From 0f7d9e9f2495f781c539d86a6873370a7dd2e6eb Mon Sep 17 00:00:00 2001 From: Patrick Marchand Date: Tue, 3 Sep 2019 10:29:05 -0400 Subject: [PATCH] Allow heterogeneous ports This makes it a bit more annoying to define default hosts for multiple machines, but it's not that bad and it's better than not being able to define heterogeous ports. --- evobackup-client/README.md | 7 +++---- evobackup-client/defaults/main.yml | 2 +- evobackup-client/tasks/open_ssh_ports.yml | 12 +----------- evobackup-client/tasks/verify_ssh.yml | 4 ++-- .../templates/zzz_evobackup.default.sh.j2 | 2 +- 5 files changed, 8 insertions(+), 19 deletions(-) diff --git a/evobackup-client/README.md b/evobackup-client/README.md index 68007fb9..18ef132e 100644 --- a/evobackup-client/README.md +++ b/evobackup-client/README.md @@ -2,11 +2,10 @@ Allows the configuration of backups to one or more remote filesystems. -The backup hosts in use need to be defined in evobackup-client__hosts -and the bkctld jail ssh port has to be defined in -evobackup-client__ssh_port before running it. +The backup hosts and the ports in use need to be defined in +evobackup-client__hosts before running it. -The default zzz_evobackup.sh configures a system backup, but the +The default zzz_evobackup.sh configures a system only backup, but the template can be overriden to configure a full backup instead. If you change the variables in defaults/main.yml you can easily run this again and configure backups to a second set of hosts. diff --git a/evobackup-client/defaults/main.yml b/evobackup-client/defaults/main.yml index e11de5c9..c172d178 100644 --- a/evobackup-client/defaults/main.yml +++ b/evobackup-client/defaults/main.yml @@ -6,8 +6,8 @@ evobackup-client__mail: null evobackup-client__pid_path: "/var/run/evobackup.pid" evobackup-client__log_path: "/var/log/evobackup.log" evobackup-client__backup_path: "/home/backup" -evobackup-client__ssh_port: null evobackup-client__hosts: null # - name: "backups.example.org" # ip: "xxx.xxx.xxx.xxx" # fingerprint: "ecdsa-sha2-nistp256 ..." +# port: xxxx diff --git a/evobackup-client/tasks/open_ssh_ports.yml b/evobackup-client/tasks/open_ssh_ports.yml index 7979d233..22f3fb01 100644 --- a/evobackup-client/tasks/open_ssh_ports.yml +++ b/evobackup-client/tasks/open_ssh_ports.yml @@ -8,22 +8,12 @@ - evobackup-client - evobackup-client-backup-firewall -- name: backup ssh port - blockinfile: - dest: /etc/default/minifirewall - marker: "# evobackup ssh port" - block: "evobackup_port={{ evobackup-client__ssh_port }}" - when: evobackup-client__minifirewall.stat.exists - tags: - - evobackup-client - - evobackup-client-backup-firewall - - name: Add backup SSH port in /etc/default/minifirewall blockinfile: dest: /etc/default/minifirewall marker: "# {{ item.name }}" block: | - /sbin/iptables -A INPUT -p tcp --sport {{ evobackup-client__ssh_port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT + /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT with_items: "{{ evobackup-client__hosts }}" when: evobackup-client__minifirewall.stat.exists tags: diff --git a/evobackup-client/tasks/verify_ssh.yml b/evobackup-client/tasks/verify_ssh.yml index 99dd6cb4..df0318e2 100644 --- a/evobackup-client/tasks/verify_ssh.yml +++ b/evobackup-client/tasks/verify_ssh.yml @@ -3,8 +3,8 @@ - name: Verify evolix backup servers known_hosts: path: /root/.ssh/known_hosts - name: "[{{ item.name }}]:{{ evobackup-client__ssh_port }}" - key: "[{{ item.name }}]:{{ evobackup-client__ssh_port }} {{ item.fingerprint }}" + name: "[{{ item.name }}]:{{ item.port }}" + key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}" with_list: "{{ evobackup-client__hosts }}" tags: - evobackup-client diff --git a/evobackup-client/templates/zzz_evobackup.default.sh.j2 b/evobackup-client/templates/zzz_evobackup.default.sh.j2 index 27346930..766c023d 100644 --- a/evobackup-client/templates/zzz_evobackup.default.sh.j2 +++ b/evobackup-client/templates/zzz_evobackup.default.sh.j2 @@ -21,7 +21,7 @@ MAIL={{ evobackup-client__mail }} # list of hosts (hostname or IP) and SSH port for Rsync -SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ evobackup-client__ssh_port }} {% endfor %}" +SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ host.port }} {% endfor %}" # timeout (in seconds) for SSH connections SSH_CONNECT_TIMEOUT=30