Compare commits
4 Commits
5a801da7b2
...
17d9418708
Author | SHA1 | Date |
---|---|---|
Ricard Illa | 17d9418708 | |
Ricard Illa | c87cae2437 | |
Ricard Illa | 5c35bd5872 | |
Ricard Illa | 0b884b4601 |
|
@ -0,0 +1,34 @@
|
||||||
|
transaction_log /var/log/btrbk.log
|
||||||
|
lockfile /run/lock/btrbk.lock
|
||||||
|
timestamp_format long
|
||||||
|
snapshot_create onchange
|
||||||
|
|
||||||
|
snapshot_preserve 24h 7d 0w 0m 0y
|
||||||
|
snapshot_preserve_min latest
|
||||||
|
target_preserve 0h 14d 6w 4m 1y
|
||||||
|
target_preserve_min latest
|
||||||
|
archive_preserve 0h 1d 1w 1m 1y
|
||||||
|
archive_preserve_min latest
|
||||||
|
|
||||||
|
incremental yes
|
||||||
|
ssh_identity /etc/btrbk/id_ed25519
|
||||||
|
ssh_user btrbk
|
||||||
|
backend btrfs-progs-doas
|
||||||
|
|
||||||
|
compat_remote busybox
|
||||||
|
|
||||||
|
volume /mnt/btr_pool
|
||||||
|
snapshot_dir btrbk_snapshots
|
||||||
|
target ssh://suricata/mnt/btr_backup/narwhal
|
||||||
|
subvolume backups
|
||||||
|
subvolume books
|
||||||
|
subvolume certs
|
||||||
|
subvolume data
|
||||||
|
subvolume docker_volumes
|
||||||
|
subvolume home
|
||||||
|
subvolume home-data
|
||||||
|
subvolume http
|
||||||
|
subvolume music
|
||||||
|
subvolume secrets
|
||||||
|
subvolume transmission
|
||||||
|
subvolume videos
|
|
@ -1,9 +1,23 @@
|
||||||
timestamp_format long
|
transaction_log /var/log/btrbk.log
|
||||||
snapshot_preserve_min 18h
|
lockfile /run/lock/btrbk.lock
|
||||||
snapshot_preserve 48h
|
timestamp_format long
|
||||||
|
snapshot_create onchange
|
||||||
|
|
||||||
transaction_log /var/log/btrbk.log
|
snapshot_preserve 24h 7d 0w 0m 0y
|
||||||
|
snapshot_preserve_min latest
|
||||||
|
target_preserve 0h 14d 6w 4m 1y
|
||||||
|
target_preserve_min latest
|
||||||
|
archive_preserve 0h 1d 1w 1m 1y
|
||||||
|
archive_preserve_min latest
|
||||||
|
|
||||||
|
incremental yes
|
||||||
|
ssh_identity /etc/btrbk/id_ed25519
|
||||||
|
ssh_user btrbk
|
||||||
|
backend btrfs-progs-doas
|
||||||
|
|
||||||
|
compat_local busybox
|
||||||
|
|
||||||
volume /mnt/btr_pool
|
volume /mnt/btr_pool
|
||||||
snapshot_dir btrbk_snapshots
|
snapshot_dir btrbk_snapshots
|
||||||
subvolume home
|
subvolume home
|
||||||
|
subvolume rancher_config
|
||||||
|
|
|
@ -23,30 +23,17 @@
|
||||||
src: "host_files/btrbk/{{ ansible_hostname }}/btrbk.conf"
|
src: "host_files/btrbk/{{ ansible_hostname }}/btrbk.conf"
|
||||||
dest: /etc/btrbk/btrbk.conf
|
dest: /etc/btrbk/btrbk.conf
|
||||||
|
|
||||||
- name: make btrbk user ssh directory
|
- name: copy btrbk ssh key
|
||||||
file:
|
|
||||||
state: directory
|
|
||||||
path: /var/lib/btrbk/.ssh
|
|
||||||
owner: btrbk
|
|
||||||
|
|
||||||
- name: copy btrbk user ssh key
|
|
||||||
copy:
|
copy:
|
||||||
src: id_ed25519
|
src: id_ed25519
|
||||||
dest: /var/lib/btrbk/.ssh/id_ed25519
|
dest: /etc/btrbk/id_ed25519
|
||||||
owner: btrbk
|
owner: btrbk
|
||||||
mode: '0400'
|
mode: '0400'
|
||||||
|
|
||||||
- name: copy btrbk user ssh public key
|
|
||||||
copy:
|
|
||||||
src: id_ed25519.pub
|
|
||||||
dest: /var/lib/btrbk/.ssh/id_ed25519.pub
|
|
||||||
owner: btrbk
|
|
||||||
mode: '0644'
|
|
||||||
|
|
||||||
- name: copy btrbk user ssh public key to authorized_keys
|
- name: copy btrbk user ssh public key to authorized_keys
|
||||||
copy:
|
copy:
|
||||||
src: id_ed25519.pub
|
src: id_ed25519.pub
|
||||||
dest: /var/lib/btrbk/.ssh/authorized_keys
|
dest: /etc/ssh/authorized_keys/btrbk
|
||||||
owner: btrbk
|
owner: btrbk
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
|
|
||||||
|
@ -54,7 +41,4 @@
|
||||||
lbu:
|
lbu:
|
||||||
include:
|
include:
|
||||||
- /usr/local/bin/btrbk
|
- /usr/local/bin/btrbk
|
||||||
- /var/lib/btrbk/.ssh/id_ed25519
|
|
||||||
- /var/lib/btrbk/.ssh/id_ed25519.pub
|
|
||||||
- /var/lib/btrbk/.ssh/authorized_keys
|
|
||||||
when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]
|
when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]
|
||||||
|
|
|
@ -6,6 +6,11 @@
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
owner: root
|
owner: root
|
||||||
|
|
||||||
|
- name: create authorized_keys directory
|
||||||
|
file:
|
||||||
|
state: directory
|
||||||
|
path: /etc/ssh/authorized_keys
|
||||||
|
|
||||||
- name: setup host ssh certificates
|
- name: setup host ssh certificates
|
||||||
include_tasks: certs.yml
|
include_tasks: certs.yml
|
||||||
|
|
||||||
|
|
|
@ -38,7 +38,7 @@ PubkeyAuthentication yes
|
||||||
|
|
||||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
||||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||||
AuthorizedKeysFile .ssh/authorized_keys
|
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
|
||||||
|
|
||||||
#AuthorizedPrincipalsFile none
|
#AuthorizedPrincipalsFile none
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue