]> git.openstreetmap.org Git - chef.git/blob - roles/backup.rb
Allow database connections from VPN addresses
[chef.git] / roles / backup.rb
1 name "backup"
2 description "Role applied to backup.openstreetmap.org"
3
4 default_attributes(
5   :accounts => {
6     :users => {
7       :osmbackup => { :status => :role }
8     }
9   },
10   :rsyncd => {
11     :modules => {
12       :backup => {
13         :comment => "Backups",
14         :path => "/store/backup",
15         :read_only => false,
16         :write_only => true,
17         :list => false,
18         :uid => "osmbackup",
19         :gid => "osmbackup",
20         :transfer_logging => false,
21         :hosts_allow => [
22           "128.40.168.0/24",                     # ucl external (wates)
23           "128.40.45.192/27",                    # ucl external (wolfson)
24           "146.179.159.160/27",                  # ic internal
25           "193.63.75.96/27",                     # ic external
26           "2001:630:12:500::/64",                # ic external
27           "212.110.172.32",                      # shenron
28           "2001:41c9:1:400::32",                 # shenron
29           "127.0.0.0/8",                         # localhost
30           "::1"                                  # localhost
31         ]
32       }
33     }
34   }
35 )
36
37 run_list(
38   "recipe[rsyncd]",
39   "recipe[backup]"
40 )