Converting to Git
Old log from Bazaar was: ------------------------------------------------------------ revno: 6 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Tue 2016-05-17 15:59:19 -0500 message: Fixing Crontab issue on client install Updating server backup scripts to be smarter for user conf. ------------------------------------------------------------ revno: 5 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Fri 2016-05-06 14:26:00 -0500 message: Should be a | not a > ------------------------------------------------------------ revno: 4 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Fri 2016-05-06 14:24:21 -0500 message: Updating Makefile and ignore list ------------------------------------------------------------ revno: 3 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Thu 2016-04-21 15:38:52 -0500 message: Filling out README and adding key creation to Makefile ------------------------------------------------------------ revno: 2 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Thu 2016-04-21 15:30:52 -0500 message: Adding ignore list ------------------------------------------------------------ revno: 1 committer: dev <dev@aninix.net> branch nick: Aether timestamp: Wed 2016-04-20 16:14:34 -0500 message: Initial branch -- NOT committing SSH keys or archive.
This commit is contained in:
dev
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
@@ -0,0 +1,4 @@
|
||||
aether
|
||||
aether.pub
|
||||
aether.tar.gz
|
||||
nodeslist
|
||||
43
Makefile
Normal file
43
Makefile
Normal file
@@ -0,0 +1,43 @@
|
||||
SHELL := /bin/bash
|
||||
|
||||
null:
|
||||
@echo You must specify client or server in a call to make.
|
||||
|
||||
client: user aether.bash
|
||||
cp aether.bash /home/aether/aether.bash
|
||||
chown aether /home/aether/aether.bash
|
||||
chmod 0700 /home/aether/aether.bash
|
||||
/home/aether/aether.bash
|
||||
echo '0 1 * * * /home/aether/aether.bash &>> /var/log/aether.log' | su cford -c "crontab"
|
||||
touch /var/log/aether.log
|
||||
chown aether:aether /var/log/aether.log
|
||||
|
||||
server: user aether-gen.bash aether.pub server-backup
|
||||
bash ./aether-gen.bash
|
||||
cp ./aether.pub /home/aether/.ssh/authorized_keys
|
||||
chmod 0600 /home/aether/.ssh/authorized_keys
|
||||
chown aether /home/aether/.ssh/authorized_keys
|
||||
mkdir /usr/local/etc/Aether
|
||||
chown aether /usr/local/etc/Aether
|
||||
chmod 0700 /usr/local/etc/Aether
|
||||
touch /usr/local/etc/Aether/nodeslist
|
||||
@echo You have the files. Add aether-gen.bash and server-backup to root's crontab.
|
||||
@echo Track client nodes in /usr/local/etc/Aether/nodeslist
|
||||
|
||||
user: aether make-user.bash
|
||||
/bin/bash ./make-user.bash
|
||||
|
||||
tar: aether.bash aether make-user.bash
|
||||
tar cvf aether.tar aether.bash aether Makefile make-user.bash
|
||||
gzip aether.tar
|
||||
|
||||
node-command:
|
||||
@echo -ne 'bzr checkout bzr://aninix.net/Aether'
|
||||
@echo
|
||||
@echo -ne 'cd Aether; cat > aether # Paste the private key'
|
||||
@echo
|
||||
@echo -ne 'make client'
|
||||
@echo
|
||||
|
||||
keys:
|
||||
ssh-keygen -t rsa -P "" -f aether
|
||||
3
README.bzr
Normal file
3
README.bzr
Normal file
@@ -0,0 +1,3 @@
|
||||
The Aether project is a way to back up server configuration, source code, and file lists to remote locations. These remote locations should be securely controlled by the same administrative staff as the server owner.
|
||||
|
||||
To create the aether and aether.pub files, run "make keys". This should not be repeated.
|
||||
33
aether-gen.bash
Executable file
33
aether-gen.bash
Executable file
@@ -0,0 +1,33 @@
|
||||
#!/bin/bash
|
||||
|
||||
export LOGFILE="/var/log/aether-gen.log"
|
||||
|
||||
cd /home/aether
|
||||
|
||||
date >> $LOGFILE
|
||||
|
||||
mkdir -p target
|
||||
|
||||
# Get a list of what's in Yggdrasil, in case we need to go hunting.
|
||||
echo "Getting file list..."
|
||||
find /srv/yggdrasil/ > target/Yggdrasil_file_list.txt
|
||||
|
||||
# Copy the nonrecoverable data to the target location.
|
||||
rsync -azl --delete-after /usr/local/src/ target/src/
|
||||
rsync -azl --delete-after /usr/local/etc/ target/etc/
|
||||
rsync -azl --delete-after /usr/local/backup target/
|
||||
|
||||
date > target/last-updated
|
||||
|
||||
echo Creating and compressing archive...
|
||||
tar cvf aether.tar target
|
||||
gzip -f aether.tar
|
||||
|
||||
echo Encrypting archive
|
||||
openssl enc -aes256 -pass file:/usr/local/etc/Aether/pass.txt -in aether.tar.gz -out aether.enc
|
||||
rm aether.tar.gz
|
||||
|
||||
echo Created aether archive.
|
||||
|
||||
date >> $LOGFILE
|
||||
echo >> $LOGFILE
|
||||
20
aether.bash
Executable file
20
aether.bash
Executable file
@@ -0,0 +1,20 @@
|
||||
#!/bin/bash
|
||||
|
||||
### DO NOT EDIT THIS FILE ###
|
||||
|
||||
if [ ! -f /home/aether/.ssh/aether ]; then
|
||||
echo "Need to have the aether key to run."
|
||||
exit
|
||||
fi
|
||||
cd /home/aether
|
||||
if [ $(ls ./aether-*.tar.gz | wc -l) -gt 7 ]; then
|
||||
rm $(ls -tr ./aether-*.tar.gz | head -n 1);
|
||||
fi
|
||||
export TARGET="aether-"$(date +%F)".tar.gz"
|
||||
printf "get /aether/aether.enc %s\nbye\n" $TARGET | sftp -o IdentityFile=./.ssh/aether aether@aninix.net
|
||||
|
||||
rm -Rf target
|
||||
gunzip -c $TARGET | tar xvf -
|
||||
|
||||
echo "Failsafe populated. Today\'s was saved to "$TARGET
|
||||
exit
|
||||
16
make-user.bash
Normal file
16
make-user.bash
Normal file
@@ -0,0 +1,16 @@
|
||||
#!/bin/bash
|
||||
|
||||
if id -u "aether" >/dev/null 2>&1; then
|
||||
echo User exists
|
||||
else
|
||||
echo User does not exist.
|
||||
useradd -m -s $(grep bash /etc/shells) aether
|
||||
mkdir -p /home/aether/.ssh
|
||||
cp ./aether /home/aether/.ssh/
|
||||
cp ./aether.bash /home/aether
|
||||
chmod u+x /home/aether/aether.bash
|
||||
chown -R aether /home/aether
|
||||
chmod -R go-rwx /home/aether
|
||||
echo '0 0 * * * /bin/bash /home/aether/aether.bash' | crontab
|
||||
passwd aether
|
||||
fi
|
||||
50
server-backup
Executable file
50
server-backup
Executable file
@@ -0,0 +1,50 @@
|
||||
#!/bin/bash
|
||||
|
||||
export BACKUPDIR="/usr/local/backup"
|
||||
|
||||
## Backup small development ##
|
||||
|
||||
rsync -avzl --delete-after /root/bin/ "$BACKUPDIR"/root/bin/
|
||||
|
||||
## Backup configuration ##
|
||||
cp -r /etc/skel "$BACKUPDIR"
|
||||
cp /etc/bash.bashrc "$BACKUPDIR"/bash.bashrc
|
||||
cp /etc/vimrc "$BACKUPDIR"/vimrc
|
||||
|
||||
## Backup the good servers ##
|
||||
|
||||
### SSHD ###
|
||||
rsync -avzl --delete-after /etc/ssh "$BACKUPDIR"/ssh
|
||||
|
||||
### Lighttpd ###
|
||||
rsync -avzl --delete-after /etc/lighttpd/ "$BACKUPDIR"/lighttpd
|
||||
rsync -avzl --delete-after /srv/http/ "$BACKUPDIR"/http/
|
||||
|
||||
### Cron ###
|
||||
crontab -l > "$BACKUPDIR"/$(whoami)-crontab
|
||||
|
||||
### IRC Server ###
|
||||
rsync -avzl --delete-after /etc/unrealircd/ "$BACKUPDIR"/unrealircd
|
||||
rsync -avzl --delete-after /etc/anope/ "$BACKUPDIR"/anope
|
||||
# TODO add backup
|
||||
|
||||
### TheRaven ###
|
||||
# Added under Bazaar source
|
||||
|
||||
### Bazaar ###
|
||||
rsync -avzl --delete-after /srv/bazaar/ "$BACKUPDIR"/bazaar
|
||||
rsync -avzl --delete-after /usr/local/src/ "$BACKUPDIR"/src
|
||||
rsync -avzl --delete-after /usr/local/etc/ "$BACKUPDIR"/usr-local-etc
|
||||
|
||||
### Wiki ###
|
||||
rsync -avzl --delete-after /usr/share/webapps/mediawiki/LocalSettings.php "$BACKUPDIR"/mediawiki-localsettings.php
|
||||
|
||||
### Singularity ###
|
||||
# Backed up by postgres backup
|
||||
|
||||
### PostgreSQL ###
|
||||
# TODO
|
||||
|
||||
# TODO evaluate for other services not covered.
|
||||
|
||||
date > /var/log/server-backup.log
|
||||
Reference in New Issue
Block a user