crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[borgbackup-server] Use restrict directive for authorized_key 

As documented in https://borgbackup.readthedocs.io/en/stable/usage/serve.html, openssh-server > 7.2 is available in debian since at least stretch (7.4) so no risk of compatibility issues.
certbot_on_virtu
_michael 2021-09-28 11:59:34 +00:00 committed by shirenn
parent 880767d8d0
commit 8e6b97df34
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/borgbackup-server/templates/authorized_keys.j2
View File

@ -1,3 +1,3 @@
{{ ansible_header | comment }}
command="borg serve --restrict-to-path {{ borg.path }}",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding {{ vault.borgbackup_ssh_pubkey }}
command="borg serve --restrict-to-path {{ borg.path }}",restrict {{ vault.borgbackup_ssh_pubkey }}