From 75b1b8a66f3c2c0524b0b8fbd3185116e4a4bd69 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Tue, 27 Jan 2026 21:58:49 +0900 Subject: [PATCH] Add extra ssh config + keys --- .gitignore | 12 +++++-- ssh_config_backup_targets | 56 ++++++++++++++++++++++++++++++ ssh_extra_keys/generate_keypair.sh | 31 +++++++++++++++++ 3 files changed, 96 insertions(+), 3 deletions(-) create mode 100644 ssh_config_backup_targets create mode 100755 ssh_extra_keys/generate_keypair.sh diff --git a/.gitignore b/.gitignore index ccf80c7..423ff42 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,12 @@ * # Inkluder følgende filer i git-repoet -!.gitignore -!backup.sh -!clean_snapshots.sh +!/.gitignore +!/backup.sh +!/clean_snapshots.sh +!/ssh_config_backup_targets + +# Git må kunne se `ssh_extra_keys` mappen, men alt annet inni den skal ignoreres +!/ssh_extra_keys/ +/ssh_extra_keys/* +!/ssh_extra_keys/generate_keypair.sh diff --git a/ssh_config_backup_targets b/ssh_config_backup_targets new file mode 100644 index 0000000..c64f943 --- /dev/null +++ b/ssh_config_backup_targets @@ -0,0 +1,56 @@ +Host ameno ameno.pvv.ntnu.no + User root + IdentityFile ~/.ssh/id_rsa + +Host homepvv microbel microbel.pvv.ntnu.no + User root + IdentityFile ~/.ssh/id_rsa + +Host innovation innovation.pvv.ntnu.no + User root + IdentityFile ~/.ssh/id_rsa + +Host sleipner sleipner.pvv.ntnu.no + User root + IdentityFile ~/.ssh/id_rsa + +Host tom tom.pvv.ntnu.no + User root + IdentityFile ~/.ssh/id_rsa + +# NOTE: Because BatchMode is enabled, ssh will refuse to ask about new host-keys. +# If you copy paste one of these to point at a new Hostname, make sure to +# either disable BatchMode and SSH once to register the host in `known_hosts`, +# or ssh with -oStrictHostKeyChecking=accept-new once. + +Host matrix-media-store-backup + User root + Hostname matrix.pvv.ntnu.no + IdentityFile /backupz/ssh_extra_keys/id_ed25519_matrix_media_store_rsync_backup + BatchMode yes + +Host gitea-backup + User root + Hostname git.pvv.ntnu.no + IdentityFile /backupz/ssh_extra_keys/id_ed25519_gitea_rsync_backup + BatchMode yes + +Host mediawiki-backup + User root + Hostname wiki.pvv.ntnu.no + IdentityFile /backupz/ssh_extra_keys/id_ed25519_mediawiki_rsync_backup + BatchMode yes + +Host postgresql-backup + User root + Hostname postgres.pvv.ntnu.no + IdentityFile /backupz/ssh_extra_keys/id_ed25519_postgresql_rsync_backup + BatchMode yes + +Host mysql-backup + User root + Hostname mysql.pvv.ntnu.no + IdentityFile /backupz/ssh_extra_keys/id_ed25519_mysql_rsync_backup + BatchMode yes + +# vim: set ft=sshconfig: diff --git a/ssh_extra_keys/generate_keypair.sh b/ssh_extra_keys/generate_keypair.sh new file mode 100755 index 0000000..5973809 --- /dev/null +++ b/ssh_extra_keys/generate_keypair.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ "${1:-}" = "-h" ] || [ "${1:-}" = "--help" ] || [ $# -ne 1 ]; then + declare -r ARGV0=$(basename "${0:-generate-keypair.sh}") + printf 'Usage: %s SERVICE_NAME\n' "$ARGV0" >&2 + cat <<'EOF' >&2 +Generate a new keypair for use in backup targets + +Options: + -h, --help Show this help and exit + SERVICE_NAME The name of the service to generate a backup key for. Should not contain spaces. + +Example usage: + # Generate a new keypair for backuping some service 'my-service' state via rsync + generate-keypair.sh my-service + +EOF + exit 1 +fi + +declare -r PROJECT_ROOT="$(git rev-parse --show-toplevel)" +declare -r KEYPATH="$PROJECT_ROOT/ssh_extra_keys/id_ed25519_$1_rsync_backup" + +if [[ -f "$KEYPATH" ]]; then + printf "$KEYPATH already exists...\n" >&2 + exit 1 +fi + +ssh-keygen -t ed25519 -b 4096 -C "$1 rsync backup" -f "$KEYPATH" -N ''