Last active
June 8, 2019 20:10
-
-
Save Westie/4f5d76f1e074a09ecfccfa42f3fecc3d to your computer and use it in GitHub Desktop.
Connect to NFS over SSH tunnel (with systemd)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1) On each of your servers, create a new user: | |
useradd -m -s /bin/false autossh | |
2) On your NFS server, add the public key of your NFS client to the authorised keys file: | |
su -s /bin/bash autossh | |
ssh-keygen | |
vim ~/.ssh/authorized_keys | |
3) Modify the systemd service below to your needs, and install it to your server | |
4) Enable and start the service :-) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Unit] | |
Description=autossh tunnel to backup server | |
AssertPathExists=/mnt/nfs/backup-nfs1 | |
[Service] | |
Type=simple | |
Restart=always | |
ExecStartPre=-/usr/sbin/pvesm add dir backup-nfs1 --path /mnt/nfs/backup-nfs1 --disable 1 --shared 1 | |
ExecStartPre=/usr/sbin/pvesm set backup-nfs1 --disable 1 | |
ExecStart=/bin/su -s /bin/sh autossh -c 'ssh -NT -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -L localhost:2049:localhost:2049 -p2300 autossh@10.0.0.1' | |
ExecStartPost=/bin/sleep 2 | |
ExecStartPost=/bin/mount -t nfs localhost:/mnt/storage /mnt/nfs/backup-nfs1 | |
ExecStartPost=/usr/sbin/pvesm set backup-nfs1 --disable 0 | |
ExecStop=-/usr/sbin/pvesm set backup-nfs1 --disable 1 | |
ExecStop=-/bin/umount -f /mnt/nfs/backup-nfs1 | |
[Install] | |
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
systemctl enable backup-nfs-tunnel | |
systemctl start backup-nfs-tunnel |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment