From 1ef54f8773d5d3d6cf749c482dee42ec5bb26cd1 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 19 May 2018 08:23:48 -0300
Subject: Use backup::params at backup::borg

---
 manifests/borg.pp     |  3 ++
 manifests/params.pp   |  2 +-
 templates/borg.sh.erb | 80 ++++++++++++++++++++++-----------------------------
 3 files changed, 38 insertions(+), 47 deletions(-)

diff --git a/manifests/borg.pp b/manifests/borg.pp
index 4d08908..e027984 100644
--- a/manifests/borg.pp
+++ b/manifests/borg.pp
@@ -11,6 +11,9 @@ define backup::borg(
     $periodic_check = absent,
     $password,
 ) {
+  $exclude_unencrypted = $backup::params::exclude_unencrypted
+  $include_unencrypted = $backup::params::include_unencrypted
+
   file { "${backupninja::configdir}/${order}_borg-${host}.sh":
     ensure  => $ensure,
     content => template('backup/borg.sh.erb'),
diff --git a/manifests/params.pp b/manifests/params.pp
index 4efed5b..e94e1d3 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -5,7 +5,7 @@ class backup::params {
   $backupdir_ensure = hiera('backup::dir::ensure', 'directory')
 
   # for data that's going to be encrypted and signed
-  $include_unencrypted = [ "/etc", "/var", "/home", ]
+  $include_unencrypted = [ "/etc", "/var", "/home", "/root" ]
   $exclude_unencrypted = [ "$backupdir_remote", "$backupdir/duplicity", "$backupdir/borg", "$backupdir/restore", "/var/cache", "/var/log", "/var/vservers", "/var/chroot", "/root/.cache", "/var/lib/dpkg", "/var/lib/apt", "/var/lib/aptitude/", "/var/sites/backups", "/var/data/crypt", "/var/data/backups", "/var/data/cache" ]
 
   # for data that were previously encrypted and signed
diff --git a/templates/borg.sh.erb b/templates/borg.sh.erb
index 3eddd87..b37ab40 100644
--- a/templates/borg.sh.erb
+++ b/templates/borg.sh.erb
@@ -26,14 +26,14 @@ fi
 
 # Initialize
 if ! ssh $SSH_SERVER -p $SSH_PORT test -f /var/backups/remote/$HOSTNAME/borg/config; then
-	info "Initializing borg repository at ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg..."
+  info "Initializing borg repository at ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg..."
   borg init --encryption=<%= @encryption %> ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg
 
-	init_exit=$?
+  init_exit=$?
 
-	if [ "$init_exit" != "0" ]; then
-		fatal "Error initializing repository"
-	fi
+  if [ "$init_exit" != "0" ]; then
+    fatal "Error initializing repository"
+  fi
 fi
 
 # Backup the most important directories into an archive named after
@@ -41,41 +41,29 @@ fi
 
 info "Starting backup..."
 
-borg create                                \
-	--verbose                          \
-	--filter AME                       \
-	--list                             \
-	--stats                            \
-	--show-rc                          \
-	--compression lz4                  \
-	--exclude-caches                   \
-	--exclude '/home/*/.cache/*'       \
-	--exclude '/var/cache/*'           \
-	--exclude '/var/tmp/*'             \
-  --exclude '/var/backups/remote'    \
-  --exclude '/var/backups/duplicity' \
-  --exclude '/var/backups/restore'   \
-  --exclude '/var/cache'             \
-  --exclude '/var/vservers'          \
-  --exclude '/var/chroot'            \
-  --exclude '/root/.cache'           \
-  --exclude '/var/lib/dpkg'          \
-  --exclude '/var/lib/apt'           \
-  --exclude '/var/lib/aptitude'      \
-  --exclude '/var/sites/backups'     \
-  --exclude '/var/data/crypt'        \
-  --exclude '/var/data/backups'      \
-  --exclude '/var/data/cache'        \
-	::'{hostname}-{now}'               \
-	/etc                               \
-	/home                              \
-	/root                              \
-	/var                               \
-
-	backup_exit=$?
+borg create                          \
+  --verbose                          \
+  --filter AME                       \
+  --list                             \
+  --stats                            \
+  --show-rc                          \
+  --compression lz4                  \
+  --exclude-caches                   \
+  --exclude '/home/*/.cache/*'       \
+  --exclude '/var/cache/*'           \
+  --exclude '/var/tmp/*'             \
+<% @exclude_unencrypted.each do |del| -%>
+  --exclude <%= del %>               \
+<% end -%>
+  ::'{hostname}-{now}'               \
+<% @include_unencrypted.each do |add| -%>
+  <%= add %>                         \
+<% end -%>
+
+  backup_exit=$?
 
 if [ "$backup_exit" != "0" ]; then
-	fatal "Error creating snapshot"
+  fatal "Error creating snapshot"
 fi
 
 info "Pruning repository..."
@@ -85,18 +73,18 @@ info "Pruning repository..."
 # limit prune's operation to this machine's archives and not apply to
 # other machines' archives also:
 
-borg prune                           \
-	--list                             \
-	--prefix '{hostname}-'             \
-	--show-rc                          \
+borg prune                            \
+  --list                              \
+  --prefix '{hostname}-'              \
+  --show-rc                           \
   --keep-daily    <%= @keepdaily %>   \
   --keep-weekly   <%= @keepweekly %>  \
   --keep-monthly  <%= @keepmonthly %> \
 
-	prune_exit=$?
+  prune_exit=$?
 
 if [ "$prune_exit" != "0" ]; then
-	fatal "Error pruning repository"
+  fatal "Error pruning repository"
 fi
 
 # use highest exit code as global exit code
@@ -104,12 +92,12 @@ fi
 #
 #if [ ${global_exit} -eq 1 ];
 #then
-#	info "Backup and/or Prune finished with a warning"
+#  info "Backup and/or Prune finished with a warning"
 #fi
 #
 #if [ ${global_exit} -gt 1 ];
 #then
-#	info "Backup and/or Prune finished with an error"
+#  info "Backup and/or Prune finished with an error"
 #fi
 #
 #exit ${global_exit}
-- 
cgit v1.2.3