diff options
author | Antoine Beaupré <anarcat+gitlab@anarc.at> | 2015-04-23 18:33:14 +0000 |
---|---|---|
committer | Antoine Beaupré <anarcat+gitlab@anarc.at> | 2015-04-23 18:33:14 +0000 |
commit | fbddc25ee6e813ceffa88192fb607e63cebf8bba (patch) | |
tree | f0be23671b501770c091bafb13ae73d43cdaebda /manifests/server.pp | |
parent | 74ce68bcf6f1fbf938e4a161f7c6305f67378b7d (diff) | |
parent | b24afc7ffbe844984e7a46a205e7f04d312fd04c (diff) | |
download | puppet-backupninja-fbddc25ee6e813ceffa88192fb607e63cebf8bba.tar.gz puppet-backupninja-fbddc25ee6e813ceffa88192fb607e63cebf8bba.tar.bz2 |
Merge branch 'march2015-refactor' into 'master'
March2015 refactor
This branch is an attempt to bring the backupninja module in the 21st century. See the upgrade notice in the README for details.
See merge request !4
Diffstat (limited to 'manifests/server.pp')
-rw-r--r-- | manifests/server.pp | 201 |
1 files changed, 69 insertions, 132 deletions
diff --git a/manifests/server.pp b/manifests/server.pp index f702056..6346a62 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -5,40 +5,33 @@ define backupninja_server_realize($host) { Ssh_authorized_key <<| tag == "backupninja-$host" |>> } -class backupninja::server { +class backupninja::server ( + $backupdir = '/backup', + $backupdir_ensure = 'directory', + $backupserver_tag = $::fqdn, + $manage_nagios = false, + $nagios_server = undef +) { - $real_backupdir = $backupdir ? { - '' => "/backup", - default => $backupdir, - } - $real_usermanage = $usermanage ? { - '' => 'doit', - default => $usermanage - } - $real_backupserver_tag = $backupserver_tag ? { - '' => $fqdn, - default => $backupserver_tag - } - $real_backupdir_ensure = $backupdir_ensure ? { - '' => "directory", - default => $backupdir_ensure, - } - group { "backupninjas": ensure => "present", gid => 700 } - file { "$real_backupdir": - ensure => "$real_backupdir_ensure", + file { $backupdir: + ensure => $backupdir_ensure, mode => 0710, owner => root, group => "backupninjas", - require => $real_backupdir_ensure ? { + require => $backupdir_ensure ? { 'directory' => undef, - default => File["$real_backupdir_ensure"], + default => File["$backupdir_ensure"], } } - if $use_nagios { + if $manage_nagios { + + if $nagios_server == undef { + fail('Cannot manage nagios with undefined nagios_server parameter!') + } include nagios::nsca::client @@ -49,7 +42,7 @@ class backupninja::server { } cron { checkbackups: - command => "/usr/local/bin/checkbackups -d $real_backupdir | /usr/sbin/send_nsca -H $nagios_server -c /etc/send_nsca.cfg | grep -v 'sent to host successfully'", + command => "/usr/local/bin/checkbackups -d $backupdir | /usr/sbin/send_nsca -H $nagios_server -c /etc/send_nsca.cfg | grep -v 'sent to host successfully'", user => "root", hour => "8-23", minute => 59, @@ -58,148 +51,92 @@ class backupninja::server { } # collect all resources from hosted backups - Backupninja_server_realize <<| tag == "$real_backupserver_tag" |>> - - if !defined(Package["rsync"]) { - if $rsync_ensure_version == '' { $rsync_ensure_version = 'installed' } - package { 'rsync': - ensure => $rsync_ensure_version, - } - } + Backupninja_server_realize <<| tag == "$backupserver_tag" |>> # this define allows nodes to declare a remote backup sandbox, that have to # get created on the server define sandbox( - $user = false, $host = false, $installuser = true, $dir = false, $manage_ssh_dir = true, - $ssh_dir = false, $authorized_keys_file = false, $key = false, $keytype = 'dss', $backupkeys = false, $uid = false, - $gid = "backupninjas", $backuptag = false, $nagios2_description = "backups") + $user = $name, $host = $::fqdn, $installuser = true, $dir = "${backupninja::server::backupdir}/${::fqdn}", $manage_ssh_dir = true, + $ssh_dir = false, $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false, + $gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $nagios_description = 'backups') { - - $real_user = $user ? { - false => $name, - default => $user, - '' => $name, - } - $real_host = $host ? { - false => $fqdn, - default => $host, - } - $real_backupkeys = $backupkeys ? { - false => "$fileserver/keys/backupkeys", - default => $backupkeys, - } - $real_dir = $dir ? { - false => "${backupninja::server::real_backupdir}/$fqdn", - default => $dir, - } - $real_ssh_dir = $ssh_dir ? { - false => "${real_dir}/.ssh", - default => $ssh_dir, - } - $real_authorized_keys_file = $authorized_keys_file ? { - false => "authorized_keys", - default => $authorized_keys_file, - } - $real_backuptag = $backuptag ? { - false => "backupninja-$fqdn", - default => $backuptag, - } - $real_nagios2_description = $nagios2_description ? { - false => "backups", - default => $nagios2_description, + if $ssh_dir == false { + $ssh_dir = "${dir}/.ssh" } - if $use_nagios { + if $manage_nagios { # configure a passive service check for backups - nagios::service::passive { $nagios2_description: } + nagios::service::passive { $nagios_description: } } - if !defined(Backupninja_server_realize["${fqdn}@${real_host}"]) { - # this defines just maps that $real_host host backups for $fdqn - @@backupninja_server_realize { "${fqdn}@${real_host}": - host => $fqdn, - tag => $real_host, + if !defined(Backupninja_server_realize["${::fqdn}@${host}"]) { + @@backupninja_server_realize { "${::fqdn}@${host}": + host => $::fqdn, + tag => $host, } } - if !defined(File["$real_dir"]) { - @@file { "$real_dir": - ensure => directory, - mode => 0750, owner => $real_user, group => 0, - tag => "$real_backuptag", - } - } + ensure_resource('file', $dir, { + 'ensure' => 'directory', + 'mode' => '0750', + 'owner' => $user, + 'group' => 0, + 'tag' => $backuptag + }) + case $installuser { true: { - case $manage_ssh_dir { - true: { - if !defined(File["$real_ssh_dir"]) { - @@file { "${real_ssh_dir}": - ensure => directory, - mode => 0700, owner => $real_user, group => 0, - require => [User[$real_user], File["$real_dir"]], - tag => "$real_backuptag", - } + if $manage_ssh_dir == true { + if !defined(File["$ssh_dir"]) { + @@file { "${ssh_dir}": + ensure => directory, + mode => 0700, owner => $user, group => 0, + require => [User[$user], File["$dir"]], + tag => "$backuptag", } } } case $key { false: { - if !defined(File["${real_ssh_dir}/${real_authorized_keys_file}"]) { - @@file { "${real_ssh_dir}/${real_authorized_keys_file}": + if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { + @@file { "${ssh_dir}/${authorized_keys_file}": ensure => present, mode => 0644, owner => 0, group => 0, - source => "$real_backupkeys/${real_user}_id_${keytype}.pub", - require => File["${real_ssh_dir}"], - tag => "$real_backuptag", + source => "${backupkeys}/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$backuptag", } } } default: { if !defined(Ssh_autorized_key["$real_user"]) { - @@ssh_authorized_key{ "$real_user": + @@ssh_authorized_key{ "$user": type => $keytype, key => $key, - user => $real_user, - target => "${real_ssh_dir}/${real_authorized_keys_file}", - tag => "$real_backuptag", - require => User[$real_user], + user => $user, + target => "${ssh_dir}/${authorized_keys_file}", + tag => "$backuptag", + require => User[$user], } } } } - case $uid { - false: { - if !defined(User["$real_user"]) { - @@user { "$real_user": - ensure => "present", - gid => "$gid", - comment => "$real_user backup sandbox", - home => "$real_dir", - managehome => true, - shell => "/bin/bash", - password => '*', - require => Group['backupninjas'], - tag => "$real_backuptag" - } - } - } - default: { - if !defined(User["$real_user"]) { - @@user { "$real_user": - ensure => "present", - uid => "$uid", - gid => "$gid", - comment => "$real_user backup sandbox", - home => "$real_dir", - managehome => true, - shell => "/bin/bash", - password => '*', - require => Group['backupninjas'], - tag => "$real_backuptag" - } - } + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + uid => $uid ? { + false => undef, + default => $uid + }, + gid => "$gid", + comment => "$user backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/bash", + password => '*', + require => Group['backupninjas'], + tag => "$backuptag" } } } |