Feature request: Master-Slave Replication (rsync+SSH config sync)

[lionevil1]

Summary

I implemented master-slave config replication in my fork and wanted to share it as a potential feature for the main project.

Fork: https://github.com/lionevil1/MTProxyMax

What it does

Automatically syncs proxy config from a master server to one or more slave servers via rsync+SSH on a configurable interval (default: 60s). When config changes on master (new user, updated limits, upstream changes), slaves pick it up automatically and restart their Docker container.

Synced files: `secrets.conf`, `upstreams.conf`, `instances.conf`, `mtproxy/config.toml`
Never synced: `settings.conf`, `replication.conf` (preserves each server's local role)

Setup

# On master
mtproxymax replication setup   # wizard: select Master, add slave host

# On slave
mtproxymax replication setup   # wizard: select Slave

CLI

mtproxymax replication status           # role, timer state, last sync
mtproxymax replication add <host>       # register a slave
mtproxymax replication remove <host>    # remove a slave
mtproxymax replication sync             # trigger immediate sync
mtproxymax replication test             # test SSH connectivity
mtproxymax replication logs             # view sync log
mtproxymax replication promote          # promote slave → master (failover)
mtproxymax replication enable/disable   # toggle sync timer
mtproxymax replication reset            # wipe all replication config

Implementation details

• Self-contained sync script generated at /opt/mtproxymax/mtproxymax-sync.sh (same pattern as the Telegram bot service)
• systemd timer + oneshot service (mtproxymax-sync.timer)
• flock to prevent overlapping sync runs
• Hardcoded --exclude=settings.conf --exclude=replication.conf in rsync — slave role can never be overwritten by master
• Migration guard in load_settings() ensures exclude list is always correct regardless of stored value
• SSH key auto-generated (ed25519), copied to slave via ssh-copy-id
• StrictHostKeyChecking=accept-new (trust-on-first-use)
• Atomic writes with flock on shared lock file to prevent races between main script and sync timer
• Full TUI menu integrated into Section 18
• 110 unit tests covering save/load round-trip, add/remove validation, settings persistence

Roles

Role	Description
Master	Pushes config to slaves on schedule
Slave	Receives config; changes must be made on master
Standalone	Replication disabled (default)

Would you be interested in a PR?

Happy to rebase and open a clean PR if this fits the project's direction. The feature adds ~700 lines to Section 14b following the existing code patterns.

[SamNet-dev]

Hey @lionevil1 — this is great work, and yes we'd welcome a PR!

The design looks solid: rsync+SSH is the right call for this, the role separation makes sense, and the exclude list for settings.conf/replication.conf is exactly the right approach to keep slave identity intact.

A few things to keep in mind for the PR:

• Rebase onto latest main — we just landed a few fixes (broken pipe line 1258: echo: write error: Broken pipe #37, input handling Sometimes need to select menu item twice #38, engine v3.3.32) so there may be minor line shifts
• Keep the code style consistent — same function naming (snake_case), log helpers (log_info, log_success, etc.), draw_box_* for TUI
• Tests are a plus — if you can include them or describe how to run them, even better

Go ahead and open the PR whenever you're ready!