From 1c07afa774f62ff6df564e37bab79ac42d7032bf Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sat, 28 Sep 2019 21:45:14 +0200 Subject: [PATCH] enable snapshotdb-manda-01.debian.org to read sallinen's backups --- data/common.yaml | 10 ---------- data/nodes/snapshotdb-manda-01.debian.org.yaml | 3 +++ modules/postgres/manifests/backup_server.pp | 3 --- .../templates/backup_server/sshkeys-manual.erb | 3 --- modules/roles/manifests/init.pp | 4 ---- 5 files changed, 3 insertions(+), 20 deletions(-) delete mode 100644 modules/postgres/templates/backup_server/sshkeys-manual.erb diff --git a/data/common.yaml b/data/common.yaml index d750bc0d9..3d4546b14 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -69,15 +69,5 @@ paths: auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts' apt::sources::debian::location: 'https://deb.debian.org/debian/' - -# all of these should be retired in favour of including the class role -# with the host. weasel, 2019-09 -roles: - postgresql_server: - # these use pg-receive-file-from-backup which is defined in the - # postgres::backup_source class. This should be - # cleaned up and handled properly, including the ssh auth keys setup - - snapshotdb-manda-01.debian.org - classes: - base::includes diff --git a/data/nodes/snapshotdb-manda-01.debian.org.yaml b/data/nodes/snapshotdb-manda-01.debian.org.yaml index f9d1e1c7f..b756c7bf2 100644 --- a/data/nodes/snapshotdb-manda-01.debian.org.yaml +++ b/data/nodes/snapshotdb-manda-01.debian.org.yaml @@ -1,2 +1,5 @@ classes: - roles::snapshot_db + - roles::postgresql::server + +postgres::backup_server::register_backup_clienthost::allow_read_hosts: ['sallinen'] diff --git a/modules/postgres/manifests/backup_server.pp b/modules/postgres/manifests/backup_server.pp index 4e55a10a2..bf8efa042 100644 --- a/modules/postgres/manifests/backup_server.pp +++ b/modules/postgres/manifests/backup_server.pp @@ -52,9 +52,6 @@ class postgres::backup_server { source => 'puppet:///modules/postgres/backup_server/postgres-make-one-base-backup', mode => '0555' } - file { "/etc/ssh/userkeys/${postgres::backup_server::globals::backup_unix_user}": - content => template('postgres/backup_server/sshkeys-manual.erb'), - } ssh::authorized_key_collect { 'postgres::backup_server': target_user => $postgres::backup_server::globals::backup_unix_user, collect_tag => $postgres::backup_server::globals::tag_source_sshkey, diff --git a/modules/postgres/templates/backup_server/sshkeys-manual.erb b/modules/postgres/templates/backup_server/sshkeys-manual.erb deleted file mode 100644 index 269a191ba..000000000 --- a/modules/postgres/templates/backup_server/sshkeys-manual.erb +++ /dev/null @@ -1,3 +0,0 @@ -# maintained manually in puppet -# postgresql backups: -command="/usr/local/bin/debbackup-ssh-wrap snapshotdb-manda-01 --read-allow=/srv/backups/pg/sallinen",restrict,from="82.195.75.73,2001:41b8:202:deb::311:73" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC53Sx/qzFL+GNrT01fP9tXpd9CjaOZuhLVHIOpoDQM5Nrr4DgbWA3vTghHpdpRHt18EmzWEmclTk3qej/vN6vBIG4cMc8EfpvEvXOLW2qQzMMrx5UeergUX76ie41B8yOCd9lf6H3G+rLqfBR6xEws39WgwTBRT86mKpolYDCJHX1Q8i85eJ/mw9FjHUENZYSxO4k5KBas2/G03+e+/J4TvgjyGbqCxc1RvmiMLE+cnfmeaprZuUbKkL0Df/mV2osuKStfG9ise/qtL0Kv318bsnYvXPDMdFWtFsR1lX2MpHfCFYWJd4bHtNOGSlixYbHcFlNFlSDessfLgpoKwWi3 postgres@snapshotdb-manda-01 (2019-05-23) diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp index 6122e78ce..8ccc72fd4 100644 --- a/modules/roles/manifests/init.pp +++ b/modules/roles/manifests/init.pp @@ -1,10 +1,6 @@ # = Class: roles # class roles { - if has_role('postgresql_server') { - include postgres::backup_source - } - if $::keyring_debian_org_mirror { include roles::keyring_debian_org_mirror } -- 2.20.1