Ajout rsync dans bcfg2

Ajout de rsync dans bcfg2 pour les "clients" du backup (ce sont en fait des serveurs) Par ailleurs, deplacement de rsyncd.secrets dans /etc/crans/secrets. darcs-hash:20080624031852-ddb99-67811651a7cd4a0c1e73c43f3cc67bfc6c49074d.gz
2008-06-24 05:18:52 +02:00 · 2008-06-24 05:18:52 +02:00 · a85fa34e9f
commit a85fa34e9f
parent b17e8a569d
6 changed files with 103 additions and 1 deletions
--- a/Bundler/rsync-client.xml
+++ b/Bundler/rsync-client.xml
@ -0,0 +1,6 @@
+<Bundle name="rsync-client">
+  <ConfigFile name="/etc/rsyncd.conf"/>
+  <ConfigFile name="/etc/default/rsync"/>
+  <Package name="rsync"/>
+  <Service name="rsync"/>
+</Bundle>
--- a/Cfg/etc/default/rsync/info.xml
+++ b/Cfg/etc/default/rsync/info.xml
@ -0,0 +1,3 @@
+<FileInfo>
+    <Info owner='root' group='root' perms='0644'/>
+</FileInfo>
--- a/Cfg/etc/default/rsync/rsync
+++ b/Cfg/etc/default/rsync/rsync
@ -0,0 +1,36 @@
+# Fichier gere par BCfg2 (plugin Cfg)
+#
+# A ne modifier que sur vert
+
+# defaults file for rsync daemon mode
+
+# start rsync in daemon mode from init.d script?
+#  only allowed values are "true", "false", and "inetd"
+#  Use "inetd" if you want to start the rsyncd from inetd,
+#  all this does is prevent the init.d script from printing a message
+#  about not starting rsyncd (you still need to modify inetd's config yourself).
+RSYNC_ENABLE=true
+
+# which file should be used as the configuration file for rsync.
+# This file is used instead of the default /etc/rsyncd.conf
+# Warning: This option has no effect if the daemon is accessed
+#          using a remote shell. When using a different file for
+#          rsync you might want to symlink /etc/rsyncd.conf to
+#          that file.
+# RSYNC_CONFIG_FILE=
+
+# what extra options to give rsync --daemon?
+#  that excludes the --daemon; that's always done in the init.d script
+#  Possibilities are:
+#   --address=123.45.67.89              (bind to a specific IP address)
+#   --port=8730                         (bind to specified port; default 873)
+RSYNC_OPTS=''
+
+# run rsyncd at a nice level?
+#  the rsync daemon can impact performance due to much I/O and CPU usage,
+#  so you may want to run it at a nicer priority than the default priority.
+#  Allowed values are 0 - 19 inclusive; 10 is a reasonable value.
+RSYNC_NICE=''
+
+# Don't forget to create an appropriate config file,
+# else the daemon will not start.
--- a/Metadata/groups.xml
+++ b/Metadata/groups.xml
@ -163,6 +163,7 @@
    <Group name="crans"/>
    <Group name="news-server"/>
    <Group name="http-server"/>
+    <Group name="backup-client"/>
  </Group>

  <Group name="o2"
@ -732,7 +733,7 @@

  <Group name="rsync"
     category="backup-client-backend">
-    <!-- TODO: a implementer -->
+    <Bundle name="rsync-client"/>
  </Group>

  <Group name="cups"
--- a/Python/etc/rsyncd.conf
+++ b/Python/etc/rsyncd.conf
@ -0,0 +1,54 @@
+# -*- coding: utf-8; mode: python -*-
+
+include("secrets")
+
+info["perms"] = 0644
+header("Fichier de configuration de rsync")
+
+@# GLOBAL OPTIONS
+@log file=/var/log/rsyncd
+@# for pid file, dont' use /var/run/rsync.pid unless you're not going to run
+@# rsync out of the init.d script. The /var/run/rsyncd.pid below is OK.
+@pid file=/var/run/rsyncd.pid
+@syslog facility=daemon
+@
+@uid = root
+@gid = root
+@use chroot = no
+@read only = yes
+@# On ne liste pas les modules
+@list = no
+@#max connections=2
+@ignore errors = no
+@ignore nonreadable = yes
+@# ne loggue pas tous les fichiers
+@transfer logging = no 
+@dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
+@# verifie les droits de /etc/rsyncd.secrets
+@strict modes = yes
+@# personne n'accede aux modules par defaut
+@hosts deny = * 
+@
+@# MODULE OPTIONS
+
+backup_folders = {'canard' : [('slash', '/'), ('usr', '/usr'), ('var', '/var')],
+                  'egon' : [('var', '/var'), ('slash', '/'), ('usr', '/usr')],
+		  'komaz' : [('var', '/var'), ('slash', '/')],
+		  'pegase' : [('var', '/var'), ('usr', '/usr'), ('slash', '/'), ('codegem', '/backup/Codegem')],
+		  'mouton' : [('slash', '/')],
+                  'news' : [('news-spool', '/var/spool/news'), ('news-lib', '/var/lib/news')],
+		  'ragnarok' : [('slash', '/'), ('home', '/home'), ('usr', '/usr'), ('usr-local', '/usr/local'), ('var', '/var')],
+		  'rouge' : [('var', '/var'), ('slash', '/'), ('usr', '/usr'), ('wiki', '/var/local/wiki'), ('mailman', '/var/lib/mailman')],
+		  'sable' : [('slash', '/'), ('usr', '/usr'), ('var', '/var'), ('log-squid', '/var/log/squid')],
+		  'sila' : [('slash', '/'), ('usr', '/usr'), ('var', '/var'), ('log-squid', '/var/log/squid'), ('tla', '/pubftp/tla'), ('installparty', '/pubftp/pub/Install-party/Affiches')],
+		  'vert' : [('home', '/home'), ('var', '/var'), ('mail', '/var/mail'), ('usr', '/usr'), ('slash', '/'), ('mnt', '/mnt'), ('root', "/root\n\tinclude = +*.asc -*")],
+		  'zamok' : [('var', '/var'), ('slash', '/'), ('usr', '/usr')]
+                 }.get(hostname, -1)
+
+for (name,folder) in backup_folders:
+	print "[%s]" % name
+	print "\tpath = %s" % folder
+	print "\tauth users = backupcrans"
+	print "\tsecrets file = /etc/crans/secrets/rsyncd.secrets"
+	print "\thosts allow = pegase.adm.crans.org 10.231.136.18"
+	print ""
--- a/Rules/rules.xml
+++ b/Rules/rules.xml
@ -37,6 +37,8 @@
  <Directory name="/mirror/apt-mirror/var" owner="apt-mirror" group="apt-mirror" perms="0755"/>
  <Directory name="/mirror/apt-mirror/skel" owner="apt-mirror" group="apt-mirror" perms="0755"/>
  <Directory name="/mirror/apt-mirror/mirror" owner="apt-mirror" group="apt-mirror" perms="0755"/>
+  
+  <Service name="rsync" status="on"/>

  <Service name="ssh" status="on"/>