+# register this host at the backup servers
#
+# This class set up the ssh authorization on the backup servers
+# so this client can push WAL segments.
define postgres::backup_server::register_backup_clienthost (
- $sshpubkey = $::postgresql_key,
- $ipaddrlist = join(getfromhash($site::nodeinfo, 'ldap', 'ipHostNumber'), ","),
- $hostname = $::hostname,
) {
- include postgres::backup_server::globals
+ include postgres::backup_server::globals
- if $sshpubkey {
- $addr = assert_type(String[1], $ipaddrlist)
- @@concat::fragment { "postgresql::server::backup-source-clienthost::$name::$fqdn":
- target => $postgres::backup_server::globals::sshkeys_sources ,
- content => @("EOF"),
- ${hostname} ${addr} ${sshpubkey}
- | EOF
- tag => $postgres::backup_server::globals::tag_source_sshkey,
- }
- }
+ $ssh_command = "/usr/local/bin/debbackup-ssh-wrap ${::hostname}"
+
+ ssh::authorized_key_add { 'register_backup_clienthost':
+ target_user => $postgres::backup_server::globals::backup_unix_user,
+ key => dig($facts, 'ssh_keys_users', 'postgres', 'id_rsa.pub', 'line'),
+ command => $ssh_command,
+ from => $base::public_addresses,
+ collect_tag => $postgres::backup_server::globals::tag_source_sshkey,
+ }
}