Development repository for Chef Cookbook rsync
Ruby HTML Shell
Latest commit 6007136 Mar 21, 2017 @tas50 tas50 Update apache2 license string
Signed-off-by: Tim Smith <tsmith@chef.io>
Permalink
Failed to load latest commit information.
.delivery Test with Local Delivery instead of Rake Mar 1, 2017
.github Update Github PR template Oct 23, 2016
attributes Update copyright headers Nov 25, 2016
libraries Add matchers for the rsync_serve LWRP Sep 25, 2015
providers Update copyright headers Nov 25, 2016
recipes Update copyright headers Nov 25, 2016
resources Cookstyle fixes Dec 9, 2016
spec Update spec platforms and use caching Sep 16, 2016
tasks Update copyright headers Nov 25, 2016
templates/default Fixes to allow rsync daemon to be started if not up Apr 1, 2014
test Just see if the process is running Sep 17, 2016
.foodcritic Disable use_inline_resources as it breaks the provider Sep 17, 2016
.gitignore Test with Local Delivery instead of Rake Mar 1, 2017
.kitchen.dokken.yml Test with Local Delivery instead of Rake Mar 1, 2017
.kitchen.yml Update platforms to test with test kitchen Jan 26, 2017
.rubocop.yml Convert tests to use inspec Sep 17, 2016
.travis.yml Test with Local Delivery instead of Rake Mar 1, 2017
Berksfile Update platforms to test with test kitchen Jan 26, 2017
CHANGELOG.md Release 1.0.1 Sep 18, 2016
CONTRIBUTING.md Update docs Sep 8, 2015
Gemfile Update apache2 license string Mar 21, 2017
LICENSE Testing updates Apr 29, 2016
MAINTAINERS.md Update maintainer text Sep 16, 2016
MAINTAINERS.toml Update maintainer text Sep 16, 2016
README.md Clarify in readme we require Chef 12.1+ Sep 16, 2016
TESTING.md Update docs Sep 8, 2015
chefignore Testing updates Apr 29, 2016
metadata.rb Update apache2 license string Mar 21, 2017

README.md

rsync Cookbook

Build Status Cookbook Version

Rsync cookbook with rsyncd LWRP. More info on ryncd options can be found in the Docs.

Requirements

Platforms

  • Debian/Ubuntu
  • RHEL/CentOS/Scientific/Amazon/Oracle

Chef

  • Chef 12.1+

Cookbooks

  • none

Attributes

node['rsyncd']['service'] (String) default: "rsync"

The name of the init service

node['rsyncd']['config'] (Hash) default: "/etc/rsyncd.conf"

Path to the rsyncd config file. This is the default, but the serve resource can write config files to arbitrary paths independant of this.

node['rsyncd']['nice'] (String) default: "" Debian/ubuntu only

node['rsyncd']['ionice'] (String) default: "" Debian/ubuntu only

node['rsyncd']['globals'] (Hash) default: {}

This is where you can store key-value pairs that coincide with rsyncd globals.

  • motd file: This parameter allows you to specify a "message of the day" to display to clients on each connect. This usually contains site information and any legal notices. The default is no motd file.
  • pid file: This parameter tells the rsync daemon to write its process ID to that file. If the file already exists, the rsync daemon will abort rather than overwrite the file.
  • port: You can override the default port the daemon will listen on by specifying this value (defaults to 873). This is ignored if the daemon is being run by inetd, and is superseded by the --port command-line option.
  • address: You can override the default IP address the daemon will listen on by specifying this value. This is ignored if the daemon is being run by inetd, and is superseded by the --address command-line option.
  • socket options: This parameter can provide endless fun for people who like to tune their systems to the utmost degree. You can set all sorts of socket options which may make transfers faster (or slower!). Read the man page for the setsockopt() system call for details on some of the options you may be able to set. By default no special socket options are set. These settings can also be specified via the --sockopts command-line option.

Refer to the documentation for rsyncd for more info.

Recipes

default

This recipe simply installs the rsync package, nothing more.

Resources/Providers

serve

This LWRP implements a rsync server module. The folowing params are chef-only, the rest implement the feature as described in the [rsyncd docs][1]

Parameters

Required:
  • path - Path which this module should server
Optional:

Unless specified these paramaters use the rsyncd default values as refed in the [Rsyncd docs][1]. Params are Strings unless specified otherwise.

  • name - The name of this module that will be refrenced by rsync://foo/NAME. Defaults to the resource name.
  • config_path - Path to write the rsyncd config Defaults to `node['rsyncd']['config']
  • comment - Comment when rsync gets the list of modules from the server.
  • read_only - Boolean - Serve this as a read-only module.
  • write_only- Boolean - Serve this as a write-only module.
  • list - Boolean - Add this module the the rsync modules list
  • uid - String - This parameter specifies the user name or user ID that file transfers to and from that module should take place as when the daemon was run as root.
  • gid - String - This parameter specifies the group name or group ID that file transfers to and from that module should take place as when the daemon was run as root.
  • auth_users - This parameter specifies a comma and space-separated list of usernames that will be allowed to connect to this module. [more info][1]
  • secrets_file - This parameter specifies the name of a file that contains the username:password pairs used for authenticating this module. [more info][1]
  • hosts_allow - This parameter allows you to specify a list of patterns that are matched against a connecting clients hostname and IP address. If none of the patterns match then the connection is rejected. [more info][1]
  • hosts_deny - This parameter allows you to specify a list of patterns that are matched against a connecting clients hostname and IP address. If the pattern matches then the connection is rejected. [more info][1]
  • max_connections - Fixnum - *Default: 0 - The maximum number of simultaneous connections you will allow.
  • munge_symlinks - Boolean - *Default: true - This parameter tells rsync to modify all incoming symlinks in a way that makes them unusable but recoverable. [more info][1]
  • use_chroot - Boolean - the rsync daemon will chroot to the "path" before starting the file transfer with the client.
  • nemeric_ids - Boolean - *Default: true - Enabling this parameter disables the mapping of users and groups by name for the current daemon module.
  • fake_super - Boolean - This allows the full attributes of a file to be stored without having to have the daemon actually running as root.
  • exclude_from - This parameter specifies the name of a file on the daemon that contains daemon exclude patterns. [more info][1]
  • exclude - This parameter specifies the name of a file on the daemon that contains daemon exclude patterns. [more info][1]
  • include_from - Analogue of exclude_from
  • include - Analogue of exclude
  • strict_modes - Boolean - If true, then the secrets file must not be readable by any user ID other than the one that the rsync daemon is running under.
  • log_file - Path where you should store this modules log file.
  • log_format - The format is a text string containing embedded single-character escape sequences prefixed with a percent (%) character. An optional numeric field width may also be specified between the percent and the escape letter (e.g. "%-50n %8l %07p"). [more info][1]
  • transfer_logging - This parameter enables per-file logging of downloads and uploads in a format somewhat similar to that used by ftp daemons. The daemon always logs the transfer at the end, so if a transfer is aborted, no mention will be made in the log file.
  • timeout - Fixnum - Default: 600 - Using this parameter you can ensure that rsync won't wait on a dead client forever. The timeout is specified in seconds. A value of zero means no timeout.
  • dont_compress - This parameter allows you to select filenames based on wildcard patterns that should not be compressed when pulling files from the daemon
  • lock_file - This parameter specifies the file to use to support the "max connections" parameter. The rsync daemon uses record locking on this file to ensure that the max connections limit is not exceeded for the modules sharing the lock file. The default is /var/run/rsyncd.lock
  • refuse_options - This parameter allows you to specify a space-separated list of rsync command line options that will be refused by your rsync daemon.
  • prexfer_exec - A command to run before each transfer to or from this module. If this command fails, the transfer will be aborted.
  • postxfer_exec - A command to run after each transfer to or from this module.

Usage

After loading the rsync cookbook you have access to the rsync_serve resource for serving up a generic rsyncd module with many options.

You must include the rsync::server recipe before you can use the LWRP as shown in the examples below.

Examples

Serve a directory:

include_recipe 'rsync::server'

rsync_serve 'tmp' do
  path '/tmp'
end

Serve a directory with read only and specify uids:

include_recipe 'rsync::server'

rsync_serve 'tmp' do
  path      '/tmp'
  uid       'nobody'
  gid       'nobody'
  read_only true
end

A more complex example with networking:

include_recipe 'rsync::server'

rsync_serve 'centos-prod' do
  path             '/data/repos/prod/centos'
  comment          'CentOS prod mirror'
  read_only        true
  use_chroot       true
  list             true
  uid              'nobody'
  gid              'nobody'
  hosts_allow      '127.0.0.1, 10.4.1.0/24, 192.168.4.0/24'
  hosts_deny       '0.0.0.0/0'
  max_connections  10
  transfer_logging true
  log_file         '/tmp/centos-sync'
  postxfer_exec    '/usr/local/bin/collect_things.sh'
end

License & Authors

Author: Jesse Nelson (spheromak@gmail.com)

Author: Cookbook Engineering Team (cookbooks@chef.io)

Copyright: 2012-2016, Chef Software, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.