From 3296040c44ebe752223411bf4334403311961c0a Mon Sep 17 00:00:00 2001 From: Romain Courteaud <romain@nexedi.com> Date: Fri, 10 Nov 2017 17:31:30 +0100 Subject: [PATCH] software/backupserver: allow to directly backup from webrunner Replace dropbear by openssh. Use same rdiff-backup than provided by PBS. Allow to directly use an IPV6 address with a custom port. --- .../instance-pullrdiffbackup.cfg.in | 20 +++++++++---------- software/backupserver/software.cfg | 14 +++++++++---- .../backupserver/template-backup-script.sh.in | 2 +- 3 files changed, 20 insertions(+), 16 deletions(-) diff --git a/software/backupserver/instance-pullrdiffbackup.cfg.in b/software/backupserver/instance-pullrdiffbackup.cfg.in index 02fccf21e..e54ebad88 100644 --- a/software/backupserver/instance-pullrdiffbackup.cfg.in +++ b/software/backupserver/instance-pullrdiffbackup.cfg.in @@ -49,12 +49,13 @@ logfile = $${directory:log}/crond.log {% set frequency = slave_instance.get('frequency', '') -%} {% set hostname = slave_instance.get('hostname', '') -%} {% set connection = slave_instance.get('connection', '') -%} +{% set connection_port = slave_instance.get('connection_port', '22') -%} {% set include = slave_instance.get('include', '') -%} {% set include_string = "' --include='".join(include.split(' ')) -%} {% set exclude = slave_instance.get('exclude', '') -%} {% set exclude_string = '' -%} {% set sudo = slave_instance.get('sudo', 'False') -%} -{% set remote_schema = 'rdiff-backup --server --restrict-read-only / -- "$@"' -%} +{% set remote_schema = slave_instance.get('remote_rdiff_path', 'rdiff-backup') + ' --server --restrict-read-only / -- "$@"' -%} {% if (exclude != '') -%} {% set exclude_string = "' --exclude='".join(exclude.split(' ')) -%} @@ -73,23 +74,19 @@ directory = $${directory:backup}/$${:_buildout_section_name_} [{{ slave_reference }}-backup-private_key] recipe = plone.recipe.command -stop-on-error = false -command = ${dropbear-output:keygen} -t $${:type} -s 2048 -f $${:key} +stop-on-error = true +command = ${coreutils-output:rm} -f $${:key} $${:public_key} && ${openssh-output:keygen} -t $${:type} -b 2048 -f $${:key} -q -N "" key = $${directory:ssh}/$${:_buildout_section_name_} +public_key = $${:key}.pub +location = $${:public_key} type = rsa -[{{ slave_reference }}-backup-public_key] -recipe = plone.recipe.command -stop-on-error = true -command = ${coreutils-output:rm} -f $${:key} && ${dropbear-output:keygen} -y -f {{ '$${' ~ slave_reference }}-backup-private_key:key} | ${grep-output:grep} {{ '$${' ~ slave_reference }}-backup-private_key:type} > $${:key} -key = {{ '$${' ~ slave_reference }}-backup-private_key:key}.pub -location = $${:key} # Insert as a beginning part, to ensure that all public keys are generated before trying to publish. This will reduce the number of slapgrid-cp run. -{% do part_list.insert(0, "%s-backup-public_key" % slave_reference) -%} +{% do part_list.insert(0, "%s-backup-private_key" % slave_reference) -%} [{{ slave_reference }}-backup-read-public_key] recipe = slapos.cookbook:readline -storage-path = {{ '$${' ~ slave_reference }}-backup-public_key:key} +storage-path = {{ '$${' ~ slave_reference }}-backup-private_key:public_key} # Publish slave {{ slave_reference }} information [{{ slave_reference }}-backup-publish] @@ -107,6 +104,7 @@ mode = 0700 datadirectory = {{ '$${' ~ slave_reference }}-backup-directory:directory} sshkey = {{ '$${' ~ slave_reference }}-backup-private_key:key} connection = {{ connection }} +connection_port = {{ connection_port }} hostname = {{ hostname }} include = {{ include_string }} exclude_string = {{ exclude_string }} diff --git a/software/backupserver/software.cfg b/software/backupserver/software.cfg index 81940443d..4b84de552 100644 --- a/software/backupserver/software.cfg +++ b/software/backupserver/software.cfg @@ -10,7 +10,7 @@ extends = # ../../component/git/buildout.cfg # ../../component/subversion/buildout.cfg ../../component/rsync/buildout.cfg - ../../component/dropbear/buildout.cfg + ../../component/openssh/buildout.cfg ../../component/grep/buildout.cfg ../../component/findutils/buildout.cfg # ../../stack/flask.cfg @@ -67,7 +67,7 @@ mode = 0644 [template-backup-script] recipe = slapos.recipe.template url = ${:_profile_base_location_}/template-backup-script.sh.in -md5sum = 47b20031db3b575651d8515d5add23e6 +md5sum = fa79e0307e12e2f5b1f2adbd261995fc output = ${buildout:directory}/template-backup-script.sh.in mode = 0644 @@ -105,7 +105,7 @@ mode = 0644 [template-pullrdiffbackup] recipe = slapos.recipe.template url = ${:_profile_base_location_}/instance-pullrdiffbackup.cfg.in -md5sum = 061b98d001b501c9e1beb424e8802d3d +md5sum = e2a20871288e30ebc299cc29d4c596d2 output = ${buildout:directory}/template-pullrdiffbackup.cfg mode = 0644 @@ -116,8 +116,14 @@ md5sum = 42021b325159dff29e4bd4e33b8ff2f3 output = ${buildout:directory}/template.cfg mode = 0644 +[rdiff-backup] +eggs = + ${rdiff-backup-build-1.3.4:egg} + [versions] -rdiff-backup = 1.0.5+SlapOSPatched001 +# 1.3.4nxd2 is invalid version string, thus pached version string is not '1.3.4nxd2+SlapOSPatched001' +# but '1.3.4nxd2-SlapOSPatched001'. +rdiff-backup = 1.3.4nxd2-SlapOSPatched001 gunicorn = 19.1.1 plone.recipe.command = 1.1 slapos.recipe.template = 2.4.2 diff --git a/software/backupserver/template-backup-script.sh.in b/software/backupserver/template-backup-script.sh.in index 4b6dc8202..8d5ce6d90 100644 --- a/software/backupserver/template-backup-script.sh.in +++ b/software/backupserver/template-backup-script.sh.in @@ -18,7 +18,7 @@ ${rdiff-backup-output:rdiff-backup} \ $${:exclude_string} \ --include='$${:include}' \ --exclude='**' \ - --remote-schema '${dropbear-output:ssh} -T -y -i $${:sshkey} %s $${:remote_schema}' \ + --remote-schema '${openssh-output:ssh} -6 -q -T -y -o "StrictHostKeyChecking no" -i $${:sshkey} -p $${:connection_port} %s $${:remote_schema}' \ $${:connection}::/ ./ RESULT=$? -- 2.30.9