| Line 197... |
Line 197... |
| 197 |
echo "error: cannot SSH with '$remote_ssh_user' to $remote_addr:$remote_ssh_port" >&2
|
197 |
echo "error: cannot SSH with '$remote_ssh_user' to $remote_addr:$remote_ssh_port" >&2
|
| 198 |
echo "hint: have you deployed root pubkey on the remote?"
|
198 |
echo "hint: have you deployed root pubkey on the remote?"
|
| 199 |
return 7
|
199 |
return 7
|
| 200 |
fi
|
200 |
fi
|
| 201 |
|
201 |
|
| 202 |
echo "Successfully connected with '$remote_ssh_user' to $remote_addr:$remote_ssh_port"
|
202 |
echo "Successfully connected with '$remote_ssh_user' to primary ($remote_addr:$remote_ssh_port)"
|
| 203 |
|
203 |
|
| 204 |
# Test database credentials
|
204 |
# Test database credentials
|
| 205 |
if ! /usr/bin/ssh -q -p "$remote_ssh_port" "$remote_ssh_user"@"$remote_addr" -- /usr/bin/mariadb --user="$remote_db_user" --password="$remote_db_pwd" --execute="QUIT"
|
205 |
if ! /usr/bin/ssh -q -p "$remote_ssh_port" "$remote_ssh_user"@"$remote_addr" -- /usr/bin/mariadb --user="$remote_db_user" --password="$remote_db_pwd" --execute="QUIT"
|
| 206 |
then
|
206 |
then
|
| 207 |
echo "error: cannot connect with '$remote_db_user' to remote database" >&2
|
207 |
echo "error: cannot connect with '$remote_db_user' to remote database" >&2
|
| Line 216... |
Line 216... |
| 216 |
if ! /usr/bin/mariadb --host="$LOCALHOST" --port="$bind_port" --user="$remote_db_user" --password="$remote_db_pwd" --execute="QUIT"
|
216 |
if ! /usr/bin/mariadb --host="$LOCALHOST" --port="$bind_port" --user="$remote_db_user" --password="$remote_db_pwd" --execute="QUIT"
|
| 217 |
then
|
217 |
then
|
| 218 |
echo "error: cannot connect with '$remote_db_user' to remote database" >&2
|
218 |
echo "error: cannot connect with '$remote_db_user' to remote database" >&2
|
| 219 |
return 9
|
219 |
return 9
|
| 220 |
fi
|
220 |
fi
|
| - |
|
221 |
echo "Successfully connected with '$remote_db_user' to remote secondary database on port $bind_port"
|
| 221 |
}
|
222 |
}
|
| 222 |
|
223 |
|
| 223 |
# Make a SSH tunnel to remote host
|
224 |
# Make a SSH tunnel to remote host
|
| 224 |
create_ssh_tunnel() {
|
225 |
create_ssh_tunnel() {
|
| 225 |
# Find a common binding port
|
226 |
# Find a common binding port
|
| Line 374... |
Line 375... |
| 374 |
case "$remote_role" in
|
375 |
case "$remote_role" in
|
| 375 |
primary)
|
376 |
primary)
|
| 376 |
tmp_allow_outbound_connection || abort "$?" || exit
|
377 |
tmp_allow_outbound_connection || abort "$?" || exit
|
| 377 |
check_primary_credentials || abort "$?" || exit
|
378 |
check_primary_credentials || abort "$?" || exit
|
| 378 |
create_ssh_tunnel || abort "$?" || exit
|
379 |
create_ssh_tunnel || abort "$?" || exit
|
| - |
|
380 |
add_remote_as_primary || abort "$?" || exit
|
| - |
|
381 |
echo -n "Allowing outbound connection to remote SSH "
|
| - |
|
382 |
# Get remote IP and port from its name
|
| - |
|
383 |
port="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 9)"
|
| - |
|
384 |
ip="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 14 | cut -d '@' -f2)"
|
| - |
|
385 |
echo "($ip:$port)"
|
| - |
|
386 |
/usr/bin/sed -i -E "/^REPLICATION_TO=/s/=(.*)/=\1$ip:$port,/" /usr/local/etc/alcasar.conf
|
| - |
|
387 |
/usr/local/bin/alcasar-iptables.sh
|
| 379 |
;;
|
388 |
;;
|
| 380 |
secondary)
|
389 |
secondary)
|
| 381 |
check_secondary_credentials || exit
|
390 |
check_secondary_credentials || exit
|
| - |
|
391 |
add_remote_as_primary || abort "$?" || exit # In a federation, primary/secondary is define by SSH role (sshd-server=primary; ssh-client=secondary)
|
| 382 |
;;
|
392 |
;;
|
| 383 |
esac
|
393 |
esac
|
| 384 |
|
394 |
|
| 385 |
# Set remote as master
|
- |
|
| 386 |
add_remote_as_primary || abort "$?" || exit
|
- |
|
| 387 |
|
- |
|
| 388 |
# Set Netfilter
|
395 |
# Set Netfilter
|
| 389 |
echo -n "Allowing outbound connection to remote SSH "
|
- |
|
| 390 |
# Get remote IP and port from its name
|
- |
|
| 391 |
port="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 9)"
|
- |
|
| 392 |
ip="$(grep "ExecStart" "$service_path" | cut -d ' ' -f 14 | cut -d '@' -f2)"
|
- |
|
| 393 |
echo "($ip:$port)"
|
- |
|
| 394 |
/usr/bin/sed -i -E "/^REPLICATION_TO=/s/=(.*)/=\1$ip:$port,/" /usr/local/etc/alcasar.conf
|
- |
|
| 395 |
/usr/local/bin/alcasar-iptables.sh
|
- |
|
| 396 |
|
396 |
|
| 397 |
# Start replication
|
- |
|
| 398 |
# /usr/local/bin/alcasar-replication-start.sh --name="$remote_name"
|
- |
|
| - |
|
397 |
|