|
@@ -271,28 +271,28 @@ Depends on the following roles:
|
|
|
* **backup_client**
|
|
|
|
|
|
|
|
|
Backups
|
|
|
~~~~~~~
|
|
|
|
|
|
If the backup for this role has been enabled, the following paths are backed-up:
|
|
|
|
|
|
**/var/log**
|
|
|
Log files from the system.
|
|
|
|
|
|
**/home**
|
|
|
Home directory for regular users.
|
|
|
Home directory for regular users (this can be changed via role parameters).
|
|
|
|
|
|
**/root**
|
|
|
Root user's home directory.
|
|
|
Root user's home directory (this can be changed via role parameters).
|
|
|
|
|
|
**/etc/shadow**
|
|
|
Operating system user passwords.
|
|
|
|
|
|
**/var/mail**
|
|
|
Local user's mails.
|
|
|
|
|
|
**/var/spool/cron**
|
|
|
Local user's cronjobs.
|
|
|
|
|
|
|
|
|
Parameters
|
|
@@ -337,24 +337,28 @@ Parameters
|
|
|
|
|
|
**common_packages** (list, optional, ``[]``)
|
|
|
List of additional operating system packages that should be installed on the
|
|
|
server. Each element of the list should be a simple string denoting the name
|
|
|
of the package.
|
|
|
|
|
|
**ca_certificates** (list, optional, ``{}``)
|
|
|
Dictionary containing the CA certificates to deploy. Keys are base filenames
|
|
|
(**without extension**) to be used when placing a certificate file in
|
|
|
directory ``/usr/local/share/ca-certificates/``, while values are
|
|
|
corresponding content to be placed in the file.
|
|
|
|
|
|
**extra_backup_patterns** (list, optional, ``[ "/home", "/root" ]]``)
|
|
|
List of additional globbing patterns defining additional files or directories
|
|
|
that should be backed-up.
|
|
|
|
|
|
**incoming_connection_limit** (string, optional, ``3/second``)
|
|
|
Rate at which the incoming ICMP echo-request packages and new TCP connections
|
|
|
will be accepted at. The value should be specified in the same format as value
|
|
|
for the ``iptables hashlimit`` option ``--hashlimit-upto``.
|
|
|
|
|
|
**incoming_connection_limit_burst** (string, optional, ``9``)
|
|
|
Initial burst of packages that should be accepted when the client with
|
|
|
distinct source IP address connects to the server for the first time (usually
|
|
|
higher than ``incoming_connection_limit``), even if it would go above the
|
|
|
specified connection limit.
|
|
|
|
|
|
**prompt_colour** (string, optional, ``none``)
|