20170408/UGR Project

From charlesreid1

Revision as of 22:27, 8 April 2017 by Admin (talk | contribs)

Current status: FIXING STUNNEL CONTAINER.

  • Each time I try and replicate this pipeline, a different piece goes wrong.
  • This time, it's been the rsync stunnel container's secure communications port, 273, not opening up between host/container.
  • This is why we need Docker - *so* much bullshit involved in configuring Linux networking services. It isn't the technical complexity that's bullshit, it's the bazillion tiny switches that must be aligned just-so, but aren't explicitly documented, or are documented, but somewhere in a 473-page document.

Okay, here is the status of getting ssh and rsync up and working over rsync.

ssh over stunnel: works ok.

  • Client is pi on dropbear, connected directly to router which is connected to internet
  • Client can run stunnel, local port 2222 open
  • Server can run stunnel, port 443 open
  • Able to connect the stunnel client and server just fine

rsync over stunnel:

  • Client is pi on dropbear, connected directly to router which is connected to internet
  • Client can run 2nd instance of stunnel, local port 873 open

(Previously, we were not seeing the stunnel port opening. Turned out this was because there was no local rsync server listening on port 873, so stunnel had no service to connect to.)

rsync on the server:

  • rsync is running on the host machine, not in a docker. (Next steps.)
  • To start rsync service, use sudo service rsync start
  • Note that rsync will NOT print out error messages, it will fail silently. Check its status to ensure it is running via systemctl status rsync.service
  • Once it is running, your rysnc server instance should be ready and waiting for input

stunnel on the server:

  • stunnel is running via docker
  • The rsync service must be ready on port 873 when docker stunnel starts, or the connection will not be made
  • Ensure external port 273 is open with nmap localhost

Note: can also run multiple instances of stunnel - one for each port. Thus, can forward port 2222 to remote server ssh service, and forward port 873 to remote server rsync service, by using two instances of stunnel using two external ports. I'm using one instance of stunnel to forward local port 2222 to external port 443, and a second instance of stunnel to forward local port 873 to external port 273.

Retrieved from "https://charlesreid1.com/w/index.php?title=20170408/UGR_Project&oldid=16045"