The short version: how can I keep an rsync backup on a truecrypt volume? The hard part is to mount/unmount this volume on the fly when it is needed for rsync.
Details
This is my current backup configuration (which works fairly well for the most part):
backup source is on Win7 64 bit, destination is a remote Linux box (Debian)
actual data transfer is done by rsync via ssh (cwRsync with cygwin)
rsync daemon is started on demand via ssh
On the Linux box the backup is protected by file permissions only. I want to increase security here and put the backup into a truecrypt volume. I can fuse-mount that volume manually in the shell. The question is now how can I make rsync not only open an ssh connection and starting the rsync daemon, but also to mount the truecrypt volume before (and unmount it after)?
My money is on option --rsync-path which can be used to pass a command line to ssh - provided that stdin and stdout still work the same. I guess that command would have to be a shell script. Is this possible, and what would the script look like?
For reference, here's a quote of that option:
--rsync-path=PROGRAM
Use this to specify what program is to be run on the remote machine to start-up rsync. Often used when rsync is not in the default remote-shell's path (e.g. --rsync-path=/usr/local/bin/rsync). Note that PROGRAM is run with the help of a shell, so it can be any program, script, or command sequence you'd care to run, so long as it does not corrupt the standard-in & standard-out that rsync is using to communicate.
One tricky example is to set a different default directory on the remote machine for use with the --relative option. For instance:
rsync -avR --rsync-path="cd /a/b && rsync" host:c/d /e/
This is the full rsync man page.
Truecrypt volume auto-mount
Solved! Turns out this option is actually key to auto-mounting the truecrypt volume on the remote side. The following command line does the trick (one line!):
rsync $options -e "ssh -p $port -i ../.ssh/id_dsa"
--rsync-path="/usr/local/bin/truecrypt -d
&& /usr/local/bin/truecrypt --fs-options=rw,sync,utf8,uid=$UID,umask=0007
--non-interactive -p $password $pathToVolume
$remoteMountDir
&& rsync"
$localSourceDir $user:$remoteMountMountDir
Truecrypt volume auto-dismount
Still open: how can I unmount the volume when rsync is done?
Not sure if the following makes sense to anyone but I give it a try...
Right now I am unmounting (truecrypt -d), then mounting again, then continuing with rsync. At this time rsync needs to do its thing but I dont know when its done. Adding ... rsync && truecrypt -d to the command line does not work because then the rsync daemon does not start. This is because rsync starts the daemon with parameter --server on the remote side and that parameter would go to the final truecrypt -d.
