vendor/k8s.io/kubernetes/build/build-image/rsyncd.sh - cloudstack-kubernetes-provider - Git at Google

 #!/usr/bin/env bash

 # Copyright 2016 The Kubernetes Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 # This script will set up and run rsyncd to allow data to move into and out of
 # our dockerized build system.  This is used for syncing sources and changes of
 # sources into the docker-build-container.  It is also used to transfer built binaries
 # and generated files back out.
 #
 # When run as root (rare) it'll preserve the file ids as sent from the client.
 # Usually it'll be run as non-dockerized UID/GID and end up translating all file
 # ownership to that.


 set -o errexit
 set -o nounset
 set -o pipefail

 # The directory that gets sync'd
 VOLUME=${HOME}

 # Assume that this is running in Docker on a bridge.  Allow connections from
 # anything on the local subnet.
 ALLOW=$(ip route | awk  '/^default via/ { reg = "^[0-9./]+ dev "$5 } ; $0 ~ reg { print $1 }')

 CONFDIR="/tmp/rsync.k8s"
 PIDFILE="${CONFDIR}/rsyncd.pid"
 CONFFILE="${CONFDIR}/rsyncd.conf"
 SECRETS="${CONFDIR}/rsyncd.secrets"

 mkdir -p "${CONFDIR}"

 if [[ -f "${PIDFILE}" ]]; then
   PID=$(cat "${PIDFILE}")
   echo "Cleaning up old PID file: ${PIDFILE}"
   kill $PID &> /dev/null || true
   rm "${PIDFILE}"
 fi

 PASSWORD=$(</rsyncd.password)

 cat <<EOF >"${SECRETS}"
 k8s:${PASSWORD}
 EOF
 chmod go= "${SECRETS}"

 USER_CONFIG=
 if [[ "$(id -u)" == "0" ]]; then
   USER_CONFIG="  uid = 0"$'\n'"  gid = 0"
 fi

 cat <<EOF >"${CONFFILE}"
 pid file = ${PIDFILE}
 use chroot = no
 log file = /dev/stdout
 reverse lookup = no
 munge symlinks = no
 port = 8730
 [k8s]
   numeric ids = true
   $USER_CONFIG
   hosts deny = *
   hosts allow = ${ALLOW} ${ALLOW_HOST-}
   auth users = k8s
   secrets file = ${SECRETS}
   read only = false
   path = ${VOLUME}
   filter = - /.make/ - /_tmp/
 EOF

 exec /usr/bin/rsync --no-detach --daemon --config="${CONFFILE}" "$@"
	#!/usr/bin/env bash

	# Copyright 2016 The Kubernetes Authors.
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# This script will set up and run rsyncd to allow data to move into and out of
	# our dockerized build system. This is used for syncing sources and changes of
	# sources into the docker-build-container. It is also used to transfer built binaries
	# and generated files back out.
	#
	# When run as root (rare) it'll preserve the file ids as sent from the client.
	# Usually it'll be run as non-dockerized UID/GID and end up translating all file
	# ownership to that.


	set -o errexit
	set -o nounset
	set -o pipefail

	# The directory that gets sync'd
	VOLUME=${HOME}

	# Assume that this is running in Docker on a bridge. Allow connections from
	# anything on the local subnet.
	ALLOW=$(ip route \| awk '/^default via/ { reg = "^[0-9./]+ dev "$5 } ; $0 ~ reg { print $1 }')

	CONFDIR="/tmp/rsync.k8s"
	PIDFILE="${CONFDIR}/rsyncd.pid"
	CONFFILE="${CONFDIR}/rsyncd.conf"
	SECRETS="${CONFDIR}/rsyncd.secrets"

	mkdir -p "${CONFDIR}"

	if [[ -f "${PIDFILE}" ]]; then
	PID=$(cat "${PIDFILE}")
	echo "Cleaning up old PID file: ${PIDFILE}"
	kill $PID &> /dev/null \|\| true
	rm "${PIDFILE}"
	fi

	PASSWORD=$(</rsyncd.password)

	cat <<EOF >"${SECRETS}"
	k8s:${PASSWORD}
	EOF
	chmod go= "${SECRETS}"

	USER_CONFIG=
	if [[ "$(id -u)" == "0" ]]; then
	USER_CONFIG=" uid = 0"$'\n'" gid = 0"
	fi

	cat <<EOF >"${CONFFILE}"
	pid file = ${PIDFILE}
	use chroot = no
	log file = /dev/stdout
	reverse lookup = no
	munge symlinks = no
	port = 8730
	[k8s]
	numeric ids = true
	$USER_CONFIG
	hosts deny = *
	hosts allow = ${ALLOW} ${ALLOW_HOST-}
	auth users = k8s
	secrets file = ${SECRETS}
	read only = false
	path = ${VOLUME}
	filter = - /.make/ - /_tmp/
	EOF

	exec /usr/bin/rsync --no-detach --daemon --config="${CONFFILE}" "$@"