Browse Source

notify: add ssh key for running remote notifications; add notify.sh

master
Jim Paris 8 months ago
parent
commit
929a323cf0
2 changed files with 22 additions and 1 deletions
  1. +3
    -1
      initial-setup.sh
  2. +19
    -0
      notify.sh

+ 3
- 1
initial-setup.sh View File

@@ -130,6 +130,8 @@ configure_ssh()
log "Creating SSH keys"
ssh-keygen -N "" -t ecdsa \
-C "backup-appendonly@$HOSTID" -f "$SSH/id_ecdsa_appendonly"
ssh-keygen -N "" -t ecdsa \
-C "backup-notify@$HOSTID" -f "$SSH/id_ecdsa_notify"
ssh-keygen -N "$PASS_SSH" -t ecdsa \
-C "backup@$HOSTID" -f "$SSH/id_ecdsa"

@@ -177,7 +179,7 @@ EOF
run_ssh_command "if cmp -s $backup $keys; then rm $backup ; fi"
run_ssh_command "cat >> .ssh/authorized_keys" <<EOF
command="$cmd --append-only",restrict $(cat "$SSH/id_ecdsa_appendonly.pub")
command="borg/notify.sh",restrict $(cat "$SSH/id_ecdsa_appendonly.pub")
command="borg/notify.sh",restrict $(cat "$SSH/id_ecdsa_notify.pub")
command="$cmd",restrict $(cat "$SSH/id_ecdsa.pub")
EOF



+ 19
- 0
notify.sh View File

@@ -0,0 +1,19 @@
#!/bin/bash

set -e
. "$(dirname "$0")"/vars.sh

# Send notification email using a script on the backup host
# First argument is our hostname, second argument is destination;
# mail body is provided on stdin.

if tty -s ; then
echo 'Refusing to read mail body from terminal'
exit 1
fi

ssh \
-F "$SSH/config" \
-i "$SSH/id_ecdsa_notify" \
"$BACKUP_USER@$BACKUP_HOST" \
borg/notify.sh "$HOSTNAME" "$1"

Loading…
Cancel
Save