evobackup-client/README.md

@@ -2,11 +2,10 @@
 
 Allows the configuration of backups to one or more remote filesystems.
 
-The backup hosts in use need to be defined in evobackup-client__hosts
+The backup hosts and the ports in use need to be defined in
-and the bkctld jail ssh port has to be defined in
+evobackup-client__hosts before running it.
-evobackup-client__ssh_port before running it.
 
-The default zzz_evobackup.sh configures a system backup, but the
+The default zzz_evobackup.sh configures a system only backup, but the
 template can be overriden to configure a full backup instead. If
 you change the variables in defaults/main.yml you can easily run
 this again and configure backups to a second set of hosts.

evobackup-client/defaults/main.yml

@@ -6,8 +6,8 @@ evobackup-client__mail: null
 evobackup-client__pid_path: "/var/run/evobackup.pid"
 evobackup-client__log_path: "/var/log/evobackup.log"
 evobackup-client__backup_path: "/home/backup"
-evobackup-client__ssh_port: null
 evobackup-client__hosts: null
 #  - name: "backups.example.org"
 #    ip: "xxx.xxx.xxx.xxx"
 #    fingerprint: "ecdsa-sha2-nistp256 ..."
+#    port: xxxx

evobackup-client/tasks/open_ssh_ports.yml

@@ -8,22 +8,12 @@
     - evobackup-client
     - evobackup-client-backup-firewall
 
-- name: backup ssh port
-  blockinfile:
-    dest: /etc/default/minifirewall
-    marker: "# evobackup ssh port"
-    block: "evobackup_port={{ evobackup-client__ssh_port }}"
-  when: evobackup-client__minifirewall.stat.exists
-  tags:
-    - evobackup-client
-    - evobackup-client-backup-firewall
-
 - name: Add backup SSH port in /etc/default/minifirewall
   blockinfile:
     dest: /etc/default/minifirewall
     marker: "# {{ item.name }}"
     block: |
-      /sbin/iptables -A INPUT -p tcp --sport {{ evobackup-client__ssh_port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
+      /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
   with_items: "{{ evobackup-client__hosts }}"
   when: evobackup-client__minifirewall.stat.exists
   tags:

evobackup-client/tasks/verify_ssh.yml

@@ -3,8 +3,8 @@
 - name: Verify evolix backup servers
   known_hosts:
     path: /root/.ssh/known_hosts
-    name: "[{{ item.name }}]:{{ evobackup-client__ssh_port }}"
+    name: "[{{ item.name }}]:{{ item.port }}"
-    key: "[{{ item.name }}]:{{ evobackup-client__ssh_port }} {{ item.fingerprint }}"
+    key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}"
   with_list: "{{ evobackup-client__hosts }}"
   tags:
     - evobackup-client

evobackup-client/templates/zzz_evobackup.default.sh.j2

@@ -21,7 +21,7 @@
 MAIL={{ evobackup-client__mail }}
 
 # list of hosts (hostname or IP) and SSH port for Rsync
-SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ evobackup-client__ssh_port }} {% endfor %}"
+SERVERS="{% for host in evobackup-client__hosts %}{{ host.name }}:{{ host.port }} {% endfor %}"
 
 # timeout (in seconds) for SSH connections
 SSH_CONNECT_TIMEOUT=30