[mirror-admin] rsync ACLs for tier1s

[SpeedPartner GmbH]

Stuart McKim wrote:
> We ran into a similar issue when we put our servers into cfengine to be
> centrally managed. Instead of copying out a different config file for
> each server, we wanted to be able to modularize it. This way, we could
> have a separate file for each unique section.
> 
> The set-up uses a rsyncd.conf.d directory where we drop in files
> containing the appropriate blocks of the final file. For example, we
> have a 00base.conf file that includes the global settings, backup.conf
> for our dirvish backups, and mirror.conf that defines the modules our
> mirrors provide. For any ACLs that we pull from other sources, those are
> put into individual files in the same directory using a cron job.
> Whenever we update one of those files, we run a script that essentially
> concatenates the files to make /etc/rsyncd.conf

Hmm, that would work - sure.

In the long run it might be useful to submit a patch for rsync allowing 
for ACLs from a file, I guess. Maybe by giving an at-sign in front of a 
name to indicate that is a filename? e.g.

hosts allow = 192.168.0.1 myhost.example.com ... @tier2s.acl ...

Or would this collide with anything?


Kind regards,
  Stefan Neufeind

--