Commit 4d8a4d39 authored by Evangelos Foutras's avatar Evangelos Foutras 🐱
Browse files

Merge branch 'simplify-borg_client-authorized_keys' into 'master'

Use restrict key option and relative borg command

See merge request archlinux/infrastructure!433
parents 3fa8851a 3561a383
Pipeline #9169 passed with stage
in 32 seconds
...@@ -37,5 +37,5 @@ ...@@ -37,5 +37,5 @@
user: borg user: borg
key: "{{ item.stdout }}" key: "{{ item.stdout }}"
manage_dir: true manage_dir: true
key_options: "command=\"/usr/bin/borg serve --restrict-to-path {{ backup_dir }}/{{ item['item'] }}\",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc" key_options: "command=\"borg serve --restrict-to-path {{ backup_dir }}/{{ item['item'] }}\",restrict"
with_items: "{{ ssh_keys.results }}" with_items: "{{ ssh_keys.results }}"
...@@ -13,5 +13,5 @@ ...@@ -13,5 +13,5 @@
# Client machines keys # Client machines keys
{% for client_key in client_ssh_keys.results %} {% for client_key in client_ssh_keys.results %}
command="/usr/bin/borg serve --restrict-to-path {{ backup_dir }}/{{ client_key['item'] }}",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc {{ client_key['stdout'] }} command="borg serve --restrict-to-path {{ backup_dir }}/{{ client_key['item'] }}",restrict {{ client_key['stdout'] }}
{% endfor %} {% endfor %}
...@@ -13,5 +13,5 @@ ...@@ -13,5 +13,5 @@
# Client machines keys # Client machines keys
{% for client_key in client_ssh_keys.results %} {% for client_key in client_ssh_keys.results %}
command="/usr/bin/borg serve --restrict-to-path {{ backup_dir }}/{{ client_key['item'] }}",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc {{ client_key['stdout'] }} command="borg serve --restrict-to-path {{ backup_dir }}/{{ client_key['item'] }}",restrict {{ client_key['stdout'] }}
{% endfor %} {% endfor %}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment