TODO in Desktop Linux III: an ode to Unison

This is the third post in a series about open issues in the current offerings of Desktop Linux. In this post I write about my favourite Open Source application which is Unison.

In my daily work I use two laptops; one at home and one at work. I need to have my document repository available on both machines. Moreover I am sometimes in a situation where I connect to a network which is not my office network or in some rare occasions I am even offline. In all these situations I need up to date access to my documents and email. In all these occasions email has an easy solution. I use an imap server to store my mail and use Thunderbird to sync my mail tree. But the document repository is more of a challenge. Try to solve this with the available Gnome tools on a standard installation of Ubuntu. It is simply not possible. Here comes Unison to the rescue.

All my documents are stored on my home server. That could easily be an backoffice server but this has historical reasons. It is essential I have my documents available on both laptops and for that I need reliable two-way synchronization of the document repository. The synchronization needs to be able to work in different locations with different types of internet access. In some cases I am on my office LAN but in other cases my documents need to flow over the public internet via public internet gateways. Therefor security is essential. The second requirement is reliability. The synchronization can take a few minutes to an hour depending on the size of the accumulate update of the repository and the available bandwidth. The third and last requirement is that the synchronization needs to take place in the background. I am just too busy to remember to synchronize. It needs to happen transparently.

The solution to this problem is a combination of OpenSSH with a password protected private/public key combination and Unison. SSH provides the essential data encryption combined with solid access protection of my document repository. Unison takes care of the two-way synchronization. In my 5 years of use it proves to be a very reliable tool which survives unreliable and slow links, mid-way disconnections and large updates.

For background synchronization I use cron which can login without a password to my server when I enable ssh-agent key forwarding. In my Gnome session I autostart ssh-askpass which asks me for my private key passphrase during logon. During my session cron can start a script I wrote to access my ssh-agent to use the private SSH key to login to my server and start Unison.

To give you an idea on the reliability and scalability of Unison. A few years ago I used Kontact/Kmail for my email. And although Kmail supported IMAP, it did not synchronize my email. When I was offline I could not access it. I solved this using Unison. At that time I used Courier IMAP which stores the user’s email in a directory called Maildir in their home directory. I synchronized this email repository containing 10.000+ emails with my laptop and ran a local Courier IMAP server to access my emails through Kmail. This worked very reliable. A synchronization run only took 10 seconds when no changes were detected which is an amazing feat in itself by the people who wrote this great tool.

When I find the time I will write a small howto on the setup of Unison together with OpenSSH and ssh-agent key forwarding.

But to come back to the original theme of this series of posts I am disappointed that Unison is still not integrated in the Desktop environments of Linux. Often users find themselves in a situation they need to have reliable and scalable two-way synchronization of data. The tools are available but the Desktop Environment does not give easy access to these tools. For me personally this would be a killer feature and I am not alone.