Automating Tasks With launchd In OS X
Just got into some lanchd automation with OS X. I wanted an automatic rsync of my 1Password Anywhere files to a remote web server, as a DIY public web service for 1Password.
First step: make a shell script with whatever you want to do, and save it in your $PATH. For my 1Password sync, a simple rsync one-liner:
#!/bin/sh
rsync -az --force --delete -e "ssh -p7890" /Users/me/Dropbox/Apps/1Password.agilekeychain/. [email protected]:/var/www/vhosts/etc/et.all/public_html/
Then: make a .plist file in XML format so launchd can understand what must be done. Set the StartInterval in seconds (300 means every 5 minutes).
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.YOURUSERNAME.NAMEOFTASK.backup</string>
<key>ProgramArguments</key>
<array>
<string>YOURSCRIPT.sh</string>
</array>
<key>StartInterval</key>
<integer>300</integer>
</dict>
</plist>
Save it as com.YOURUSERNAME.NAMEOFTASK.backup.plist in ~/Library/LaunchAgents/. Be sure the file name matches the <string> for <key>label</key> in the XML. Also make sure the ownership and permissions are proper.
sudo chown root com.YOURUSERNAME.NAMEOFTASK.backup.plist
sudo chmod 644 com.YOURUSERNAME.NAMEOFTASK.backup.plist
Now to tell OSX about our screenplay. Fire up a terminal and
launchctl -w load ~/Library/LaunchAgents/com.YOURUSERNAME.NAMEOFTASK.backup.plist
The -w flag tells launchctl to load without waiting for a system reboot.
BAM. Now your shell script will run in the background every 300 seconds.
For the 1Password setup, they use a file called 1Password.html, meaning you have to add that to the URL. To streamline the process, I touched an index.html file on the server that redirects to the 1Password html.
<!DOCTYPE html>
<head>
<meta http-equiv="refresh" content="0; url=/1Password.html">
</head>
</html>
So yes - my super top secret passwords are technically public on the Internet; however, they’re well encrypted and I’m usually a pretty nice dude… so nobody would hack me right? For the paranoid, you could add some redundancy with an apache .htpasswd file on the server. 2Passwords is better than one.