Add extra ssh config + keys

.gitignore

@@ -2,6 +2,12 @@
 *
 
 # Inkluder følgende filer i git-repoet
-!.gitignore
-!backup.sh
-!clean_snapshots.sh
+!/.gitignore
+!/backup.sh
+!/clean_snapshots.sh
+!/ssh_config_backup_targets
+
+# Git må kunne se `ssh_extra_keys` mappen, men alt annet inni den skal ignoreres
+!/ssh_extra_keys/
+/ssh_extra_keys/*
+!/ssh_extra_keys/generate_keypair.sh

ssh_config_backup_targets

@@ -0,0 +1,56 @@
+Host ameno ameno.pvv.ntnu.no
+	User root
+	IdentityFile ~/.ssh/id_rsa
+
+Host homepvv microbel microbel.pvv.ntnu.no
+	User root
+	IdentityFile ~/.ssh/id_rsa
+
+Host innovation innovation.pvv.ntnu.no
+	User root
+	IdentityFile ~/.ssh/id_rsa
+
+Host sleipner sleipner.pvv.ntnu.no
+	User root
+	IdentityFile ~/.ssh/id_rsa
+
+Host tom tom.pvv.ntnu.no
+	User root
+	IdentityFile ~/.ssh/id_rsa
+
+# NOTE: Because BatchMode is enabled, ssh will refuse to ask about new host-keys.
+#       If you copy paste one of these to point at a new Hostname, make sure to
+#       either disable BatchMode and SSH once to register the host in `known_hosts`,
+#       or ssh with -oStrictHostKeyChecking=accept-new once.
+
+Host matrix-media-store-backup
+	User root
+	Hostname matrix.pvv.ntnu.no
+	IdentityFile /backupz/ssh_extra_keys/id_ed25519_matrix_media_store_rsync_backup
+	BatchMode yes
+
+Host gitea-backup
+	User root
+	Hostname git.pvv.ntnu.no
+	IdentityFile /backupz/ssh_extra_keys/id_ed25519_gitea_rsync_backup
+	BatchMode yes
+
+Host mediawiki-backup
+	User root
+	Hostname wiki.pvv.ntnu.no
+	IdentityFile /backupz/ssh_extra_keys/id_ed25519_mediawiki_rsync_backup
+	BatchMode yes
+
+Host postgresql-backup
+	User root
+	Hostname postgres.pvv.ntnu.no
+	IdentityFile /backupz/ssh_extra_keys/id_ed25519_postgresql_rsync_backup
+	BatchMode yes
+
+Host mysql-backup
+	User root
+	Hostname mysql.pvv.ntnu.no
+	IdentityFile /backupz/ssh_extra_keys/id_ed25519_mysql_rsync_backup
+	BatchMode yes
+
+# vim: set ft=sshconfig:

ssh_extra_keys/generate_keypair.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ] || [ $# -ne 1 ]; then
+  declare -r ARGV0=$(basename "${0:-generate-keypair.sh}")
+  printf 'Usage: %s SERVICE_NAME\n' "$ARGV0" >&2
+  cat <<'EOF' >&2
+Generate a new keypair for use in backup targets
+
+Options:
+  -h, --help        Show this help and exit
+  SERVICE_NAME      The name of the service to generate a backup key for. Should not contain spaces.
+
+Example usage:
+  # Generate a new keypair for backuping some service 'my-service' state via rsync
+  generate-keypair.sh my-service
+
+EOF
+  exit 1
+fi
+
+declare -r PROJECT_ROOT="$(git rev-parse --show-toplevel)"
+declare -r KEYPATH="$PROJECT_ROOT/ssh_extra_keys/id_ed25519_$1_rsync_backup"
+
+if [[ -f "$KEYPATH" ]]; then
+  printf "$KEYPATH already exists...\n" >&2
+  exit 1
+fi
+
+ssh-keygen -t ed25519 -b 4096 -C "$1 rsync backup" -f "$KEYPATH" -N ''