StephanSainleger
/
0k-charms
forked from 0k/0k-charms
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
431 Commits
13 Branches
0 Tags
107 MiB
Tree: a0a5679117
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a0a5679117'
${ noResults }
0k-charms/rsync-backup-target/README.org

84 lines
2.6 KiB
Raw Normal View History

new: [rsync-backup-target] allow dynamic management of backup keys Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
  1. #+PROPERTY: Effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d
  2. #+PROPERTY: Max_effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d
  3. #+PROPERTY: header-args:python :var filename=(buffer-file-name)
  4. #+PROPERTY: header-args:sh :var filename=(buffer-file-name)
  5. #+TODO: TODO WIP BLOCKED | DONE CANCELED
  6. #+LATEX_HEADER: \usepackage[margin=0.5in]{geometry}
  7. #+LaTeX_HEADER: \hypersetup{linktoc = all, colorlinks = true, urlcolor = DodgerBlue4, citecolor = PaleGreen1, linkcolor = blue}
  8. #+LaTeX_CLASS: article
  9. #+OPTIONS: H:8 ^:nil prop:("Effort" "Max_effort") tags:not-in-toc
  10. #+COLUMNS: %50ITEM %Effort(Min Effort) %Max_effort(Max Effort)
  12. #+TITLE: rsync-backup-target
  14. #+LATEX: \pagebreak
  16. Usage of this service
  18. #+LATEX: \pagebreak
  20. #+LATEX: \pagebreak
  23. * Configuration example
  26. #+begin_src yaml
  27. rsync-backup-target:
  28. # docker-compose:
  29. # ports:
  30. # - "10023:22"
  31. options:
  32. admin: ## These keys are for the allowed rsync-backup to write stuff with rsync
  33. myadmin: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDESdz8bWtVcDQJ68IE/KpuZM9tAq\
  34. ZDXGbvEVnTg16/yWqBGQg0QZdDjISsPn7D3Zr64g2qgD9n7EZghfGP9TkitvfrBYx8p\
  35. 7JkkUyt8nxklwOlKZFD5b3PF2bHloSsmjnP8ZMp5Ar7E+tn1guGrCrTcFIebpVGR3qF\
  36. hRN9AlWNR+ekWo88ZlLJIrqD26jbWRJZm4nPCgqwhJwfHE3aVwfWGOqjSp4ij+jr2ac\
  37. Arg7eD4clBPYIqKlqbfNRD5MFAH9sbB6jkebQCAUwNRwV7pKwCEt79HnCMoMjnZh6Ww\
  38. 6TlHIFw936C2ZiTBuofMx7yoAeqpifyzz/T5wsFLYWwSnX rsync@zen"
  39. #+end_src
  41. ** Adding new keys for backup
  43. This can be done through the admin accounts configured in =compose.yml=.
  45. You can use then =ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key=:
  47. #+begin_example
  48. $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls
  49. $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key add "ssh-rsa AAA...Jdhwhv rsync@sourcelabel"
  50. $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls
  51. ..Jdhwhv sourcelabel
  52. $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key rm sourcelabel
  53. $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls
  54. $
  55. #+end_example
  58. * Troubleshooting
  60. ** Faking access from client
  62. This should work:
  64. #+begin_src sh
  65. RSYNC_BACKUP_TARGET_IP=172.18.0.2
  66. rsync -azvA -e "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \
  67. /tmp/toto "$RSYNC_BACKUP_TARGET":/var/mirror/client1
  68. #+end_src
  70. ** Direct ssh access should be refused
  72. #+begin_src sh
  73. RSYNC_BACKUP_TARGET_IP=172.18.0.2
  74. ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
  75. "$RSYNC_BACKUP_TARGET"
  76. #+end_src
  78. ** Wrong directory should be refused
  80. #+begin_src sh
  81. RSYNC_BACKUP_TARGET_IP=172.18.0.2
  82. rsync -azvA -e "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \
  83. /tmp/toto "$RSYNC_BACKUP_TARGET":/var/mirror/client2
  84. #+end_src