.pub # go back to pulling host exit You now can use `@hourly ~/cron/data-from.sh user@source`. Add it to your crontab using `./_new_cron.sh data-from user@source`.