From 7b5f8bd99839bcbd9080209121f58f9aee5a9831 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sat, 28 Sep 2019 18:50:39 +0200 Subject: [PATCH] switch seger to modern pg backup config fu --- data/common.yaml | 1 - data/nodes/seger.debian.org.yaml | 1 + modules/ferm/manifests/per_host.pp | 7 ------- .../backup_server/dsa-check-backuppg-manual.conf.erb | 2 -- .../templates/backup_server/postgres-make-base-backups.erb | 1 - .../postgres/templates/backup_server/sshkeys-manual.erb | 1 - 6 files changed, 1 insertion(+), 12 deletions(-) diff --git a/data/common.yaml b/data/common.yaml index f8fdd455e..5738eb5c8 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -81,7 +81,6 @@ roles: - buxtehude.debian.org - lw07.debian.org - sallinen.debian.org - - seger.debian.org - snapshotdb-manda-01.debian.org classes: diff --git a/data/nodes/seger.debian.org.yaml b/data/nodes/seger.debian.org.yaml index 070e13860..40d6321ad 100644 --- a/data/nodes/seger.debian.org.yaml +++ b/data/nodes/seger.debian.org.yaml @@ -1,3 +1,4 @@ --- classes: + - roles::postgresql::server - roles::security_master diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp index 07995cb46..b2a60090d 100644 --- a/modules/ferm/manifests/per_host.pp +++ b/modules/ferm/manifests/per_host.pp @@ -209,13 +209,6 @@ class ferm::per_host { | EOF } } - seger: { - ferm::rule { 'dsa-postgres-backup': - description => 'Allow postgress access', - domain => '(ip ip6)', - rule => '&SERVICE_RANGE(tcp, 5432, ( $HOST_PGBACKUPHOST ))' - } - } sallinen: { ferm::rule { 'dsa-postgres': description => 'Allow postgress access', diff --git a/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb b/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb index 2eab07929..4701c73dc 100644 --- a/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb +++ b/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb @@ -11,5 +11,3 @@ backups: main: debsources: retention: 1209600 - seger: - dak: diff --git a/modules/postgres/templates/backup_server/postgres-make-base-backups.erb b/modules/postgres/templates/backup_server/postgres-make-base-backups.erb index 8b1124044..56d7f7777 100755 --- a/modules/postgres/templates/backup_server/postgres-make-base-backups.erb +++ b/modules/postgres/templates/backup_server/postgres-make-base-backups.erb @@ -165,7 +165,6 @@ while read host port username cluster version; do fi fi done << EOF -seger.debian.org 5432 debian-backup dak 9.6 bmdb1.debian.org 5435 debian-backup main 9.6 bmdb1.debian.org 5440 debian-backup debsources 9.6 sallinen.debian.org 5473 debian-backup snapshot 9.6 diff --git a/modules/postgres/templates/backup_server/sshkeys-manual.erb b/modules/postgres/templates/backup_server/sshkeys-manual.erb index 97d3dfd21..2887dfe30 100644 --- a/modules/postgres/templates/backup_server/sshkeys-manual.erb +++ b/modules/postgres/templates/backup_server/sshkeys-manual.erb @@ -5,5 +5,4 @@ command="/usr/local/bin/debbackup-ssh-wrap bmdb1 --read-allow=/srv/backups/pg/fa command="/usr/local/bin/debbackup-ssh-wrap chopin",restrict,from="2001:8d8:580:400:6564:a62::3,195.20.242.124" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtJ54j48JZRNVRaCeIsRwuw3/gfBgpz9TCR1PUd+NfugscrR9xlYAac+DD7GuGkVb1FZuZLGTkrrg+Ziis5ZOEaib/WxjmdTM0FLLw+3shTaBbPP4snWj+H31wA+SS6b9bqVikaZYq3ZRO3Nt8eScphpoU4sw3BgUGE+lNgjFCx+Y6zasRon/KU+YKHtKYKMg/8Ams551oaCBPP0tXGWAeoiDAHq/PUWaaK4jyu+a2BAP/fQ2OovXsM6t+0pRpdtxCBV1kgKtgJnbV1xEFpFRvpBMQv+BQb8M4eVUJ1DgyOT4Ew3Zl1XYNvCT/YMoYOElOmRio1aD9+dh7CZCfWlYMw== postgres@chopin (20101213) command="/usr/local/bin/debbackup-ssh-wrap lw07 --read-allow=/srv/backups/pg/sallinen",restrict,from="185.17.185.187,2001:1af8:4020:b030:deb::187" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiLZIqnyKrsfoT1sQdbuUsOoqW1t71Sv8hpJj9yLzrSFq/YCnho9G2Q/LJm4sMB4W64uQMUX6oLsqsgIBbOZw71CBRou41zwS/D+7+sjiPy1aVXp+L+fAXqLdemCUYqXAm0bGTLboGmlDSG3/r3v3B2+vqwAoHaC/GwuoNgvHq+sfxZPo/9cDRlTyE0ktyxwdUN+czxyLtDPqz3CucOHX03p8F3lNEwFUCGIVAkP4zxZsiEjD+eCbWam0bVFoWnfXYcmf2GYKEy2PQp0ksXmbsnRIblW5zoKdEXeDjwSStFHtjqkJw2TdPLUGSXljCgy9OCXYVMUrFnXw2Ak88KYpV postgres@lw07 (20140713) command="/usr/local/bin/debbackup-ssh-wrap snapshotdb-manda-01 --read-allow=/srv/backups/pg/sallinen",restrict,from="82.195.75.73,2001:41b8:202:deb::311:73" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC53Sx/qzFL+GNrT01fP9tXpd9CjaOZuhLVHIOpoDQM5Nrr4DgbWA3vTghHpdpRHt18EmzWEmclTk3qej/vN6vBIG4cMc8EfpvEvXOLW2qQzMMrx5UeergUX76ie41B8yOCd9lf6H3G+rLqfBR6xEws39WgwTBRT86mKpolYDCJHX1Q8i85eJ/mw9FjHUENZYSxO4k5KBas2/G03+e+/J4TvgjyGbqCxc1RvmiMLE+cnfmeaprZuUbKkL0Df/mV2osuKStfG9ise/qtL0Kv318bsnYvXPDMdFWtFsR1lX2MpHfCFYWJd4bHtNOGSlixYbHcFlNFlSDessfLgpoKwWi3 postgres@snapshotdb-manda-01 (2019-05-23) -command="/usr/local/bin/debbackup-ssh-wrap seger",restrict,from="82.195.75.93,2001:41b8:202:deb::311:93" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuLyOZP0eJvTEVXoI0K5xJw2OLZkaJ3yl7Gko/YfhhBebxEB9R0xu97zkiKqitmWm61BZSapdIqlUeMd+t/UgjcqpffXkGz0nx99YZgY0lq3WA4MLZiRrZGnfSzjSvcdSFXDlmv20+txEuf05h26BJUAsjQaugNd0641WPWoLK3+sHc4ZXga7//M6bia8b7n3iYCeVc8UHyjWsSPq/+QyTa49+ZXYLIraGOpZbQG276ywLm4eDc8VWalw7mB0cWJTIM9NGTSVQPEP8bvY9MqzvmmnltjyQ4Mk+PQHobMzlb99HXMNGZpM8fpHZgLjcnCurHtFGYiMBt3MlDJzA9Egp postgres@seger command="/usr/local/bin/debbackup-ssh-wrap sallinen",restrict,from="193.62.202.26,2001:630:206:4000:1a1a:0:c13e:ca1a" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+kslXxLI6dGRSJoHKnKpWMcTdvlMM4KbrPPDzhijemmxo2lpMRSuvzc98UE2zy4fDSWFbid1drf8XC/BwwNRLnJGFcMjJ42JcDBz9zALQfgmhFzgxFRJFsHgXxq/GJNqvq9i2Mk1dV8wpQgJNToYU5XHJjkLCT2ucV9jUZ1ZRFaLxrnM7uMXPH8HJ1vqTRHMrq/YghUMJHDBLK8ukChs2uEOYJxODJkYdbSFUC//KVScFnDC0WhhDtjCuIn4USY3KNJ9GrxhNSFc/O0XWKFAc2ntzk0d7WDH6O+9izkesXugq/ICFmDIGu4OXCnQYWdQQVsaAlFkD5lgbcw+7wG77 postgres@sallinen (2018-01-04) -- 2.20.1