The short version: how can I keep an rsync backup on a truecrypt volume? The hard part is to mount/unmount this volume on the fly when it is needed for rsync.

Details

This is my current backup configuration (which works fairly well for the most part):

• backup source is on Win7 64 bit, destination is a remote Linux box (Debian)
• actual data transfer is done by rsync via ssh (cwRsync with cygwin)
• rsync daemon is started on demand via ssh

On the Linux box the backup is protected by file permissions only. I want to increase security here and put the backup into a truecrypt volume. I can fuse-mount that volume manually in the shell. The question is now how can I make rsync not only open an ssh connection and starting the rsync daemon, but also to mount the truecrypt volume before (and unmount it after)?

My money is on option --rsync-path which can be used to pass a command line to ssh - provided that stdin and stdout still work the same. I guess that command would have to be a shell script. Is this possible, and what would the script look like?

For reference, here's a quote of that option:

--rsync-path=PROGRAM

Use this to specify what program is to be run on the remote machine to start-up rsync. Often used when rsync is not in the default remote-shell's path (e.g. --rsync-path=/usr/local/bin/rsync). Note that PROGRAM is run with the help of a shell, so it can be any program, script, or command sequence you'd care to run, so long as it does not corrupt the standard-in & standard-out that rsync is using to communicate.

One tricky example is to set a different default directory on the remote machine for use with the --relative option. For instance:

rsync -avR --rsync-path="cd /a/b && rsync" host:c/d /e/

This is the full rsync man page.

Truecrypt volume auto-mount

Solved! Turns out this option is actually key to auto-mounting the truecrypt volume on the remote side. The following command line does the trick (one line!):

rsync $options -e "ssh -p $port -i ../.ssh/id_dsa" 
  --rsync-path="/usr/local/bin/truecrypt -d 
                && /usr/local/bin/truecrypt --fs-options=rw,sync,utf8,uid=$UID,umask=0007 
                                            --non-interactive -p $password $pathToVolume 
                                            $remoteMountDir 
                && rsync" 
  $localSourceDir $user:$remoteMountMountDir

Truecrypt volume auto-dismount

Still open: how can I unmount the volume when rsync is done?

Not sure if the following makes sense to anyone but I give it a try...

Right now I am unmounting (truecrypt -d), then mounting again, then continuing with rsync. At this time rsync needs to do its thing but I dont know when its done. Adding ... rsync && truecrypt -d to the command line does not work because then the rsync daemon does not start. This is because rsync starts the daemon with parameter --server on the remote side and that parameter would go to the final truecrypt -d.