Commit 3f1d22f4 by Jocelyn Delalande

[rsync-mirror] added role.

parent 409890c4
Rsync mirroring client
======================
Allows to pull mirror copies via rsync+SSH to a local dir.
Interesting associated roles may be *rsync-server*.
The only defined var is a list of mirror settings, each mirror is independent:
- hosts: alice.example.com
vars:
rsync_mirror_mirrors:
- local_user: partage
remote_user: backup
local_path: /var/www/example.com
remote_path: /var/www/example.com
remote_host: bob.crapouillou.net
key:
name: mykey-mirror-example1.com
pvkey: >
TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVlciBhZGlwaXNjaW5nIGVsaXQs
IHNlZCBkaWFtIG5vbnVtbXkgbmliaCBldWlzbW9kIHRpbmNpZHVudCB1dCBsYW9yZWV0IGRvbG9y
ZSBtYWduYSBhbGlxdWFtIGVyYXQgdm9sdXRwYXQuIFV0IHdpc2kgZW5pbSBhZCBtaW5pbSB2ZW5p
YW0sIHF1aXMgbm9zdHJ1ZCBleGVyY2kgdGF0aW9uIHVsbGFtY29ycGVyIHN1c2NpcGl0IGxvYm9y
dGlzIG5pc2wgdXQgYWxpcXVpcCBleCBlYSBjb21tb2RvIGNvbnNlcXVhdC4gRHVpcyBhdXRlbSB2
ZWwgZXVtIGlyaXVyZSBkb2xvciBpbiBoZW5kcmVyaXQgaW4gdnVscHV0YXRlIHZlbGl0IGVzc2Ug
bW9sZXN0aWUgY29uc2VxdWF0LCB2ZWwgaWxsdW0gZG9sb3JlIGV1IGZldWdpYXQgbnVsbGEgZmFj
aWxpc2lzIGF0IHZlcm8gZXJvcyBldCBhY2N1bXNhbiBldCBpdXN0byBvZGlvIGRpZ25pc3NpbSBx
dWkgYmxhbmRpdCBwcmFlc2VudCBsdXB0YXR1bSB6enJpbCBkZWxlbml0IGF1Z3VlIGR1aXMgZG9s
b3JlIHRlIGZldWdhaXQgbnVsbGEgZmFjaWxpc2kuIE5hbSBsaWJlciB0ZW1wb3IgY3VtIHNvbHV0
YSBub2JpcyBlbGVpZmVuZCBvcHRpb24gY29uZ3VlIG5paGlsIGltcGVyZGlldCBkb21pbmcgaWQg
cXVvZCBtYXppbSBwbGFjZXJhdCBmYWNlciBwb3NzaW0gYXNzdW0uIFR5cGkgbm9uIGhhYmVudCBj
bGFyaXRhdGVtIGluc2l0YW07IGVzdCB1c3VzIGxlZ2VudGlzIGluIGlpcyBxdWkgZmFjaXQgZW9y
dW0gY2xhcml0YXRlbS4gSW52ZXN0aWdhdGlvbmVzIGRlbW9uc3RyYXZlcnVudCBsZWN0b3JlcyBs
ZWdlcmUgbWUgbGl1cyBxdW9kIGlpIGxlZ3VudCBzYWVwaXVzLiBDbGFyaXRhcyBlc3QgZXRpYW0g
cHJvY2Vzc3VzIGR5bmFtaWN1cywgcXVpIHNlcXVpdHVyIG11dGF0aW9uZW0gY29uc3VldHVkaXVt
IGxlY3RvcnVtLiBNaXJ1bSBlc3Qgbm90YXJlIHF1YW0gbGl0dGVyYSBnb3RoaWNhLCBxdWFtIG51
bmMgcHV0YW11cyBwYXJ1bSBjbGFyYW0sIGFudGVwb3N1ZXJpdCBsaXR0ZXJhcnVtIGZvcm1hcyBo
dW1hbml0YXRpcyBwZXIgc2VhY3VsYSBxdWFydGEgZGVjaW1hIGV0IHF1aW50YSBkZWNpbWEuIEVv
ZGVtIG1vZG8gdHlwaSwgcXVpIG51bmMgbm9iaXMgdmlkZW50dXIgcGFydW0gY2xhcmksIGZpYW50
IHNvbGxlbW5lcyBpbiBmdXR1cnVtLgo=
roles:
- {role: rsync-mirror, tags: ['rsync-mirror']}
The key is an SSH one you generated yourself (better use a dedicated key for
mirroring). It must be authorized on the server for the `remote_user` you set.
The `pvkey` is the base64 encoded value of that RSA private key file (base64 is
used to preserve line return in yaml var), it uses the multi-line yaml syntax.
base64 ~/.ssh/path-to-my-pv-key
Will give you the string you want. Storing the key as a variable allows to embed
it into a vaulted (encrypted) vars file.
The key `name` is something arbitrary you choose.
- name: Install rsync
apt: pkg=rsync state=installed
- name: Ensure user exist
user: name="{{ item.local_user }}" createhome=yes
with_items: rsync_mirror_mirrors
- name: Make mirror dir
file:
name: "{{ item.local_path }}"
state: directory
group: "{{ item.local_user }}"
owner: "{{ item.local_user }}"
mode: 0755
with_items: rsync_mirror_mirrors
- name: Make user ssh dir
file:
name: "~{{ item.local_user }}/.ssh/"
state: directory
group: "{{ item.local_user }}"
owner: "{{ item.local_user }}"
mode: 0700
with_items: rsync_mirror_mirrors
- name: Copy private_key
copy:
content: "{{ item.key.pvkey | b64decode }}"
dest: "~{{ item.local_user }}/.ssh/{{ item.key.name }}"
group: "{{ item.local_user }}"
owner: "{{ item.local_user }}"
mode: 0700
with_items: rsync_mirror_mirrors
- name: Find rsync server remote key
command: ssh-keyscan "{{ item.remote_host }}"
register: rsync_server_host_key
sudo_user: "{{ item.local_user }}"
with_items: rsync_mirror_mirrors
- name: Adds server host key if not already present
lineinfile: create=yes dest="/etc/ssh/ssh_known_hosts" line="{{ item.stdout }}" state=present
with_items: rsync_server_host_key.results
- name: Put mirroring script
template: src=rsync-mirror.j2 dest=/etc/cron.daily/rsync-mirror mode=0744
#!/bin/sh
# Managed by ansible
{% for mirror in rsync_mirror_mirrors %}
su {{ mirror.local_user }} -c 'rsync -az -e "ssh -i /home/{{ mirror.local_user }}/.ssh/{{ mirror.key.name }}" \
{{ mirror.remote_user }}@{{ mirror.remote_host }}:{{ mirror.remote_path }} {{ mirror.local_path }}'
{% endfor %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment