diff options
| author | Micah Anderson <micah@riseup.net> | 2008-07-31 13:02:28 +0000 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2008-07-31 13:02:28 +0000 |
| commit | d418a9191053726a4a0e4d4c1f45f9080d5d0439 (patch) | |
| tree | caebf8b49fa283756c8c8c90457e511a68a648d1 /manifests | |
| parent | ef4832d9413f518e81aa13903de6f705ad1e5557 (diff) | |
| download | puppet-backupninja-d418a9191053726a4a0e4d4c1f45f9080d5d0439.tar.gz puppet-backupninja-d418a9191053726a4a0e4d4c1f45f9080d5d0439.tar.bz2 | |
setup the backupninja module to enable specification of the location
of the ssh authorized_keys directories and files so that if you are
not using the standard location for authorized_keys files
($HOME/.ssh/authorized_keys) and instead using the
/etc/ssh/sshd_config option "AuthorizedKeysFile" you can then specify
where that will be.
For example, if your /etc/ssh/sshd_config has:
AuthorizedKeysFile /etc/ssh/authorized_keys/$u
then you could specify in the rdiff-backup definition the following
parameters:
...
ssh_dir => "/etc/ssh/authorized_keys",
authorized_keys_file => "${hostname}",
to create the file /etc/ssh/authorized_keys/${hostname} instead of the
default location (if unspecifed, the default is used).
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/rdiff.pp | 2 | ||||
| -rw-r--r-- | manifests/server.pp | 16 |
2 files changed, 13 insertions, 5 deletions
diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp index 580af87..fc2648e 100644 --- a/manifests/rdiff.pp +++ b/manifests/rdiff.pp @@ -35,7 +35,7 @@ define backupninja::rdiff($order = 90, case $type { 'remote': { case $host { false: { err("need to define a host for remote backups!") } } - backupninja::server::sandbox { "${user}-${name}": user => $user, host => $host, dir => $directory, installuser => $installuser, backuptag => $backuptag } + backupninja::server::sandbox { "${user}-${name}": user => $user, host => $host, dir => $directory, ssh_dir => $ssh_dir, authorized_keys_file => $authorized_keys_file, installuser => $installuser, backuptag => $backuptag } backupninja::client::key { "${user}-${name}": user => $user, host => $host, installkey => $installkey } } } diff --git a/manifests/server.pp b/manifests/server.pp index a49dc6b..a802b71 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -24,7 +24,7 @@ class backupninja::server { # this define allows nodes to declare a remote backup sandbox, that have to # get created on the server - define sandbox($user = false, $host = false, $installuser = true, $dir = false, $backupkeys = false, $uid = false, $gid = "backupninjas", $backuptag = false) { + define sandbox($user = false, $host = false, $installuser = true, $dir = false, $ssh_dir = false, $authorized_keys_file = false, $backupkeys = false, $uid = false, $gid = "backupninjas", $backuptag = false) $real_user = $name ? { false => $name, default => $user, @@ -42,6 +42,14 @@ class backupninja::server { false => "${backupninja::server::real_backupdir}/$fqdn", default => $dir, } + $real_ssh_dir = $ssh_dir ? { + false => ".ssh", + default => $ssh_dir, + } + $real_authorized_keys_file = $authorized_keys_file ? { + false => "authorized_keys", + default => $authorized_keys_file, + } $real_backuptag = $backuptag ? { false => "backupninja-$real_host", default => $backuptag, @@ -54,17 +62,17 @@ class backupninja::server { } case $installuser { true: { - @@file { "$real_dir/.ssh": + @@file { "${real_dir}/${real_ssh_dir}": ensure => directory, mode => 700, owner => $user, group => 0, require => File["$real_dir"], tag => "$real_backuptag", } - @@file { "$real_dir/.ssh/authorized_keys": + @@file { "${real_dir}/${real_ssh_dir}/${real_authorized_keys_file}": ensure => present, mode => 644, owner => 0, group => 0, source => "$real_backupkeys/${user}_id_rsa.pub", - require => File["$real_dir/.ssh"], + require => File["${real_dir}/${real_ssh_dir}"], tag => "$real_backuptag", } |