diff options
-rw-r--r-- | manifests/client.pp | 10 | ||||
-rw-r--r-- | manifests/mysql.pp | 2 | ||||
-rw-r--r-- | manifests/rdiff.pp | 2 | ||||
-rw-r--r-- | manifests/rsync.pp | 87 | ||||
-rw-r--r-- | manifests/server.pp | 66 | ||||
-rw-r--r-- | templates/mysql.conf.erb | 2 | ||||
-rw-r--r-- | templates/rsync.conf.erb | 49 |
7 files changed, 194 insertions, 24 deletions
diff --git a/manifests/client.pp b/manifests/client.pp index 7e689bf..c41f6e7 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -166,4 +166,14 @@ class backupninja::client::sys inherits backupninja::client::defaults { } default: {} } +} + +class backupninja::client::rsync inherits backupninja::client::defaults { + + if !defined(Package["rsync"]) { + if $rsync_ensure_version == '' { $rsync_ensure_version = 'installed' } + package { 'rsync': + ensure => $rsync_ensure_version, + } + } } diff --git a/manifests/mysql.pp b/manifests/mysql.pp index 83d8f8f..ee2e71d 100644 --- a/manifests/mysql.pp +++ b/manifests/mysql.pp @@ -18,7 +18,7 @@ define backupninja::mysql( $order = 10, $ensure = present, $user = false, $dbusername = false, $dbpassword = false, $dbhost = 'localhost', $databases = 'all', $backupdir = false, $hotcopy = false, $sqldump = false, $compress = false, $configfile = true, - $vsname = false) + $vsname = false, $sqldumpoptions = '--lock-tables --complete-insert --add-drop-table --quick --quote-names') { $real_configfile = $configfile ? { diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp index 1fc9abb..6c692c7 100644 --- a/manifests/rdiff.pp +++ b/manifests/rdiff.pp @@ -36,7 +36,7 @@ define backupninja::rdiff( 'remote': { case $host { false: { err("need to define a host for remote backups!") } } $real_backuptag = $backuptag ? { - false => "backupninja-$host", + false => "backupninja-$fqdn", default => $backuptag } diff --git a/manifests/rsync.pp b/manifests/rsync.pp new file mode 100644 index 0000000..1c82889 --- /dev/null +++ b/manifests/rsync.pp @@ -0,0 +1,87 @@ +# Run rsync as part of a backupninja run. +# Based on backupninja::rdiff + +define backupninja::rsync( + $order = 90, $ensure = present, $user = false, $home = false, $host = false, + $ssh_dir_manage = true, $ssh_dir = false, $authorized_keys_file = false, + $installuser = true, $installkey = true, $key = false, $backuptag = false, + $home = false, $backupkeytype = "rsa", $backupkeystore = false, $extras = false, + $nagios2_description = 'backups', $subfolder = 'rsync', + + $log = false, $partition = false, $fscheck = false, $read_only = false, + $mountpoint = false, $backupdir = false, $format = false, $days = false, + $keepdaily = false, $keepweekly = false, $keepmonthly = false, $lockfile = false, + $nicelevel = 0, $enable_mv_timestamp_bug = false, $tmp = false, $multiconnection = false, + + $exclude_vserver = false, + $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash", + "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule", + "/home/*/gtk-gnutella-downloads" ], + $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root", + "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ], + + $testconnect = false, $protocol = false, $ssh = false, $port = false, + $bandwidthlimit = false, $remote_rsync = false, $id_file = false, + $batch = false, $batchbase = false, $numericids = false, $compress = false, + $fakesuper = false, + + $initscripts = false, $service = false, + + $rm = false, $cp = false, $touch = false, $mv = false, $fsck = false) +{ + include backupninja::client::rsync + + # Right now just local origin with remote destination is supported. + $from = 'local' + $dest = 'remote' + + case $dest { + 'remote': { + case $host { false: { err("need to define a host for remote backups!") } } + + $real_backuptag = $backuptag ? { + false => "backupninja-$fqdn", + default => $backuptag, + } + + $real_home = $home ? { + false => "/home/${user}-${name}", + default => $home, + } + + $directory = "${real_home}/${subfolder}/" + + backupninja::server::sandbox { "${user}-${name}": + user => $user, + host => $host, + dir => $real_home, + manage_ssh_dir => $ssh_dir_manage, + ssh_dir => $ssh_dir, + key => $key, + authorized_keys_file => $authorized_keys_file, + installuser => $installuser, + backuptag => $real_backuptag, + keytype => $backupkeytype, + backupkeys => $backupkeystore, + nagios2_description => $nagios2_description + } + + backupninja::client::key { "${user}-${name}": + user => $user, + host => $host, + installkey => $installkey, + keytype => $backupkeytype, + keystore => $backupkeystore, + } + } + } + + file { "${backupninja::client::defaults::configdir}/${order}_${name}.rsync": + ensure => $ensure, + content => template('backupninja/rsync.conf.erb'), + owner => root, + group => root, + mode => 0600, + require => File["${backupninja::client::defaults::configdir}"] + } +} diff --git a/manifests/server.pp b/manifests/server.pp index 0b7ebb9..f702056 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,3 +1,10 @@ +# this define realizes all needed resources for a hosted backup +define backupninja_server_realize($host) { + User <<| tag == "backupninja-$host" |>> + File <<| tag == "backupninja-$host" |>> + Ssh_authorized_key <<| tag == "backupninja-$host" |>> +} + class backupninja::server { $real_backupdir = $backupdir ? { @@ -12,6 +19,10 @@ class backupninja::server { '' => $fqdn, default => $backupserver_tag } + $real_backupdir_ensure = $backupdir_ensure ? { + '' => "directory", + default => $backupdir_ensure, + } group { "backupninjas": ensure => "present", @@ -19,8 +30,12 @@ class backupninja::server { } file { "$real_backupdir": - ensure => "directory", - mode => 0710, owner => root, group => "backupninjas" + ensure => "$real_backupdir_ensure", + mode => 0710, owner => root, group => "backupninjas", + require => $real_backupdir_ensure ? { + 'directory' => undef, + default => File["$real_backupdir_ensure"], + } } if $use_nagios { @@ -42,9 +57,8 @@ class backupninja::server { } } - User <<| tag == "backupninja-$real_backupserver_tag" |>> - File <<| tag == "backupninja-$real_backupserver_tag" |>> - Ssh_authorized_key <<| tag == "backupninja-$real_backupserver_tag" |>> + # collect all resources from hosted backups + Backupninja_server_realize <<| tag == "$real_backupserver_tag" |>> if !defined(Package["rsync"]) { if $rsync_ensure_version == '' { $rsync_ensure_version = 'installed' } @@ -87,7 +101,7 @@ class backupninja::server { default => $authorized_keys_file, } $real_backuptag = $backuptag ? { - false => "backupninja-$real_host", + false => "backupninja-$fqdn", default => $backuptag, } @@ -101,6 +115,14 @@ class backupninja::server { nagios::service::passive { $nagios2_description: } } + if !defined(Backupninja_server_realize["${fqdn}@${real_host}"]) { + # this defines just maps that $real_host host backups for $fdqn + @@backupninja_server_realize { "${fqdn}@${real_host}": + host => $fqdn, + tag => $real_host, + } + } + if !defined(File["$real_dir"]) { @@file { "$real_dir": ensure => directory, @@ -135,15 +157,17 @@ class backupninja::server { } } default: { - @@ssh_authorized_key{ $real_user: - type => $keytype, - key => $key, - user => $real_user, - target => "${real_ssh_dir}/${real_authorized_keys_file}", - tag => "$real_backuptag", - require => User[$real_user], - } - } + if !defined(Ssh_autorized_key["$real_user"]) { + @@ssh_authorized_key{ "$real_user": + type => $keytype, + key => $key, + user => $real_user, + target => "${real_ssh_dir}/${real_authorized_keys_file}", + tag => "$real_backuptag", + require => User[$real_user], + } + } + } } case $uid { false: { @@ -151,12 +175,12 @@ class backupninja::server { @@user { "$real_user": ensure => "present", gid => "$gid", - comment => "$name backup sandbox", + comment => "$real_user backup sandbox", home => "$real_dir", managehome => true, - shell => "/bin/sh", + shell => "/bin/bash", password => '*', - require => Group['backupninjas'], + require => Group['backupninjas'], tag => "$real_backuptag" } } @@ -167,12 +191,12 @@ class backupninja::server { ensure => "present", uid => "$uid", gid => "$gid", - comment => "$name backup sandbox", + comment => "$real_user backup sandbox", home => "$real_dir", managehome => true, - shell => "/bin/sh", + shell => "/bin/bash", password => '*', - require => Group['backupninjas'], + require => Group['backupninjas'], tag => "$real_backuptag" } } diff --git a/templates/mysql.conf.erb b/templates/mysql.conf.erb index 14905fd..82dc368 100644 --- a/templates/mysql.conf.erb +++ b/templates/mysql.conf.erb @@ -3,7 +3,7 @@ # the next time Puppet runs. Please make configuration changes to this # service in Puppet. -<% %w{user dbusername dbpassword dbhost databases backupdir vsname}.each do |v| +<% %w{user dbusername dbpassword dbhost databases backupdir vsname sqldumpoptions}.each do |v| if send(v) -%><%= v + ' = ' + send(v) + "\n" %><% end diff --git a/templates/rsync.conf.erb b/templates/rsync.conf.erb new file mode 100644 index 0000000..778676f --- /dev/null +++ b/templates/rsync.conf.erb @@ -0,0 +1,49 @@ +# This configuration file was auto-generated by the Puppet configuration +# management system. Any changes you make to this file will be overwritten +# the next time Puppet runs. Please make configuration changes to this +# service in Puppet. + +[general] +<%- %w{log partition fscheck read_only mountpoint backupdir format days keepdaily keepweekly keepmonthly lockfile nicelevel enable_mv_timestamp_bug, tmp, multiconnection}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[source] +<% unless from.empty? and from.to_s != "false" -%> +from = <%= from %> +<% end -%> +<%- %w{include exclude}.each do |v| + if has_variable?(v) + instance_variable_get("@#{v}").to_a.each do |parameter| -%> +<%= v + ' = ' + parameter %> +<%- + end + end +end -%> + +[dest] +<%- %w{dest testconnect ssh protocol numericids compress host port user id_file bandwidthlimit remote_rsync batch batchbase fakesuper}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[services] +<%- %w{initscripts service}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[system] +<%- %w{rm cp touch mv fsck}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> |