Rsync del sito della stazione

Tramite rsync e' mirrorato il sito sul sito con maggior banda Il mirror e' schedultato ogni ora ed effettuato tramite demone di wview. Per poter rendere operativa questa funzionalita' il sito remoto (meteobrallo) deve essere una macchina linux con attivo rsync e l'utente deve avere accesso in ssh. Basta seguire passo passo le istruzioni presenti sul sito di wview per far funzionare la cosa:

14. Secure File Transfer (rsync/ssh)

14.1 Overview

   A new wview daemon has been added to support secure file transfers to 
   remote servers: wviewsshd. It is enabled or disabled in the same way that
   the wviewftpd and wvalarmd daemons are - by the presence or absence of the
   respective config files. All three of these utility daemons are disabled
   in the standard distribution because the config file names are all appended
   with "-no-[function]", i.e. "wviewssh.conf-no-ssh". The secure updates are 
   performed using rsync over an ssh session. To work properly, the wview
   server must be able to login and/or execute commands on the destination 
   server via ssh WITHOUT entering a password. This is accomplished by copying
   the wview server's root account shared ssh key to the remote server's 
   login account.

   Suggestion: Don't mix hostname with IP address for the remote server during
               the configuration below. Decide NOW whether you are going to use
               a hostname or an IP address, and use it consistently for all
               references to [remote_host] below. ssh does make a distinction
               when storing and verifying shared keys.


   [remote_host]             - the host we want to update
   [ssh_login_user]          - the user account name on the [remote_host] we
                               want to use for the ssh logins
   [remote_test_dir]         - remote directory to receive files, relative
                               to the [ssh_login_user] login home directory
                               *[ssh_login_user] must have write access to this 
   [wview_server]            - the wview host

   Note: I have included prompts of the form "username@host:# " to help
         clarify what is being executed on what host. Your actual shell
         prompts may be different, this is only for clarity in this procedure.

   Note: This procedure assumes compatible versions of ssh - version 1 and 
         version 2 of openssh have compatability problems as well as with  versions 1 and 2. If you are having problems with the setup,
         I strongly suggest going to the following URL for advanced help:

14.2 Prerequisites

14.2.1 Verify rsync is installed on the wview server:

        root@[wview_server]:# whereis rsync

        If that doesn't produce /usr/bin/rsync or similar, install rsync.

14.2.2 Verify rsync is installed on the remote host:

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [enter password]
        [ssh_login_user]@[remote_host]:# whereis rsync

        If that doesn't produce /usr/bin/rsync or similar, install rsync.


        [ssh_login_user]@[remote_host]:# exit 

14.3 ssh Shared Key Setup

14.3.1 Generate a public/private key pair for the root user on the wview

        server (if it does not already exist) (execute as the root user):

        root@[wview_server]:# mkdir -p ~/.ssh
        root@[wview_server]:# ssh-keygen -t rsa

        Just hit enter for default values when asked questions.
        This will create two files, we are interested in the ~/.ssh/

14.3.2 Transfer to [remote_host]. Use ftp, scp, email, floppy

        disk, whatever you want to get this file to the remote host.

14.3.3 Login to [remote_host] as [ssh_login_user] and append the contents of into ~/.ssh/authorized_keys (if authorized_keys does not 
        exist, just rename to authorized_keys).

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [enter password]
        [ssh_login_user]@[remote_host]:# mkdir -p ~/.ssh
        [ssh_login_user]@[remote_host]:# cd ~/.ssh
        [ssh_login_user]@[remote_host]:# cat >> authorized_keys

        Stay logged in - we need it for the next step.

14.3.4 As [ssh_login_user] on [remote_host], ssh into the wview server as root,

        answer "yes" if this is the first time, then logout. This sets the 
        wview server up in the remote server login account's "known_hosts" file.

        [ssh_login_user]@[remote_host]:# ssh -l root [wview_server]
        [enter password]
        root@[wview_server]:# exit

        Now, exit the original ssh session:
        [ssh_login_user]@[remote_host]:# exit

14.3.5 As root on the wview server, ssh into [remote_host] as [ssh_login_user],

        answer "yes" if this is the first time, then logout. This sets the 
        [remote_host] up in the wview server root account's "known_hosts" file.

        root@[wview_server]:# ssh -l [ssh_login_user] [remote_host]
        [no password should be required!]
        [ssh_login_user]@[remote_host]:# exit

14.3.6 Finally, we need to set up ssh for the root user so that when

        [remote_host] is logged into, ssh uses [ssh_login_user] instead of
        root for the login on [remote_host]. This must be done for every 
        [remote_host] entry in wviewssh.conf. This is what specifies which 
        user account is used for the ssh login to each [remote_host].

        Edit /root/.ssh/config and put the following at the top of the file
        (just create a new file if it does not exist):

        [text start]
        Host [remote_host]
        User [ssh_login_user]
        [text end]

        Save and exit that file.

14.3.7 Mandatory Tests - these must succeed before going any further:

        As root on the wview server execute:
        root@[wview_server]:# ssh [remote_host]

        You should be logged in to [remote_host] as [ssh_login_user] without 
        entering a password.

        Exit the remote host shell:
        [ssh_login_user]@[remote_host]:# exit

        You should now be able to remotely execute commands over ssh. Verify 
        this by executing the date command from the wview server as root: 

        root@[wview_server]:# ssh [remote_host] date

        This MUST execute without requiring a password. If it does not, go back
        to the beginning of shared key setup and double check your steps.

        DO NOT proceed if you cannot login/execute commands remotely as
        [ssh_login_user] without a password. This is critical! There is much 
        online documentation concerning ssh setup, this is only a bare-bones
        treatment of the subject.

14.4 Confirming rsync Functionality

14.4.1 Place files in /var/wview/img (if it is not already your "IMAGE_PATH"

        in htmlgen.conf):

        root@[wview_server]:# cp [some_test_files] /var/wview/img

14.4.2 Create/Verify the destination path on the remote server

        (as [ssh_login_user]):

        root@[wview_server]:# ssh [remote_host]

        [you are now logged in as [ssh_login_user] without a password, right?]

        [ssh_login_user]@[remote_host]:# cd ~  

        [this is your ssh login directory - all wviewssh.conf destination
        paths are relative to this directory]

        [ssh_login_user]@[remote_host]:# mkdir -p [remote_test_dir]

        Note: [remote_test_dir] is a relative path from the [ssh_login_user] 
              login directory - it CANNOT contain a leading "slash".


        [ssh_login_user]@[remote_host]:# exit

14.4.3 Test rsync over ssh from the wview server:

        root@[wview_server]:# rsync -aqz --rsh=ssh /var/wview/img/ [remote_host]:[remote_test_dir]

        This should transfer the files you placed in /var/wview/img to the 
        remote server in the [remote_test_dir] directory without a password
        being required.

        *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!*****
        wview ssh file transfer capability will NOT work until you can
        successfully execute this command from the wview server and verify 
        the file transfers on the remote server.
        *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!*****

14.5 Configuring wview For Secure Transfers

14.5.1 Stop wview as you normally would:

            [FreeBSD]   /etc/rc.d/wview stop            -OR-

            [SuSE]      /etc/init.d/wview stop          -OR-
            [RH/Fedora] /etc/rc.d/init.d/wview stop

14.5.2a If updating, copy the wviewssh.conf script to your server:

        cp .../wview-x.y.z/examples/conf/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf

14.5.2b If a new install, rename the config file:

        mv /etc/wview/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf

14.5.3 Copy the new wview start script which will start the wviewsshd daemon:

        [FreeBSD]   cp .../wview-x.y.z/examples/FreeBSD/wview /etc/rc.d
        [SuSE]      cp .../wview-x.y.z/examples/SuSE/wview /etc/init.d
        [RH/Fedora] cp .../wview-x.y.z/examples/Fedora/wview /etc/rc.d/init.d

14.5.4 Edit /etc/wview/wviewssh.conf, adding one or more transfer rules: [snip]

  1. Interval Source Remote Host Remote Destination
  2. -------- ----------------------------- ------------------------- ---------------------------

1 /var/wview/img [remote_host] [remote_test_dir] [snip]

        The example file contains a full description of the columns.

        Each [remote_host] entry must have a corresponding "Host" entry in
        /root/.ssh/config which specifies the login account ([ssh_login_user]) 
        to use for ssh. See section 14.3 above. Further, the procedures outlined 
        in sections 14.2-14.4 MUST be followed for each unique [remote_host] 
        [ssh_login_user] combination.

14.5.5 Start wview as you normally would:

            [FreeBSD]   /etc/rc.d/wview start           -OR-
            [SuSE]      /etc/init.d/wview start         -OR-
            [RH/Fedora] /etc/rc.d/init.d/wview start

(:div style='groove #99f; padding:10px; background-image:url(; opacity:.50;filter: alpha(opacity=50); -moz-opacity: 0.9'':)




Materiali & Procedure

Per contibuire