Allow heterogeneous ports

This makes it a bit more annoying to define default hosts for multiple machines, but it's not that bad and it's better than not being able to define heterogeous ports.
2019-09-03 10:29:05 -04:00 · 2019-09-03 10:29:05 -04:00 · 0f7d9e9f24
parent c773c901f2
commit 0f7d9e9f24
5 changed files with 8 additions and 19 deletions
--- a/evobackup-client/README.md
+++ b/evobackup-client/README.md
@ -2,11 +2,10 @@

 Allows the configuration of backups to one or more remote filesystems.

-The backup hosts in use need to be defined in evobackup-client__hosts
-and the bkctld jail ssh port has to be defined in
-evobackup-client__ssh_port before running it.
+The backup hosts and the ports in use need to be defined in
+evobackup-client__hosts before running it.

-The default zzz_evobackup.sh configures a system backup, but the
+The default zzz_evobackup.sh configures a system only backup, but the
 template can be overriden to configure a full backup instead. If
 you change the variables in defaults/main.yml you can easily run
 this again and configure backups to a second set of hosts.
--- a/evobackup-client/defaults/main.yml
+++ b/evobackup-client/defaults/main.yml
@ -6,8 +6,8 @@ evobackup-client__mail: null
 evobackup-client__pid_path: "/var/run/evobackup.pid"
 evobackup-client__log_path: "/var/log/evobackup.log"
 evobackup-client__backup_path: "/home/backup"
-evobackup-client__ssh_port: null
 evobackup-client__hosts: null
 #  - name: "backups.example.org"
 #    ip: "xxx.xxx.xxx.xxx"
 #    fingerprint: "ecdsa-sha2-nistp256 ..."
+#    port: xxxx
--- a/evobackup-client/tasks/open_ssh_ports.yml
+++ b/evobackup-client/tasks/open_ssh_ports.yml
@ -8,22 +8,12 @@
    - evobackup-client
    - evobackup-client-backup-firewall

- name: backup ssh port
-  blockinfile:
-    dest: /etc/default/minifirewall
-    marker: "# evobackup ssh port"
-    block: "evobackup_port={{ evobackup-client__ssh_port }}"
-  when: evobackup-client__minifirewall.stat.exists
-  tags:
-    - evobackup-client
-    - evobackup-client-backup-firewall
-
 - name: Add backup SSH port in /etc/default/minifirewall
  blockinfile:
    dest: /etc/default/minifirewall
    marker: "# {{ item.name }}"
    block: |
-      /sbin/iptables -A INPUT -p tcp --sport {{ evobackup-client__ssh_port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
+      /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
  with_items: "{{ evobackup-client__hosts }}"
  when: evobackup-client__minifirewall.stat.exists
  tags:
--- a/evobackup-client/tasks/verify_ssh.yml
+++ b/evobackup-client/tasks/verify_ssh.yml
@ -3,8 +3,8 @@
 - name: Verify evolix backup servers
  known_hosts:
    path: /root/.ssh/known_hosts
-    name: "[{{ item.name }}]:{{ evobackup-client__ssh_port }}"
-    key: "[{{ item.name }}]:{{ evobackup-client__ssh_port }} {{ item.fingerprint }}"
+    name: "[{{ item.name }}]:{{ item.port }}"
+    key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}"
  with_list: "{{ evobackup-client__hosts }}"
  tags:
    - evobackup-client
--- a/evobackup-client/templates/zzz_evobackup.default.sh.j2
+++ b/evobackup-client/templates/zzz_evobackup.default.sh.j2
@ -21,7 +21,7 @@
 MAIL={{ evobackup-client__mail }}

 # list of hosts (hostname or IP) and SSH port for Rsync
-SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ evobackup-client__ssh_port }} {% endfor %}"
+SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ host.port }} {% endfor %}"

 # timeout (in seconds) for SSH connections
 SSH_CONNECT_TIMEOUT=30