diff options
| author | Antoine Beaupré <anarcat+gitlab@anarc.at> | 2015-04-23 18:33:14 +0000 |
|---|---|---|
| committer | Antoine Beaupré <anarcat+gitlab@anarc.at> | 2015-04-23 18:33:14 +0000 |
| commit | fbddc25ee6e813ceffa88192fb607e63cebf8bba (patch) | |
| tree | f0be23671b501770c091bafb13ae73d43cdaebda /manifests/duplicity.pp | |
| parent | 74ce68bcf6f1fbf938e4a161f7c6305f67378b7d (diff) | |
| parent | b24afc7ffbe844984e7a46a205e7f04d312fd04c (diff) | |
| download | puppet-backupninja-fbddc25ee6e813ceffa88192fb607e63cebf8bba.tar.gz puppet-backupninja-fbddc25ee6e813ceffa88192fb607e63cebf8bba.tar.bz2 | |
Merge branch 'march2015-refactor' into 'master'
March2015 refactor
This branch is an attempt to bring the backupninja module in the 21st century. See the upgrade notice in the README for details.
See merge request !4
Diffstat (limited to 'manifests/duplicity.pp')
| -rw-r--r-- | manifests/duplicity.pp | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/manifests/duplicity.pp b/manifests/duplicity.pp new file mode 100644 index 0000000..058945d --- /dev/null +++ b/manifests/duplicity.pp @@ -0,0 +1,143 @@ +# Run duplicity-backup as part of a backupninja run. +# +# Valid attributes for this type are: +# +# order: +# +# The prefix to give to the handler config filename, to set order in +# which the actions are executed during the backup run. +# +# ensure: +# +# Allows you to delete an entry if you don't want it any more (but be +# sure to keep the configdir, name, and order the same, so that we can +# find the correct file to remove). +# +# options, nicelevel, testconnect, tmpdir, sign, encryptkey, signkey, +# password, include, exclude, vsinclude, incremental, keep, bandwidthlimit, +# sshoptions, destdir, desthost, desuser: +# +# As defined in the backupninja documentation. The options will be +# placed in the correct sections automatically. The include and +# exclude options should be given as arrays if you want to specify +# multiple directories. +# +# directory, ssh_dir_manage, ssh_dir, authorized_keys_file, installuser, +# installkey, backuptag: +# +# Options for the bakupninja::server::sandbox define, check that +# definition for more info. +# +# Some notes about this handler: +# +# - When specifying a password, be sure to enclose it in single quotes, +# this is particularly important if you have any special characters, such +# as a $ which puppet will attempt to interpret resulting in a different +# password placed in the file than you expect! +# - There's no support for a 'local' type in backupninja's duplicity +# handler on version 0.9.6-4, which is the version available in stable and +# testing debian repositories by the time of this writing. +define backupninja::duplicity( $order = 90, + $ensure = present, + # options to the config file + $options = false, + $nicelevel = false, + $testconnect = false, + $tmpdir = false, + # [gpg] + $sign = false, + $encryptkey = false, + $signkey = false, + $password = false, + # [source] + $include = [ "/var/spool/cron/crontabs", + "/var/backups", + "/etc", + "/root", + "/home", + "/usr/local/*bin", + "/var/lib/dpkg/status*" ], + $exclude = [ "/home/*/.gnupg", + "/home/*/.local/share/Trash", + "/home/*/.Trash", + "/home/*/.thumbnails", + "/home/*/.beagle", + "/home/*/.aMule", + "/home/*/.gnupg", + "/home/*/.gpg", + "/home/*/.ssh", + "/home/*/gtk-gnutella-downloads", + "/etc/ssh/*" ], + $vsinclude = false, + # [dest] + $incremental = "yes", + $increments = false, + $keep = false, + $keepincroffulls = false, + $bandwidthlimit = false, + $sshoptions = false, + $destdir = false, + $desthost = false, + $destuser = false, + $desturl = false, + # configs to backupninja client + $backupkeystore = $backupninja::keystore, + $backupkeystorefspath = $backupninja::keystorefspath, + $backupkeytype = $backupninja::keytype, + $backupkeydest = $backupninja::keydest, + $backupkeydestname = $backupninja::keydestname, + # options to backupninja server sandbox + $ssh_dir_manage = true, + $ssh_dir = false, + $authorized_keys_file = false, + $installuser = true, + $backuptag = false, + # key options + $createkey = false, + $installkey = true ) { + + # install client dependencies + ensure_resource('package', 'duplicity', {'ensure' => $backupninja::ensure_duplicity_version}) + + case $desthost { false: { err("need to define a destination host for remote backups!") } } + case $destdir { false: { err("need to define a destination directory for remote backups!") } } + case $password { false: { err("a password is necessary either to unlock the GPG key, or for symmetric encryption!") } } + + # guarantees there's a configured backup space for this backup + backupninja::server::sandbox { "${user}-${name}": + user => $destuser, + host => $desthost, + dir => $destdir, + manage_ssh_dir => $ssh_dir_manage, + ssh_dir => $ssh_dir, + authorized_keys_file => $authorized_keys_file, + installuser => $installuser, + backuptag => $backuptag, + backupkeys => $backupkeystore, + keytype => $backupkeytype, + } + + # the client's ssh key + backupninja::key { "${destuser}-${name}": + user => $destuser, + host => $desthost, + createkey => $createkey, + installkey => $installkey, + keytype => $backupkeytype, + keystore => $backupkeystore, + keystorefspath => $backupkeystorefspath, + keydest => $backupkeydest, + keydestname => $backupkeydestname + } + + # the backupninja rule for this duplicity backup + file { "${backupninja::configdir}/${order}_${name}.dup": + ensure => $ensure, + content => template('backupninja/dup.conf.erb'), + owner => root, + group => root, + mode => 0600, + require => File["${backupninja::configdir}"] + } +} + |