implemented new remote backup solution

2025-10-31 10:19:09 +00:00 · 2021-01-10 20:35:37 +01:00
parent 2328b411f6
commit dc0894f168
14 changed files with 120 additions and 10 deletions
--- a/roles/native-primary-backup/meta/main.yml
+++ b/roles/native-primary-backup/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+- native-user-backup
--- a/roles/native-primary-backup/readme.md
+++ b/roles/native-primary-backup/readme.md
@@ -0,0 +1,12 @@
+# role native-primary-backup-host
+
+## todo
+- add full system backup
+
+## see
+- https://www.thegeekstuff.com/2012/03/chroot-sftp-setup/
+- https://serverfault.com/questions/135618/is-it-possible-to-use-rsync-over-sftp-without-an-ssh-shell
+- https://forum.duplicati.com/t/sftp-ssh-backups-to-a-linux-server-with-added-security/7334
+- https://serverfault.com/questions/287578/trying-to-setup-chrootd-rsync
+- http://ramblings.narrabilis.com/using-rsync-with-ssh
+- https://wiki.archlinux.org/index.php/rsync
--- a/roles/native-primary-backup/tasks/main.yml
+++ b/roles/native-primary-backup/tasks/main.yml
@@ -0,0 +1,16 @@
+# Create sftp group
+# groupadd sftpusers
+# useradd -g sftpusers -d /incoming -s /sbin/nologin guestuser
+# passwd guestuser
+# grep guestuser /etc/passwd
+# usermod -g sftpusers -d /incoming -s /sbin/nologin john
+# Subsystem       sftp    internal-sftp > /etc/ssh/sshd_config
+# tail /etc/ssh/sshd_config
+# mkdir /sftp
+# mkdir /sftp/guestuser
+# mkdir /sftp/guestuser/incoming
+# chown guestuser:sftpusers /sftp/guestuser/incoming
+# ls -ld /sftp/guestuser/incoming
+# ls -ld /sftp/guestuser
+# ls -ld /sftp
+# service sshd restart