NAME
WE_Frontend::Publish::Rsync - publish files via the rsync protocol
SYNOPSIS
use WE_Frontend::Main2;
use WEsiteinfo qw($c);
$c->staging->transport("rsync");
$main->publish;DESCRIPTION
TUTORIAL FOR RSYNC SETUP
(See also "Update" section below)
First make sure that both sides have rsync installed. Please use version 2.5.1 or better, because there are deadlock problems with older versions. Then SSH authentification should be setup. Do the following:
Create a SSH public key for the local (source) side. If the CGI scripts are running under a special www user (such as
wwwrunon Linux SuSE systems), you have first to create a home directory for this user or let the CGI scripts run under another user.If you do not know the uid for CGI scripts, then create this tiny script and run it as an CGI:
#!/usr/bin/env perl use CGI qw(:standard); print header, join(",", getpwuid($>));The user id should be the third entry, the home directory the eighth entry.
Assuming you want to create a home directory for
wwwrun(this may be insecure!), you have to do following (all as superuser):- mkdir /home/wwwrun
- vipw
- replace the old home directory for
wwwrunwith/home/wwwrun - make sure that the user has a valid shell
- quit vipw
Now change to the
wwwuseruser by typingsu wwwuserand generate a ssh private/public key pair:
You should see the public key on the screen.
This public key should be made accessible on the remote side. Switch to another virtual terminal or xterm, login to the remote side as the remote user and do following:
That is it! Now check whether the connection works. As wwwuser, type the following:
ssh -v -l remoteuser remotehostThe first time, you will get a message whether to accept the host. Accept, and then you should be automatically logged in without prompting for a password. If not, read carefully the messages. Most likely there is a permission problem on the local or remote side. Make sure that permissions are as tight as possible for the files in .ssh, and the .ssh and home directories itself.
To check whether rsync works, do the following from the local side:
rsync -Pv some_file remoteuser@remotehost:Now some_file should be copied to the remote side without prompting for a password. If you have an old rsync, you have to add -e ssh to the options (but better upgrade). If you redo the operation, the copy should be done much faster, because they are no changes to be transferred.
WEsiteinfo.pm SETUP
The staging object of WEsiteinfo.pm should be set as follows:
$staging->transport("rsync");
$staging->user("remoteuser");
# $staging->password; # not needed
$staging->host("remotehost");
$staging->directory("subdirectory_on_remote"); # this may be empty for the home directory
$staging->stagingext({deleteold => 0}); # set to true if old remote files should be deleted (dangerous!)Update
(This is not sufficiently tested)
There's no need to create a home directory for the apache user. Just create a private/public key pair:
ssh-keygen -N "" -b 1024 -t dsa -f /tmp/id_dsaand then
mv /tmp/id_dsa .../webeditor/etc/id_dsa(make sure that the etc directory is NOT web accessible)
and add id_dsa.pub to ~/.ssh/authorized_keys of the rsync/ssh user on the remove side. In the WEsiteinfo.pm configuration the liversakey and liveuser config params has to be set:
$staging->liveuser("remoteuser");
$staging->liversakey(".../webeditor/etc/id_dsa");HISTORY
Version 1.7 does not exclude .htaccess files anymore. Please use stagingexcept instead.
AUTHOR
Slaven Rezic - slaven@rezic.de