diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2016-03-22 17:29:21 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2016-03-22 17:29:21 -0300 |
commit | d07b6344a8762a255bb895dcc0e6db1bf1ae0435 (patch) | |
tree | bb59130620d401fa510f274d2a48f5af48f32d95 | |
parent | ddd95e21523eee9cd441a9e9085c9a46cf2e9e26 (diff) | |
download | puppet-backupninja-d07b6344a8762a255bb895dcc0e6db1bf1ae0435.tar.gz puppet-backupninja-d07b6344a8762a255bb895dcc0e6db1bf1ae0435.tar.bz2 |
Move storedconfig code to separate folders, trying to avoid warnings on masterless setup
-rw-r--r-- | manifests/sandbox.pp | 97 | ||||
-rw-r--r-- | manifests/server.pp | 102 | ||||
-rw-r--r-- | manifests/storedconfigs.pp | 10 |
3 files changed, 108 insertions, 101 deletions
diff --git a/manifests/sandbox.pp b/manifests/sandbox.pp new file mode 100644 index 0000000..4446b67 --- /dev/null +++ b/manifests/sandbox.pp @@ -0,0 +1,97 @@ +# this define allows nodes to declare a remote backup sandbox, that have to +# get created on the server +define backupninja::sandbox ( + $user = $name, + $host = $::fqdn, + $installuser = true, + $manage_ssh_dir = true, + $ssh_dir = "${dir}/.ssh", + $authorized_keys_file = 'authorized_keys', + $key = false, + $keytype = 'dss', + $backupkeys = "${fileserver}/keys/backupkeys", + $uid = false, + $gid = "backupninjas", + $backuptag = "backupninja-${::fqdn}", + $dir, +) { + + if !defined(Backupninja::Storedconfigs::Realize["${::fqdn}@${host}"]) { + @@backupninja::storedconfigs::realize { "${::fqdn}@${host}": + host => $::fqdn, + tag => $host, + } + } + + if !defined(File["$dir"]) { + @@file { "$dir": + ensure => directory, + mode => 0750, + owner => $user, + group => 0, + tag => "$backuptag", + } + } + + if $installuser { + + if $manage_ssh_dir { + if !defined(File["$ssh_dir"]) { + @@file { "${ssh_dir}": + ensure => directory, + mode => 0700, + owner => $user, + group => 0, + require => [User[$user], File["$dir"]], + tag => "$backuptag", + } + } + } + + if $key { + # $key contais ssh public key + if !defined(Ssh_autorized_key["$user"]) { + @@ssh_authorized_key{ "$user": + type => $keytype, + key => $key, + user => $user, + target => "${ssh_dir}/${authorized_keys_file}", + tag => "$backuptag", + require => User[$user], + } + } + } + else { + # get ssh public key exists from server + if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { + @@file { "${ssh_dir}/${authorized_keys_file}": + ensure => present, + mode => 0644, + owner => 0, + group => 0, + source => "${backupkeys}/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$backuptag", + } + } + } + + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + uid => $uid ? { + false => undef, + default => $uid + }, + gid => "$gid", + comment => "$user backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/bash", + password => '*', + require => Group['backupninjas'], + tag => "$backuptag" + } + } + } +} diff --git a/manifests/server.pp b/manifests/server.pp index 6f7a30e..3a8761e 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,10 +1,3 @@ -# this define realizes all needed resources for a hosted backup -define backupninja_server_realize($host) { - User <<| tag == "backupninja-$host" |>> - File <<| tag == "backupninja-$host" |>> - Ssh_authorized_key <<| tag == "backupninja-$host" |>> -} - class backupninja::server ( $backupdir = '/backup', $backupdir_ensure = 'directory', @@ -52,99 +45,6 @@ class backupninja::server ( # collect all resources from hosted backups if $use_storedconfigs { - Backupninja_server_realize <<| tag == $::fqdn |>> - } - - # this define allows nodes to declare a remote backup sandbox, that have to - # get created on the server - define sandbox ( - $user = $name, - $host = $::fqdn, - $installuser = true, - $dir, - $manage_ssh_dir = true, - $ssh_dir = "${dir}/.ssh", - $authorized_keys_file = 'authorized_keys', - $key = false, - $keytype = 'dss', - $backupkeys = "${fileserver}/keys/backupkeys", - $uid = false, - $gid = "backupninjas", - $backuptag = "backupninja-${::fqdn}", - ) { - - if !defined(Backupninja_server_realize["${::fqdn}@${host}"]) { - @@backupninja_server_realize { "${::fqdn}@${host}": - host => $::fqdn, - tag => $host, - } - } - - if !defined(File["$dir"]) { - @@file { "$dir": - ensure => directory, - mode => 0750, owner => $user, group => 0, - tag => "$backuptag", - } - } - - if $installuser { - - if $manage_ssh_dir { - if !defined(File["$ssh_dir"]) { - @@file { "${ssh_dir}": - ensure => directory, - mode => 0700, owner => $user, group => 0, - require => [User[$user], File["$dir"]], - tag => "$backuptag", - } - } - } - - if $key { - # $key contais ssh public key - if !defined(Ssh_autorized_key["$user"]) { - @@ssh_authorized_key{ "$user": - type => $keytype, - key => $key, - user => $user, - target => "${ssh_dir}/${authorized_keys_file}", - tag => "$backuptag", - require => User[$user], - } - } - } - else { - # get ssh public key exists from server - if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { - @@file { "${ssh_dir}/${authorized_keys_file}": - ensure => present, - mode => 0644, owner => 0, group => 0, - source => "${backupkeys}/${user}_id_${keytype}.pub", - require => File["${ssh_dir}"], - tag => "$backuptag", - } - } - } - - if !defined(User["$user"]) { - @@user { "$user": - ensure => "present", - uid => $uid ? { - false => undef, - default => $uid - }, - gid => "$gid", - comment => "$user backup sandbox", - home => "$dir", - managehome => true, - shell => "/bin/bash", - password => '*', - require => Group['backupninjas'], - tag => "$backuptag" - } - } - } + include backupninja::storedconfigs } } - diff --git a/manifests/storedconfigs.pp b/manifests/storedconfigs.pp new file mode 100644 index 0000000..899661c --- /dev/null +++ b/manifests/storedconfigs.pp @@ -0,0 +1,10 @@ +class backupninja::storedconfigs { + Backupninja::Storedconfigs::Realize <<| tag == $::fqdn |>> + + # this define realizes all needed resources for a hosted backup + define realize($host) { + User <<| tag == "backupninja-$host" |>> + File <<| tag == "backupninja-$host" |>> + Ssh_authorized_key <<| tag == "backupninja-$host" |>> + } +} |