diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2014-04-13 18:57:08 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2014-04-13 18:57:08 -0300 |
commit | c42d24d3b963bd1bf39e6bb6ceb1f0b5392da524 (patch) | |
tree | 2dc08616aaf46ff11d138e2f48e51ae77c3b1670 | |
parent | 8231f5474b8e729f494bf29ae1cd59ad169edc18 (diff) | |
download | puppet-backup-c42d24d3b963bd1bf39e6bb6ceb1f0b5392da524.tar.gz puppet-backup-c42d24d3b963bd1bf39e6bb6ceb1f0b5392da524.tar.bz2 |
Manage ssh private keys with ssh_local_key
-rw-r--r-- | manifests/init.pp | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 68c2591..34d8c88 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -193,7 +193,7 @@ class backup( } # default backupninja::rdiff configuration - define rdiff($port = '22', $ensure = present, $installkey = true) { + define rdiff($port = '22', $ensure = present) { backupninja::rdiff { "rdiff-$title.$domain": ensure => $ensure, options => "--remote-schema 'ssh -p $port -C %s rdiff-backup --server'", @@ -208,27 +208,34 @@ class backup( subfolder => "rdiff", user => "$hostname", sshoptions => "-p $port", - installkey => $installkey, + installkey => false, backupkeytype => "rsa", - backupkeystore => "puppet:///ssh", + backupkeystore => "puppet:///pubkeys", + } + + if !defined(Ssh_local_key['backup']) { + ssh_local_key { 'backup': + owner => root, + group => root, + home => /root, + } } } define rsync($port = '22', $ensure = present, - $installkey = true, $bandwidthlimit = false, $use_domain = $::domain, $use_fqdn = $::fqdn) { backupninja::rsync { "rsync-$title.$use_domain": # [general] ensure => $ensure, - installkey => $installkey, + installkey => false, home => "$backupdir/remote/$use_fqdn", backupdir => "$backupdir/remote/$use_fqdn/rsync", backupkeytype => "rsa", id_file => "/root/.ssh/id_rsa", - backupkeystore => "puppet:///ssh", + backupkeystore => "puppet:///pubkeys", keepdaily => '4', keepweekly => '2', keepmonthly => '2', @@ -246,6 +253,14 @@ class backup( compress => '1', testconnect => 'yes', } + + if !defined(Ssh_local_key['backup']) { + ssh_local_key { 'backup': + owner => root, + group => root, + home => /root, + } + } } # local backups using duplicity |