add support to create a remote sftp user

2021-06-12 19:04:29 +02:00 · 2021-06-12 19:04:29 +02:00 · de9e0004f6
commit de9e0004f6
parent 90f6b0a360
3 changed files with 86 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -34,14 +34,14 @@ backends:
 	restic:
 		# url of the restic repository
 		url: '/var/backup-client/restic'
-		# repository type musst be 'local'
+		# repository type can be 'local' or 'sftp'
 		repo_type: 'local'

 # Mode in which the backup is taken. One of the following:
 #
 # vm-via-hypervisor: backup a vm via restic on the hypervisor. Saves config on the host
 # hypervisor-restic: backup its vms via restic
-# standalone-restic: use restic on the target itself to save a backup to a backup location (TODO)
+# standalone-restic: use restic on the target itself to save a backup to a backup location
 mode: vm-via-hypervisor

 # Allows backups to be skipped
@ -68,6 +68,26 @@ export:
 #	  port: 22
 #	  key: "/etc/backup-client/id_ed25519"

+# Settings to create a remote sftp user. Use this for restic sftp repos
+remote_sftp_user:
+	# enable/disable the user creation feature
+	enabled: False
+	# user name
+	name: backup
+	# user group
+	group: nogroup
+	# user auxillary groups
+	groups: []
+	# host to create the user on
+	host: ~
+	# Path used to setup an sftp chroot using ssh.
+	# Only the top most folder is created
+	chroot_basepath: "/var/chroots/{{ inventory_hostname }}"
+	# Path to bindmount in the chroot jail
+	storage_path: "/srv/backups/{{ inventory_hostname }}"
+	# Wether to create the topmost storage folder or not
+	create_storage_folder: True
+
 # keys are strings with glob patterns of files to be excluded. Value musst be true to enable the exclude, false to disable it
 # Only supportet in restic based backups
 exclude_files: {}