Rsync del sito della stazione

Tramite rsync e' mirrorato il sito http://brallo.mine.nu sul sito con maggior banda http://www.meteobrallo.com/mirror. Il mirror e' schedultato ogni ora ed effettuato tramite demone di wview. Per poter rendere operativa questa funzionalita' il sito remoto (meteobrallo) deve essere una macchina linux con attivo rsync e l'utente deve avere accesso in ssh. Basta seguire passo passo le istruzioni presenti sul sito di wview per far funzionare la cosa:

14. Secure File Transfer (rsync/ssh)

14.1 Overview

   A new wview daemon has been added to support secure file transfers to 
   remote servers: wviewsshd. It is enabled or disabled in the same way that
   the wviewftpd and wvalarmd daemons are - by the presence or absence of the
   respective config files. All three of these utility daemons are disabled
   in the standard distribution because the config file names are all appended
   with "-no-[function]", i.e. "wviewssh.conf-no-ssh". The secure updates are 
   performed using rsync over an ssh session. To work properly, the wview
   server must be able to login and/or execute commands on the destination 
   server via ssh WITHOUT entering a password. This is accomplished by copying
   the wview server's root account shared ssh key to the remote server's 
   login account.

   Suggestion: Don't mix hostname with IP address for the remote server during
               the configuration below. Decide NOW whether you are going to use
               a hostname or an IP address, and use it consistently for all
               references to [remote_host] below. ssh does make a distinction
               when storing and verifying shared keys.

   Placeholders:

   [remote_host]             - the host we want to update
   [ssh_login_user]          - the user account name on the [remote_host] we
                               want to use for the ssh logins
   [remote_test_dir]         - remote directory to receive files, relative
                               to the [ssh_login_user] login home directory
                               *[ssh_login_user] must have write access to this 
                               directory*
   [wview_server]            - the wview host

   Note: I have included prompts of the form "username@host:# " to help
         clarify what is being executed on what host. Your actual shell
         prompts may be different, this is only for clarity in this procedure.

   Note: This procedure assumes compatible versions of ssh - version 1 and 
         version 2 of openssh have compatability problems as well as with 
         ssh.com versions 1 and 2. If you are having problems with the setup,
         I strongly suggest going to the following URL for advanced help:
         http://www.cs.berkeley.edu/~dtliu/sshinterop.html.

14.2 Prerequisites

14.2.1 Verify rsync is installed on the wview server:

        root@[wview_server]:# whereis rsync

        If that doesn't produce /usr/bin/rsync or similar, install rsync.

14.2.2 Verify rsync is installed on the remote host:

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [enter password]
        [ssh_login_user]@[remote_host]:# whereis rsync

        If that doesn't produce /usr/bin/rsync or similar, install rsync.

        Logout:

        [ssh_login_user]@[remote_host]:# exit 

14.3 ssh Shared Key Setup

14.3.1 Generate a public/private key pair for the root user on the wview

        server (if it does not already exist) (execute as the root user):

        root@[wview_server]:# mkdir -p ~/.ssh
        root@[wview_server]:# ssh-keygen -t rsa

        Just hit enter for default values when asked questions.
        This will create two files, we are interested in the ~/.ssh/id_rsa.pub
        file.

14.3.2 Transfer id_rsa.pub to [remote_host]. Use ftp, scp, email, floppy

        disk, whatever you want to get this file to the remote host.

14.3.3 Login to [remote_host] as [ssh_login_user] and append the contents of

        id_rsa.pub into ~/.ssh/authorized_keys (if authorized_keys does not 
        exist, just rename id_rsa.pub to authorized_keys).

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [enter password]
        [ssh_login_user]@[remote_host]:# mkdir -p ~/.ssh
        [ssh_login_user]@[remote_host]:# cd ~/.ssh
        [ssh_login_user]@[remote_host]:# cat id_rsa.pub >> authorized_keys

        Stay logged in - we need it for the next step.

14.3.4 As [ssh_login_user] on [remote_host], ssh into the wview server as root,

        answer "yes" if this is the first time, then logout. This sets the 
        wview server up in the remote server login account's "known_hosts" file.

        [ssh_login_user]@[remote_host]:# ssh -l root [wview_server]
        [enter password]
        root@[wview_server]:# exit

        Now, exit the original ssh session:
        [ssh_login_user]@[remote_host]:# exit

14.3.5 As root on the wview server, ssh into [remote_host] as [ssh_login_user],

        answer "yes" if this is the first time, then logout. This sets the 
        [remote_host] up in the wview server root account's "known_hosts" file.

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [no password should be required!]
        [ssh_login_user]@[remote_host]:# exit

14.3.6 Finally, we need to set up ssh for the root user so that when

        [remote_host] is logged into, ssh uses [ssh_login_user] instead of
        root for the login on [remote_host]. This must be done for every 
        [remote_host] entry in wviewssh.conf. This is what specifies which 
        user account is used for the ssh login to each [remote_host].

        Edit /root/.ssh/config and put the following at the top of the file
        (just create a new file if it does not exist):

        [text start]
        Host [remote_host]
        User [ssh_login_user]
        [text end]

        Save and exit that file.

14.3.7 Mandatory Tests - these must succeed before going any further:

        As root on the wview server execute:
        root@[wview_server]:# ssh [remote_host]

        You should be logged in to [remote_host] as [ssh_login_user] without 
        entering a password.

        Exit the remote host shell:
        [ssh_login_user]@[remote_host]:# exit

        You should now be able to remotely execute commands over ssh. Verify 
        this by executing the date command from the wview server as root: 

        root@[wview_server]:# ssh [remote_host] date

        This MUST execute without requiring a password. If it does not, go back
        to the beginning of shared key setup and double check your steps.

        DO NOT proceed if you cannot login/execute commands remotely as
        [ssh_login_user] without a password. This is critical! There is much 
        online documentation concerning ssh setup, this is only a bare-bones
        treatment of the subject.

14.4 Confirming rsync Functionality

14.4.1 Place files in /var/wview/img (if it is not already your "IMAGE_PATH"

        in htmlgen.conf):

        root@[wview_server]:# cp [some_test_files] /var/wview/img

14.4.2 Create/Verify the destination path on the remote server

        (as [ssh_login_user]):

        root@[wview_server]:# ssh [remote_host]

        [you are now logged in as [ssh_login_user] without a password, right?]

        [ssh_login_user]@[remote_host]:# cd ~  

        [this is your ssh login directory - all wviewssh.conf destination
        paths are relative to this directory]

        [ssh_login_user]@[remote_host]:# mkdir -p [remote_test_dir]

        Note: [remote_test_dir] is a relative path from the [ssh_login_user] 
              login directory - it CANNOT contain a leading "slash".

        Logout:

        [ssh_login_user]@[remote_host]:# exit

14.4.3 Test rsync over ssh from the wview server:

        root@[wview_server]:# rsync -aqz --rsh=ssh /var/wview/img/ [remote_host]:[remote_test_dir]

        This should transfer the files you placed in /var/wview/img to the 
        remote server in the [remote_test_dir] directory without a password
        being required.

        *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!*****
        wview ssh file transfer capability will NOT work until you can
        successfully execute this command from the wview server and verify 
        the file transfers on the remote server.
        *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!*****

14.5 Configuring wview For Secure Transfers

14.5.1 Stop wview as you normally would:

            [FreeBSD]   /etc/rc.d/wview stop            -OR-

            [SuSE]      /etc/init.d/wview stop          -OR-
            [RH/Fedora] /etc/rc.d/init.d/wview stop

14.5.2a If updating, copy the wviewssh.conf script to your server:

        cp .../wview-x.y.z/examples/conf/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf

14.5.2b If a new install, rename the config file:

        mv /etc/wview/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf

14.5.3 Copy the new wview start script which will start the wviewsshd daemon:

        [FreeBSD]   cp .../wview-x.y.z/examples/FreeBSD/wview /etc/rc.d
        [SuSE]      cp .../wview-x.y.z/examples/SuSE/wview /etc/init.d
        [RH/Fedora] cp .../wview-x.y.z/examples/Fedora/wview /etc/rc.d/init.d

14.5.4 Edit /etc/wview/wviewssh.conf, adding one or more transfer rules: [snip]

  1. Interval Source Remote Host Remote Destination
  2. -------- ----------------------------- ------------------------- ---------------------------

1 /var/wview/img [remote_host] [remote_test_dir] [snip]

        The example file contains a full description of the columns.

        Each [remote_host] entry must have a corresponding "Host" entry in
        /root/.ssh/config which specifies the login account ([ssh_login_user]) 
        to use for ssh. See section 14.3 above. Further, the procedures outlined 
        in sections 14.2-14.4 MUST be followed for each unique [remote_host] 
        [ssh_login_user] combination.

14.5.5 Start wview as you normally would:

            [FreeBSD]   /etc/rc.d/wview start           -OR-
            [SuSE]      /etc/init.d/wview start         -OR-
            [RH/Fedora] /etc/rc.d/init.d/wview start

(:div style='groove #99f; padding:10px; background-image:url(http://www.meteobrallo.com/site/uploads/Main/auguri_mb.jpg); opacity:.50;filter: alpha(opacity=50); -moz-opacity: 0.9'':)

Situazione

RSS

Meteo


Materiali & Procedure

Per contibuire

Altro

Banners

.