Skip to content

Commit 39d632d

Browse files
tedivmtedivm
committed
Documentation cleanup
1 parent 2bc4b9f commit 39d632d

File tree

1 file changed

+18
-13
lines changed

1 file changed

+18
-13
lines changed

README.md

Lines changed: 18 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -48,27 +48,27 @@ utilizing common Puppet patterns.
4848

4949
* **Client specific options instead of enforced globals.** Rather than rely on a
5050
single configuration file and monolithic backup runs this module uses stand
51-
along configurations for each host. Besides being more resilient to errors,
52-
this enables unique client settings- for instance, setting different retain
51+
alone configurations for each host. Besides being more resilient to errors,
52+
this enables unique client settings- for instance, using different retain
5353
settings for different hosts.
5454

5555
* **Support for SSH without root access.** In most cases root login is not
5656
available over ssh for security reasons, so this module relies instead on
5757
having it's own unique user with locked down sudo access to give it the needed
58-
access for backups.
58+
access to perform backups.
5959

6060
* **Support for automatic key sharing.** The client machine will automatically
6161
receive the ssh key from the server that it is backing up to.
6262

6363
* **Locked down ssh accounts.** All ssh accounts are locked down. SSH keys can
64-
only by used by the single backup host, without access to features like x
65-
forwarding. Commands allowed by the ssh key are limited to specific wrapper
66-
scripts installed by this module.
64+
only by used by the single backup host, without access to unneeded features
65+
like x-forwarding. Commands allowed by the ssh key are limited to specific
66+
wrapper scripts installed by this module.
6767

6868
* **Sender only rsync.** One of the biggest threats with rsync access is the
6969
potential to overwrite existing files on the system to gain unauthorized
7070
access. This module uses a wrapper script around rsync on the client side
71-
which limits it to only being able to send data, not write it.
71+
which essentially makes it read only.
7272

7373

7474
## Setup
@@ -94,7 +94,7 @@ utilizing common Puppet patterns.
9494
* Storeconfigs needs to be enabled for configurations defined on the client side
9595
to be installed on the backup server.
9696
* Multiple puppet runs (client, then server, then client again) need to occur
97-
for all resources to be creates.
97+
for all resources to be created on both servers.
9898

9999

100100
### Beginning with rsnapshot
@@ -202,7 +202,7 @@ define directories to backup outside of the `rsnapshot::client` class. This lets
202202
developers define backup points as resources inside other classes.
203203

204204
For example, in a mysql profile it would make sense to backup the directory
205-
where the mysqldumps get stored. Instead of defining that using
205+
where the mysqldumps get stored. Instead of attempting to define that using
206206
`rsnapshot::client` it can be added directly in the mysql profile.
207207

208208
```puppet
@@ -216,7 +216,7 @@ class profiles::mysql {
216216
}->
217217
218218
cron { 'vicarious_profiles_mysqldump':
219-
command => '/usr/bin/mysqldump --defaults-extra-file=/root/.my.cnf --opt --single-transaction --events --routines --triggers --hex-blob --comments --all-databases | /bin/gzip > /opt/mysqldumps/backups_\$(date +\%Y-\%m-\%d_\%H:\%M:\%S).sql.gz',
219+
command => '/usr/bin/mysqldump --defaults-extra-file=/root/.my.cnf --opt --single-transaction --events --routines --triggers --hex-blob --comments --all-databases | /bin/gzip > /opt/mysqldumps/backups_\$(date +\%Y-\%m-\%d_\%H:\%M:\%S).sql.gz',
220220
user => root,
221221
hour => 4,
222222
minute => 0
@@ -231,14 +231,19 @@ class profiles::mysql {
231231

232232
Please note that when doing this the `rsnapshot::backup` point will only be
233233
backup up if there is an `rsnapshot::client` definition for the machine. Without
234-
that it is simply discarded.
234+
that it is simply discarded. This allows the use of the same mysql profile on
235+
both production and test machines, with backups only on the production machines
236+
that are also rsnapshot clients.
235237

236238

237239
### Backing Up Machines Outside of Puppet
238240

239241
It's also possible to add machines to the backup server that are not controlled
240-
by Puppet. Client side features, such as account creation and ssh key transfer,
241-
will not be available.
242+
by Puppet.
243+
244+
There are some limitations. Client side features, such as account creation and
245+
ssh key transfer, will not be available. Admins will also have to create the
246+
appropriate access on the machine manually, since Puppet will not be able to.
242247

243248
On the backup server define a new resource of the `rsnapshot::server::config`
244249
type. This object takes a combination of the rsnapshot::server and

0 commit comments

Comments
 (0)