You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DONE - little scripts on omnia to make sure LXC container is running and light up User1 accordingly
76
-
Blue flashing - container booting - set by lxc start-script on omnia
77
-
Done - /etc/lxc-bootnotify
76
+
Blue flashing - container booting - set by monitor script on lxc container
77
+
Done - /usr/local/sbin/backer-alarm + cron
78
78
White - container booted - set by container after boot
79
79
Done - /usr/local/sbin/backer-unlock
80
80
Red flashing - container broken - set by a monitor script on omnia
@@ -89,10 +89,11 @@ Profile.local to warn when /backups not mounted
89
89
90
90
DONE - proper decrypt method and/or script to decrypt with backer-unlock
91
91
92
-
TODO - create new users for backer on k2so, one for csync, rsync, use system root-level keys to auth to them, use command= to lock down each http://superuser.com/questions/261361/do-i-need-to-have-a-passphrase-for-my-ssh-rsa-key
92
+
DONE - create new users for backer on k2so, one for csync, rsync, use system root-level keys to auth to them, use command= to lock down each http://superuser.com/questions/261361/do-i-need-to-have-a-passphrase-for-my-ssh-rsa-key
csync needs access to /usr/local/bin/sftp-server as its command
94
95
95
-
TODO - as backups will be pushed fromroot-level user on obiwan and others generate ssh private keys for all hosts in salt, and have those public keys on k2so via salt
96
+
DONE - as backups will be pushed fromroot-level user on obiwan and others generate ssh private keys for all hosts in salt, and have those public keys on k2so via salt
96
97
ssh-keygen -N "" -f /root/.ssh/id_rsa
97
98
use salt mine to distribute keys https://docs.saltstack.com/en/latest/topics/mine/
98
99
@@ -103,11 +104,11 @@ rsync -a --info=progress2 [email protected]:/srv/lxc lxc
103
104
TODO - restore script for router config
104
105
TODO - backup k2so + restore script
105
106
TODO - csync/rsync crons - csync of home takes a few minutes
106
-
TODO - rsync /etc from all hosts
107
-
TODO - rsync /srv from k2so
108
-
TODO - rsync /var/lib/znc/.znc/configs/znc.conf from all znc hosts
107
+
DONE - rsync /etc from all hosts
108
+
DONE - rsync /srv from k2so
109
+
DONE - rsync /var/lib/znc/.znc/configs/znc.conf from all znc hosts
110
+
TODO - Deduplicate every week
109
111
TODO - deploy znc.conf automagically to all znc hosts - REQUIRES PILLARS for passwords eg /var/lib/znc/.znc/users/ilmehtar/networks/freenode/moddata/sasl
110
-
TODO - set boot notify to work inside LXC container, not omnia, omnia won't work when rebooting container
111
112
TODO - Salt proxy from k2so to c3po
112
113
TODO - Make rootco.de authorative salt master, not github
113
114
TODO - Encrypt rootco.de /data, use it to store pillars
0 commit comments