]> git.openstreetmap.org Git - chef.git/blob - roles/backup.rb
Allow new UCL addresses to access the backup server
[chef.git] / roles / backup.rb
1 name "backup"
2 description "Role applied to backup.openstreetmap.org"
3
4 default_attributes(
5   :accounts => {
6     :users => {
7       :osmbackup => { :status => :role }
8     }
9   },
10   :rsyncd => {
11     :modules => {
12       :backup => {
13         :comment => "Backups",
14         :path => "/store/backup",
15         :read_only => false,
16         :write_only => true,
17         :list => false,
18         :uid => "osmbackup",
19         :gid => "osmbackup",
20         :transfer_logging => false,
21         :hosts_allow => [
22           "193.60.236.0/24",                     # ucl external
23           "146.179.159.160/27",                  # ic internal
24           "193.63.75.96/27",                     # ic external
25           "2001:630:12:500::/64",                # ic external
26           "10.0.32.0/20",                        # bytemark internal
27           "89.16.162.16/28",                     # bytemark external
28           "2001:41c9:2:d6::/64",                 # bytemark external
29           "212.110.172.32",                      # shenron
30           "2001:41c9:1:400::32",                 # shenron
31           "127.0.0.0/8",                         # localhost
32           "::1"                                  # localhost
33         ]
34       }
35     }
36   }
37 )
38
39 run_list(
40   "recipe[rsyncd]",
41   "recipe[backup]"
42 )