Hi! I'm following up on issue #13 in our ansible bug tracker [1] about setting up a semi-automated sync to vittoria. During confs and mini-confs, we need to be able to sync files from the voctomix (live video mixer) machines in the rooms to Vittoria. Currently, the way we do it is that a member of the videoteam group adds temporary SSH keys to their Debian account for that machine. What we would like to do is to be able to add restricted SSH keys, allowed to access the sreview user, in the form of: ---------------------------------------------------------------------- command="/srv/sreview.debian.org/home/bin/rrsync -wo /srv/sreview.debian.org/input",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAAB[...]KYl videoteam@voctomixXY ---------------------------------------------------------------------- The actual sync is done via a CLI script (which is a basic rsync wrapper) that can be found here [2]. The rrsync script is directly gunzipped from rsync's documentation. It seems that 1 year ago when Wouter approached DSA on IRC, you seemed open to the ideas as long as the authorized keys changes were done through a command line interface rather than through a webinterface. Modifying the authorized_keys file would be done manually by a member of the team at the beginning of each conference. Cheers! [1]: https://salsa.debian.org/debconf-video-team/ansible/issues/13 [2]: https://salsa.debian.org/debconf-video-team/ansible/blob/master/roles/voctomix/templates/videoteam-copy-recordings.j2 -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau ⢿⡄⠘⠷⠚⠋ pollo@debian.org / veronneau.org ⠈⠳⣄
Attachment:
signature.asc
Description: OpenPGP digital signature