I have been running rclone on a digital ocean instance for a very long time to transfer files from one webdav server to another. Now I do more and more in gitlab runners (including syncing mails).
Now I was wondering if it's easy to put a rclone config file in a gitlab repository and actually use the respository runner to pump data back and forth :).
I started with this, but I don't know how to best configure the configuration
image: rclone/rclone
stages:
- bestanden-over
# ... "compile" and "test" jobs are skipped here for the sake of compactness
dseegers:
stage: bestanden-over
script:
- lsf ":ftp: --ftp-host=speedtest.tele2.net --ftp-user=anonymous --ftp-pass=`rclone obscure dummy`"
I do a similar thing in GitHub actions. What I do is use rclone config encryption but put the rclone config secret into the secret environment as RCLONE_CONFIG_PASS. The config file can then be checked in as it is encrypted.
rclone uses nacl secretbox which in turn uses XSalsa20 and Poly1305 to encrypt and authenticate your configuration with secret-key cryptography. The password is SHA-256 hashed, which produces the key for secretbox. The hashed password is not stored.