User Tools

Site Tools


js#vista.png msort nsort


Installing Csync2

Csnyc2 is really cool. The problem is getting it up and running. Due to very bad documentation there is some info that is just not very well explained. So here we go. a step by step for getting csync2 installed with SSL support.

As always see if the package is available in the repo first. In this case it is so a simple apt-get works to get csync2 installed on the system:

apt-get install csync2 sqlite3 openssl

After that is where it starts getting fun. All SSL files generated are needed on ALL hosts in the group. So first get the certs and keys generated on the main node:

mkdir /etc/csync2
cd /etc/csync2
openssl genrsa -out csync2_ssl_key.pem 1024
openssl req -new -subj '/C=DE/ST=MVP/L=Schwerin' -key csync2_ssl_key.pem -out csync2_ssl_cert.csr
openssl x509 -req -days 600 -in csync2_ssl_cert.csr -signkey csync2_ssl_key.pem -out Csync2_ssl_cert.pem
csync2 -k csync2_ssl_cert.key

NOTE 1: The subject line in the cert creation should be changed to fit your needs.

NOTE 2: If your node is not very busy you may need to help in entropy generation (in another shell just type “du -h /”).

:!: :!: BE ADVISED!!! In the subject line you MUST leave the “Common Name” (CN) blank!!!

When you are done you will have 4 files that need to be copied over to the other nodes in the group you configure in your csync2.cfg file:

-rw-r--r--    1 root    root      570 Oct 12 09:26 csync2_ssl_cert.csr
-rw-------    1 root    root       65 Oct 12 09:27 csync2_ssl_cert.key
-rw-r--r--    1 root    root      757 Oct 11 13:08 csync2_ssl_cert.pem
-rw-r--r--    1 root    root      887 Oct 11 13:08 csync2_ssl_key.pem
filesystems/csync2_install.txt · Last modified: 2020/02/24 11:16 (external edit)