diff --git a/IMAP-Sync.md b/IMAP-Sync.md new file mode 100644 index 0000000..e982201 --- /dev/null +++ b/IMAP-Sync.md @@ -0,0 +1,98 @@ +Sync email via IMAP from host1/domain1 to a subfolder on host2/domain2 via a cron/timer. Can be reversed as well, just update `Patterns` to exclude the subfolders from being cross-replicated (looped). + + - Install the `isync` package: `apt-get update && apt-get install isync` + +Passwords for IMAP must be left on disk in plain text + + - Generate "app passwords" at the email providers, host1 can be READ only + - Keep `${HOME}/.secure` contents on encrypted volume unlocked manually + +The `mbsync` program keeps it's transient index files in `${HOME}/.mbsync/` with one per IMAP folder; these are used to keep track of what it's already synced. Should something break it may be necessary to delete one of these files to force a resync. + +By design, `mbsync` will not delete a destination folder if it's not empty first; this means if you delete a folder and all emails on the source in one step, a sync will break with an error/warning. Instead, delete all emails in the folder first, sync those deletions, then delete the empty folder on the source and sync again. See: https://sourceforge.net/p/isync/mailman/isync-devel/thread/f278216b-f1db-32be-fef2-ccaeea912524%40ojkastl.de/#msg37237271 + +Simple crontab to run the script: + +``` +0 */6 * * * /home/USER/bin/hasync.sh +``` + +Main config for the `mbsync` program: + +**${HOME}/.mbsyncrc** +``` +# Source +IMAPAccount imap-src-account +Host imap.host1.com +Port 993 +User user1 +PassCmd "cat /home/USER/.secure/psrc" +SSLType IMAPS +SystemCertificates yes +PipeLineDepth 1 +#CertificateFile /etc/ssl/certs/ca-certificates.crt + +# Dest +IMAPAccount imap-dest-account +Host imap.host2.com +Port 993 +User user2 +PassCmd "cat /home/USER/.secure/pdst" +SSLType IMAPS +SystemCertificates yes +PipeLineDepth 1 +#CertificateFile /etc/ssl/certs/ca-certificates.crt + +# Source map +IMAPStore imap-src +Account imap-src-account + +# Dest map +IMAPStore imap-dest +Account imap-dest-account + +# Transfer options +Channel hasync +Master :imap-src: +Slave :imap-dest:HASync/ +Sync Pull +Create Slave +Remove Slave +Expunge Slave +Patterns * +CopyArrivalDate yes +``` + +This script leverages healthchecks.io to alert on failure; replace XXXXX with the UUID of your monitor URL. + +**${HOME}/bin/hasync.sh** +``` +#!/bin/bash + +# vars +LOGDIR="${HOME}/log" +TIMESTAMP=$(date +%Y-%m-%d_%H%M) +LOGFILE="${LOGDIR}/mbsync_${TIMESTAMP}.log" +HCPING="https://hc-ping.com/XXXXXXXXXXXXXXXXXXXXXXXXX" + +# preflight +if [[ ! -d "${LOGDIR}" ]]; then + mkdir -p "${LOGDIR}" +fi + +# sync +echo -e "\nBEGIN $(date +%Y-%m-%d_%H%M)\n" >> "${LOGFILE}" +/usr/bin/mbsync -c ${HOME}/.mbsyncrc -V hasync 1>>"${LOGFILE}" 2>&1 +EC=$? +echo -e "\nEC: ${EC}" >> "${LOGFILE}" +echo -e "\nEND $(date +%Y-%m-%d_%H%M)\n" >> "${LOGFILE}" + +# report +if [[ $EC -eq 0 ]]; then + curl -fsS -m 10 --retry 5 -o /dev/null "${HCPING}" + find "${LOGDIR}" -type f -mtime +30 -delete +fi + +exit $EC +``` + diff --git a/_Sidebar.md b/_Sidebar.md index 52bd187..b1c8ef2 100644 --- a/_Sidebar.md +++ b/_Sidebar.md @@ -24,6 +24,7 @@ - [[GitLab Anchors]] - [[Glibc IPv4]] - [[GnuPG Things]] +- [[IMAP Sync]] - [[IPv4 Default Gateway]] - [[IPv4 Default IP]] - [[KRB5 Empty Keytab]]