You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#+PROPERTY: Effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d #+PROPERTY: Max_effort_ALL 0 0:30 1:00 2:00 0.5d 1d 1.5d 2d 3d 4d 5d #+PROPERTY: header-args:python :var filename=(buffer-file-name) #+PROPERTY: header-args:sh :var filename=(buffer-file-name) #+TODO: TODO WIP BLOCKED | DONE CANCELED #+LATEX_HEADER: \usepackage[margin=0.5in]{geometry} #+LaTeX_HEADER: \hypersetup{linktoc = all, colorlinks = true, urlcolor = DodgerBlue4, citecolor = PaleGreen1, linkcolor = blue} #+LaTeX_CLASS: article #+OPTIONS: H:8 ^:nil prop:("Effort" "Max_effort") tags:not-in-toc #+COLUMNS: %50ITEM %Effort(Min Effort) %Max_effort(Max Effort)
#+TITLE: rsync-backup-target
#+LATEX: \pagebreak
Usage of this service
#+LATEX: \pagebreak
#+LATEX: \pagebreak
* Configuration example
#+begin_src yaml rsync-backup-target: # docker-compose: # ports: # - "10023:22" options: admin: ## These keys are for the allowed rsync-backup to write stuff with rsync myadmin: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDESdz8bWtVcDQJ68IE/KpuZM9tAq\ ZDXGbvEVnTg16/yWqBGQg0QZdDjISsPn7D3Zr64g2qgD9n7EZghfGP9TkitvfrBYx8p\ 7JkkUyt8nxklwOlKZFD5b3PF2bHloSsmjnP8ZMp5Ar7E+tn1guGrCrTcFIebpVGR3qF\ hRN9AlWNR+ekWo88ZlLJIrqD26jbWRJZm4nPCgqwhJwfHE3aVwfWGOqjSp4ij+jr2ac\ Arg7eD4clBPYIqKlqbfNRD5MFAH9sbB6jkebQCAUwNRwV7pKwCEt79HnCMoMjnZh6Ww\ 6TlHIFw936C2ZiTBuofMx7yoAeqpifyzz/T5wsFLYWwSnX rsync@zen" #+end_src
** Adding new keys for backup
This can be done through the admin accounts configured in =compose.yml=.
You can use then =ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key=:
#+begin_example $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key add "ssh-rsa AAA...Jdhwhv rsync@sourcelabel" $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls ..Jdhwhv sourcelabel $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key rm sourcelabel $ ssh myadmin@$RSYNC_BACKUP_TARGET ssh-key ls $ #+end_example
* Troubleshooting
** Faking access from client
This should work:
#+begin_src sh RSYNC_BACKUP_TARGET_IP=172.18.0.2 rsync -azvA -e "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \ /tmp/toto "$RSYNC_BACKUP_TARGET":/var/mirror/client1 #+end_src
** Direct ssh access should be refused
#+begin_src sh RSYNC_BACKUP_TARGET_IP=172.18.0.2 ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \ "$RSYNC_BACKUP_TARGET" #+end_src
** Wrong directory should be refused
#+begin_src sh RSYNC_BACKUP_TARGET_IP=172.18.0.2 rsync -azvA -e "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \ /tmp/toto "$RSYNC_BACKUP_TARGET":/var/mirror/client2 #+end_src
|