]> git.openstreetmap.org Git - chef.git/blob - roles/backup.rb
imagery: sysctl to enable TFO on socket listen
[chef.git] / roles / backup.rb
1 name "backup"
2 description "Role applied to backup.openstreetmap.org"
3
4 default_attributes(
5   :accounts => {
6     :users => {
7       :osmbackup => { :status => :role }
8     }
9   },
10   :rsyncd => {
11     :modules => {
12       :backup => {
13         :comment => "Backups",
14         :path => "/store/backup",
15         :read_only => false,
16         :write_only => true,
17         :list => false,
18         :uid => "osmbackup",
19         :gid => "osmbackup",
20         :transfer_logging => false,
21         :hosts_allow => [
22           "128.40.168.0/24",                     # ucl external (wates)
23           "128.40.45.192/27",                    # ucl external (wolfson)
24           "146.179.159.160/27",                  # ic internal
25           "193.63.75.96/27",                     # ic external
26           "2001:630:12:500::/64",                # ic external
27           "10.0.32.0/20",                        # bytemark internal
28           "89.16.162.16/28",                     # bytemark external
29           "2001:41c9:2:d6::/64",                 # bytemark external
30           "212.110.172.32",                      # shenron
31           "2001:41c9:1:400::32",                 # shenron
32           "127.0.0.0/8",                         # localhost
33           "::1"                                  # localhost
34         ]
35       }
36     }
37   }
38 )
39
40 run_list(
41   "recipe[rsyncd]",
42   "recipe[backup]"
43 )