5 Simple tracking of remote files in central git repository
6 with only shell, netcat, rsync and ssh on client
8 Start server, install on remote-host or upgrade with:
10 ./bak-git-server.pl /path/to/backup 192.168.42.42
11 [--install remote-host]
14 C<rsync> traffic is always transfered over ssh, but C<diff> or C<ch> can
15 still leak sensitive information if C<bak> shell client connects directly
18 Add following line to C<~/.ssh/config> under C<Host> for which you want encrypted
19 controll channel (or to pass through server ssh hops using C<ProxyCommand>)
21 RemoteForward 9001 192.168.42.42:9001
26 bak commit [/path [message]]
27 bak diff [host:][/path]
33 bak revert [host:]/path
37 bak - push all changed files to server
39 See L<http://blog.rot13.org/bak-git> for more information
54 'upgrade!' => \$upgrade,
55 'install=s' => \$install,
58 my ( $dir, $server_ip ) = @ARGV;
59 die "usage: $0 /backup/directory 127.0.0.1\n" unless $dir;
60 $server_ip ||= '127.0.0.1';
64 open(my $ssh_fd, '<', "$ENV{HOME}/.ssh/config");
68 next unless length($_) > 0;
71 if ( /^Host\s+(.+)/i ) {
73 } elsif ( /^\s+(\S+)\s+(.+)/ ) {
74 $ssh_tunnel->{$host}++ if lc($1) eq 'remoteforward' && $2 =~ m/9001/;
81 my ( $hostname ) = @_;
82 my $path = '/tmp/bak';
83 my $server = $server_ip;
84 $server = '127.0.0.1' if $ssh_tunnel->{$hostname};
85 warn "# ssh_client $hostname $server";
86 open(my $fh, '>', $path);
87 print $fh "#!/bin/sh\n";
88 print $fh "echo \$USER/\$SUDO_USER $hostname `pwd` \$* | nc $server 9001\n";
95 system 'git init' unless -e '.git';
97 if ( $upgrade || $install ) {
99 my @hosts = grep { -d $_ } glob '*';
100 @hosts = ( $install ) if $install;
102 foreach my $hostname ( @hosts ) {
103 warn "install on $hostname\n";
104 system 'ssh-copy-id', "root\@$hostname" if ! -d $hostname;
105 my $path = shell_client( $hostname );
106 system "scp $path root\@$hostname:/usr/local/bin/";
107 system "ssh root\@$hostname apt-get install -y rsync";
110 my $ssh = $ENV{SSH} || 'ssh';
111 warn "# start $ssh tunnels...";
112 foreach my $host ( keys %$ssh_tunnel ) {
114 open( $ssh_tunnel->{$host}, '-|', "$ssh -N root\@$host &" ) or die $!;
118 my $server = IO::Socket::INET->new(
120 LocalAddr => $server_ip,
127 warn "dir: $dir listen: $server_ip:9001\n";
130 warn "# rsync ",join(' ', @_), "\n";
135 my $hostname = shift;
136 system "find $hostname -type f | sed 's,$hostname,,' > /tmp/$hostname.list";
138 open(my $files, '>>', "/tmp/$hostname.list");
139 print $files "$_\n" foreach @_;
142 rsync split / /, "-avv --files-from /tmp/$hostname.list root\@$hostname:/ $hostname/";
145 while (my $client = $server->accept()) {
146 my $line = <$client>;
149 my ($user,$hostname,$pwd,$command,$rel_path,$message) = split(/\s+/,$line,6);
150 $hostname =~ s/\..+$//;
153 if ( $rel_path =~ s/^([^:]+):(.+)$/$2/ ) {
157 print $client "host $1 doesn't exist in backup\n";
161 my $path = $rel_path =~ m{^/} ? $rel_path : "$pwd/$rel_path";
163 warn "$hostname [$command] $on_host:$path | $message\n";
165 my $args_message = $message;
167 $message ||= "$path [$command]";
168 $message = "$hostname: $message";
171 $dir =~ s{/[^/]+$}{};
173 my $backup_path = -e "$hostname/$path" ? "$hostname/$path" : $hostname;
176 my $args = join(' ',@_);
177 warn "# git $args\n";
178 my $out = `git $args`;
179 warn "$out\n# [", length($out), " bytes]\n" if defined $out;
184 pull_changes $hostname;
185 } elsif ( $command eq 'add' ) {
186 mkpath "$hostname/$dir" unless -e "$hostname/$dir";
188 rsync( '-avv', "root\@$hostname:$path", "$hostname/$path" );
189 print $client git 'add', "$hostname/$path";
191 $args_message =~ s/^(.+)\b// || last;
195 } elsif ( $command eq 'commit' ) {
196 pull_changes $hostname;
197 $message =~ s/'/\\'/g;
199 print $client git( "commit -m '$message' --author '$user <$hostname>' $backup_path" );
200 } elsif ( $command =~ m{(diff|status|log|ch)} ) {
201 $command .= ' --stat' if $command eq 'log';
202 $command = 'log --patch-with-stat' if $command =~ m/^ch/;
203 pull_changes( $hostname ) if $command eq 'diff';
205 mkpath $_ foreach grep { ! -e $_ } ( "$hostname/$dir", "$on_host/$dir" );
206 rsync( '-avv', "root\@$hostname:$path", "$hostname/$path" );
207 rsync( '-avv', "root\@$on_host:$path", "$on_host/$path" );
208 open(my $diff, '-|', "diff -Nuw $hostname$path $on_host$path");
213 # commands without path will show host-wide status/changes
214 my $backup_path = $path ? "$hostname/$path" : "$hostname/";
215 # hostname must end with / to prevent error from git:
216 # ambiguous argument 'arh-hw': both revision and filename
217 # to support branches named as hosts
218 print $client git($command, $backup_path);
220 } elsif ( $command eq 'revert' ) {
222 rsync( '-avv', "$on_host/$path", "root\@$hostname:$path" );
224 print $client git "checkout -- $hostname/$path";
225 rsync( '-avv', "$hostname/$path", "root\@$hostname:$path" );
227 } elsif ( $command eq 'cat' ) {
228 my $file_path = ( $on_host ? $on_host : $hostname ) . "/$path";
229 open(my $file, '<', $file_path) || warn "ERROR $file_path: $!";
234 } elsif ( $command eq 'ls' ) {
235 print $client `ls $backup_path`;
236 } elsif ( $command eq 'show' ) {
237 print $client `git show`;
239 print $client "Unknown command: $command\n";