Merged client playbook and server playbook

2025-09-05 09:51:37 +02:00 · 2023-04-18 14:52:43 +02:00
parent 2c76f99dd1
commit ec0dbee7bb
341 changed files with 153 additions and 811 deletions
--- a/roles/server_native-user-backup/templates/authorized_keys.j2
+++ b/roles/server_native-user-backup/templates/authorized_keys.j2
@@ -0,0 +1,3 @@
+{% for authorized_key in authorized_keys_list %}
+command="/home/backup/ssh-wrapper.sh" {{authorized_key}}
+{% endfor %}
--- a/roles/server_native-user-backup/templates/ssh-wrapper.sh.j2
+++ b/roles/server_native-user-backup/templates/ssh-wrapper.sh.j2
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# log command
+if [ -n "$SSH_ORIGINAL_COMMAND" ]
+then
+  echo "`/bin/date`: $SSH_ORIGINAL_COMMAND" | systemd-cat -t "ssh-wrapper.sh"
+fi
+
+# define executable commands
+get_hashed_machine_id="sha256sum /etc/machine-id";
+get_backup_types="find /Backups/{{hashed_machine_id.stdout}}/ -maxdepth 1 -type d -execdir basename {} ;";
+
+# @todo This configuration is not scalable yet. If other backup services then docker-volume-backup are integrated, this logic needs to be optimized
+get_static_last_version_dir="readlink -f /Backups/{{hashed_machine_id.stdout}}/docker-volume-backup/latest"
+rsync_command="sudo rsync --server --sender -blogDtpre.iLsfxCIvu . $($get_static_last_version_dir)/"
+
+# filter commands
+case "$SSH_ORIGINAL_COMMAND" in
+	"$get_hashed_machine_id")
+		$get_hashed_machine_id
+		;;
+	"$get_static_last_version_dir")
+		$get_static_last_version_dir
+		;;
+	"$get_backup_types")
+		$get_backup_types
+		;;
+	"$rsync_command")
+		$rsync_command
+		;;
+	*)
+		echo "This command is not supported."
+		exit 1
+		;;
+esac