Commit 1e417f84 authored by aguestuser's avatar aguestuser

Merge branch 'fixup-mr-188' into 'master'

Fixup mr !188

See merge request !190
parents 3c70fbbb 70da0b72
......@@ -48,3 +48,4 @@ signal_data
/ansible/files/deploy_keys/.ssh/id_sb_deploy
/ansible/files/deploy_keys/.ssh/id_sb_deploy.pub
/ansible/files/deploy_keys/.ssh/config
/ansible/files/deploy_keys/.ssh/known_hosts
......@@ -118,12 +118,13 @@
copy:
src: files/deploy_keys/.ssh/{{ item }}
dest: /root/.ssh/
mode: 500
mode: 0600
with_items:
- config
- id_sb_deploy
- id_sb_deploy.pub
tags: deploy_user_2
- known_hosts
tags: deploy_user, root_ssh
- name: Set authorized key for deploy user
authorized_key:
......@@ -138,7 +139,7 @@
state: directory
owner: sb_deploy
group: sb_deploy
mode: 700
mode: 0700
tags: deploy_user
- name: Load crontab
......
......@@ -11,7 +11,7 @@ timestamp=`date "+%Y-%m-%d"`
# gpg
keyring_path="/srv/signalboost/keyrings/live/pubring.kbx"
gpg="gpg --encrypt --keyring ${keyring_path} --trust-model always -r 8DEA5441 -r 97B47404"
gpg="gpg --encrypt --keyring ${keyring_path} --trust-model always -r 8DEA5441 -r 97B47404 -r 0C8F192B"
# paths
project_root="/srv/signalboost"
......@@ -62,17 +62,17 @@ target_dir="/srv/backups"
echo "--- making target backup dir..."
# make target backup directory
ssh -o StrictHostKeyChecking=no -i $keypath sb_backup "mkdir -p ${target_dir}"
ssh -i $keypath sb_backup "mkdir -p ${target_dir}"
echo "--- scp-ing to backup dir..."
# here, we use the `sb_backup` host defined in /root/.ssh/config
scp -o StrictHostKeyChecking=no -i $keypath -rp ${backup_dir} sb_backup:${target_dir}
scp -i $keypath -rp ${backup_dir} sb_backup:${target_dir}
echo "--- removing old backups from remote..."
# remove old backups on remote
ssh -o StrictHostKeyChecking=no -i $keypath sb_backup "find $target_dir/* -type d -not -name ${timestamp} -delete"
ssh -i $keypath sb_backup "find $target_dir/* -type d -not -name ${timestamp} -exec rm -rv {} +"
# remove local backup
rm -rf ${backup_dir}
......
......@@ -2,6 +2,7 @@
ansible/files/deploy_keys/.ssh/config
ansible/files/deploy_keys/.ssh/id_sb_deploy
ansible/files/deploy_keys/.ssh/id_sb_deploy.pub
ansible/files/deploy_keys/.ssh/known_hosts
ansible/files/deploy_keys/signalboost_gpg_privkey.asc
ansible/inventory.tmpl
bin/get-machine
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment