extern/zrepl
1
0
Fork 0
mirror of https://github.com/zrepl/zrepl.git synced 2025-08-09 15:14:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

implement stdinserver command + corresponding server

Browse Source 
How it works:

`zrepl stdinserver CLIENT_IDENTITY`
 * connects to the socket in $global.serve.stdinserver.sockdir/CLIENT_IDENTITY
 * sends its stdin / stdout file descriptors to the `zrepl daemon` process (see cmsg(3))
 * does nothing more

This enables a setup where `zrepl daemon` is not directly exposed to the
internet but instead all traffic is tunnelled through SSH.
The server with the source job has an authorized_keys file entry for the
public key used by the corresponding pull job

 command="/mnt/zrepl stdinserver CLIENT_IDENTITY" ssh-ed25519 AAAAC3NzaC1E... zrepl@pullingserver
This commit is contained in:
Christian Schwarz
2017-09-11 13:48:07 +02:00
parent f3689563b5
commit ce25c01c7e
4 changed files with 212 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/config.go
View File

@ -24,11 +24,12 @@ type RPCConnecter interface {
Connect() (rpc.RPCClient, error)
}
type AuthenticatedChannelListenerFactory interface {
Listen() AuthenticatedChannelListener
Listen() (AuthenticatedChannelListener, error)
}
type AuthenticatedChannelListener interface {
Accept() (ch io.ReadWriteCloser, err error)
Close() (err error)
}
type SSHStdinServerConnectDescr struct {
@ -37,4 +38,3 @@ type SSHStdinServerConnectDescr struct {
type PrunePolicy interface {
Prune(fs zfs.DatasetPath, versions []zfs.FilesystemVersion) (keep, remote []zfs.FilesystemVersion, err error)
}