Allow heterogeneous ports

This makes it a bit more annoying to define default hosts for
multiple machines, but it's not that bad and it's better than not
being able to define heterogeous ports.
This commit is contained in:
Patrick Marchand 2019-09-03 10:29:05 -04:00
parent c773c901f2
commit 0f7d9e9f24
5 changed files with 8 additions and 19 deletions

View File

@ -2,11 +2,10 @@
Allows the configuration of backups to one or more remote filesystems.
The backup hosts in use need to be defined in evobackup-client__hosts
and the bkctld jail ssh port has to be defined in
evobackup-client__ssh_port before running it.
The backup hosts and the ports in use need to be defined in
evobackup-client__hosts before running it.
The default zzz_evobackup.sh configures a system backup, but the
The default zzz_evobackup.sh configures a system only backup, but the
template can be overriden to configure a full backup instead. If
you change the variables in defaults/main.yml you can easily run
this again and configure backups to a second set of hosts.

View File

@ -6,8 +6,8 @@ evobackup-client__mail: null
evobackup-client__pid_path: "/var/run/evobackup.pid"
evobackup-client__log_path: "/var/log/evobackup.log"
evobackup-client__backup_path: "/home/backup"
evobackup-client__ssh_port: null
evobackup-client__hosts: null
# - name: "backups.example.org"
# ip: "xxx.xxx.xxx.xxx"
# fingerprint: "ecdsa-sha2-nistp256 ..."
# port: xxxx

View File

@ -8,22 +8,12 @@
- evobackup-client
- evobackup-client-backup-firewall
- name: backup ssh port
blockinfile:
dest: /etc/default/minifirewall
marker: "# evobackup ssh port"
block: "evobackup_port={{ evobackup-client__ssh_port }}"
when: evobackup-client__minifirewall.stat.exists
tags:
- evobackup-client
- evobackup-client-backup-firewall
- name: Add backup SSH port in /etc/default/minifirewall
blockinfile:
dest: /etc/default/minifirewall
marker: "# {{ item.name }}"
block: |
/sbin/iptables -A INPUT -p tcp --sport {{ evobackup-client__ssh_port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
with_items: "{{ evobackup-client__hosts }}"
when: evobackup-client__minifirewall.stat.exists
tags:

View File

@ -3,8 +3,8 @@
- name: Verify evolix backup servers
known_hosts:
path: /root/.ssh/known_hosts
name: "[{{ item.name }}]:{{ evobackup-client__ssh_port }}"
key: "[{{ item.name }}]:{{ evobackup-client__ssh_port }} {{ item.fingerprint }}"
name: "[{{ item.name }}]:{{ item.port }}"
key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}"
with_list: "{{ evobackup-client__hosts }}"
tags:
- evobackup-client

View File

@ -21,7 +21,7 @@
MAIL={{ evobackup-client__mail }}
# list of hosts (hostname or IP) and SSH port for Rsync
SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ evobackup-client__ssh_port }} {% endfor %}"
SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ host.port }} {% endfor %}"
# timeout (in seconds) for SSH connections
SSH_CONNECT_TIMEOUT=30