kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented working secure backup

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2021-01-11 14:14:36 +01:00
parent dc0894f168
commit dc4ddb6b27
7 changed files with 66 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/native-user-backup/templates/authorized_keys.j2
View File

@@ -1,3 +1 @@
#command="/bin/echo You invoked: $SSH_ORIGINAL_COMMAND" {{authorized_keys}}
#command='rsync -abvv --delete --delete-excluded --rsync-path="sudo rsync" --log-file="$log_path" --backup-dir="$diff_path" "$remote_source_path" "$latest_path"',no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding {{authorized_keys}}
{{authorized_keys}}
command="/home/backup/ssh-wrapper.sh" {{authorized_keys}}

24
roles/native-user-backup/templates/ssh-wrapper.sh.j2 Normal file
View File

@@ -0,0 +1,24 @@
#!/bin/sh
# log
if [ -n "$SSH_ORIGINAL_COMMAND" ]
then
echo "`/bin/date`: $SSH_ORIGINAL_COMMAND" >> $HOME/ssh-command-log
fi
# filter commands
case "$SSH_ORIGINAL_COMMAND" in
"sha256sum /etc/machine-id")
sha256sum /etc/machine-id
;;
"find /Backups/{{hashed_machine_id.stdout}}/ -maxdepth 1 -type d")
find /Backups/{{hashed_machine_id.stdout}}/ -maxdepth 1 -type d
;;
"sudo rsync --server --sender -blogDtpre.iLsfxCIvu --backup-dir /Backups/{{hashed_machine_id.stdout}}/docker-volume-backup/diffs/current/ . /Backups/{{hashed_machine_id.stdout}}/docker-volume-backup/latest/")
sudo rsync --server --sender -blogDtpre.iLsfxCIvu --backup-dir /Backups/{{hashed_machine_id.stdout}}/docker-volume-backup/diffs/current/ . /Backups/{{hashed_machine_id.stdout}}/docker-volume-backup/latest/
;;
*)
echo "This command is not supported."
exit 1
;;
esac