From d418a9191053726a4a0e4d4c1f45f9080d5d0439 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 31 Jul 2008 13:02:28 +0000 Subject: setup the backupninja module to enable specification of the location of the ssh authorized_keys directories and files so that if you are not using the standard location for authorized_keys files ($HOME/.ssh/authorized_keys) and instead using the /etc/ssh/sshd_config option "AuthorizedKeysFile" you can then specify where that will be. For example, if your /etc/ssh/sshd_config has: AuthorizedKeysFile /etc/ssh/authorized_keys/$u then you could specify in the rdiff-backup definition the following parameters: ... ssh_dir => "/etc/ssh/authorized_keys", authorized_keys_file => "${hostname}", to create the file /etc/ssh/authorized_keys/${hostname} instead of the default location (if unspecifed, the default is used). --- manifests/rdiff.pp | 2 +- manifests/server.pp | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 5 deletions(-) (limited to 'manifests') diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp index 580af87..fc2648e 100644 --- a/manifests/rdiff.pp +++ b/manifests/rdiff.pp @@ -35,7 +35,7 @@ define backupninja::rdiff($order = 90, case $type { 'remote': { case $host { false: { err("need to define a host for remote backups!") } } - backupninja::server::sandbox { "${user}-${name}": user => $user, host => $host, dir => $directory, installuser => $installuser, backuptag => $backuptag } + backupninja::server::sandbox { "${user}-${name}": user => $user, host => $host, dir => $directory, ssh_dir => $ssh_dir, authorized_keys_file => $authorized_keys_file, installuser => $installuser, backuptag => $backuptag } backupninja::client::key { "${user}-${name}": user => $user, host => $host, installkey => $installkey } } } diff --git a/manifests/server.pp b/manifests/server.pp index a49dc6b..a802b71 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -24,7 +24,7 @@ class backupninja::server { # this define allows nodes to declare a remote backup sandbox, that have to # get created on the server - define sandbox($user = false, $host = false, $installuser = true, $dir = false, $backupkeys = false, $uid = false, $gid = "backupninjas", $backuptag = false) { + define sandbox($user = false, $host = false, $installuser = true, $dir = false, $ssh_dir = false, $authorized_keys_file = false, $backupkeys = false, $uid = false, $gid = "backupninjas", $backuptag = false) $real_user = $name ? { false => $name, default => $user, @@ -42,6 +42,14 @@ class backupninja::server { false => "${backupninja::server::real_backupdir}/$fqdn", default => $dir, } + $real_ssh_dir = $ssh_dir ? { + false => ".ssh", + default => $ssh_dir, + } + $real_authorized_keys_file = $authorized_keys_file ? { + false => "authorized_keys", + default => $authorized_keys_file, + } $real_backuptag = $backuptag ? { false => "backupninja-$real_host", default => $backuptag, @@ -54,17 +62,17 @@ class backupninja::server { } case $installuser { true: { - @@file { "$real_dir/.ssh": + @@file { "${real_dir}/${real_ssh_dir}": ensure => directory, mode => 700, owner => $user, group => 0, require => File["$real_dir"], tag => "$real_backuptag", } - @@file { "$real_dir/.ssh/authorized_keys": + @@file { "${real_dir}/${real_ssh_dir}/${real_authorized_keys_file}": ensure => present, mode => 644, owner => 0, group => 0, source => "$real_backupkeys/${user}_id_rsa.pub", - require => File["$real_dir/.ssh"], + require => File["${real_dir}/${real_ssh_dir}"], tag => "$real_backuptag", } -- cgit v1.2.3