projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
d348da2
)
enable snapshotdb-manda-01.debian.org to read sallinen's backups
author
Peter Palfrader
<peter@palfrader.org>
Sat, 28 Sep 2019 19:45:14 +0000
(21:45 +0200)
committer
Peter Palfrader
<peter@palfrader.org>
Sat, 28 Sep 2019 19:45:14 +0000
(21:45 +0200)
data/common.yaml
patch
|
blob
|
history
data/nodes/snapshotdb-manda-01.debian.org.yaml
patch
|
blob
|
history
modules/postgres/manifests/backup_server.pp
patch
|
blob
|
history
modules/postgres/templates/backup_server/sshkeys-manual.erb
[deleted file]
patch
|
blob
|
history
modules/roles/manifests/init.pp
patch
|
blob
|
history
diff --git
a/data/common.yaml
b/data/common.yaml
index
d750bc0
..
3d4546b
100644
(file)
--- a/
data/common.yaml
+++ b/
data/common.yaml
@@
-69,15
+69,5
@@
paths:
auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
apt::sources::debian::location: 'https://deb.debian.org/debian/'
auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
apt::sources::debian::location: 'https://deb.debian.org/debian/'
-
-# all of these should be retired in favour of including the class role
-# with the host. weasel, 2019-09
-roles:
- postgresql_server:
- # these use pg-receive-file-from-backup which is defined in the
- # postgres::backup_source class. This should be
- # cleaned up and handled properly, including the ssh auth keys setup
- - snapshotdb-manda-01.debian.org
-
classes:
- base::includes
classes:
- base::includes
diff --git
a/data/nodes/snapshotdb-manda-01.debian.org.yaml
b/data/nodes/snapshotdb-manda-01.debian.org.yaml
index
f9d1e1c
..
b756c7b
100644
(file)
--- a/
data/nodes/snapshotdb-manda-01.debian.org.yaml
+++ b/
data/nodes/snapshotdb-manda-01.debian.org.yaml
@@
-1,2
+1,5
@@
classes:
- roles::snapshot_db
classes:
- roles::snapshot_db
+ - roles::postgresql::server
+
+postgres::backup_server::register_backup_clienthost::allow_read_hosts: ['sallinen']
diff --git
a/modules/postgres/manifests/backup_server.pp
b/modules/postgres/manifests/backup_server.pp
index
4e55a10
..
bf8efa0
100644
(file)
--- a/
modules/postgres/manifests/backup_server.pp
+++ b/
modules/postgres/manifests/backup_server.pp
@@
-52,9
+52,6
@@
class postgres::backup_server {
source => 'puppet:///modules/postgres/backup_server/postgres-make-one-base-backup',
mode => '0555'
}
source => 'puppet:///modules/postgres/backup_server/postgres-make-one-base-backup',
mode => '0555'
}
- file { "/etc/ssh/userkeys/${postgres::backup_server::globals::backup_unix_user}":
- content => template('postgres/backup_server/sshkeys-manual.erb'),
- }
ssh::authorized_key_collect { 'postgres::backup_server':
target_user => $postgres::backup_server::globals::backup_unix_user,
collect_tag => $postgres::backup_server::globals::tag_source_sshkey,
ssh::authorized_key_collect { 'postgres::backup_server':
target_user => $postgres::backup_server::globals::backup_unix_user,
collect_tag => $postgres::backup_server::globals::tag_source_sshkey,
diff --git
a/modules/postgres/templates/backup_server/sshkeys-manual.erb
b/modules/postgres/templates/backup_server/sshkeys-manual.erb
deleted file mode 100644
(file)
index
269a191
..0000000
--- a/
modules/postgres/templates/backup_server/sshkeys-manual.erb
+++ /dev/null
@@
-1,3
+0,0 @@
-# maintained manually in puppet
-# postgresql backups:
-command="/usr/local/bin/debbackup-ssh-wrap snapshotdb-manda-01 --read-allow=/srv/backups/pg/sallinen",restrict,from="82.195.75.73,2001:41b8:202:deb::311:73" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC53Sx/qzFL+GNrT01fP9tXpd9CjaOZuhLVHIOpoDQM5Nrr4DgbWA3vTghHpdpRHt18EmzWEmclTk3qej/vN6vBIG4cMc8EfpvEvXOLW2qQzMMrx5UeergUX76ie41B8yOCd9lf6H3G+rLqfBR6xEws39WgwTBRT86mKpolYDCJHX1Q8i85eJ/mw9FjHUENZYSxO4k5KBas2/G03+e+/J4TvgjyGbqCxc1RvmiMLE+cnfmeaprZuUbKkL0Df/mV2osuKStfG9ise/qtL0Kv318bsnYvXPDMdFWtFsR1lX2MpHfCFYWJd4bHtNOGSlixYbHcFlNFlSDessfLgpoKwWi3 postgres@snapshotdb-manda-01 (2019-05-23)
diff --git
a/modules/roles/manifests/init.pp
b/modules/roles/manifests/init.pp
index
6122e78
..
8ccc72f
100644
(file)
--- a/
modules/roles/manifests/init.pp
+++ b/
modules/roles/manifests/init.pp
@@
-1,10
+1,6
@@
# = Class: roles
#
class roles {
# = Class: roles
#
class roles {
- if has_role('postgresql_server') {
- include postgres::backup_source
- }
-
if $::keyring_debian_org_mirror {
include roles::keyring_debian_org_mirror
}
if $::keyring_debian_org_mirror {
include roles::keyring_debian_org_mirror
}