diff options
| -rw-r--r-- | manifests/client.pp | 10 | ||||
| -rw-r--r-- | manifests/rdiff.pp | 9 | ||||
| -rw-r--r-- | manifests/rsync.pp | 87 | ||||
| -rw-r--r-- | manifests/server.pp | 50 | ||||
| -rw-r--r-- | templates/rsync.conf.erb | 44 |
5 files changed, 179 insertions, 21 deletions
diff --git a/manifests/client.pp b/manifests/client.pp index 287b02f..3dbd711 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -151,3 +151,13 @@ class backupninja::client::sys inherits backupninja::client::defaults { default: {} } } + +class backupninja::client::rsync inherits backupninja::client::defaults { + + if !defined(Package["rsync"]) { + if $rsync_ensure_version == '' { $rsync_ensure_version = 'installed' } + package { 'rsync': + ensure => $rsync_ensure_version, + } + } +} diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp index 587c02d..847c319 100644 --- a/manifests/rdiff.pp +++ b/manifests/rdiff.pp @@ -25,7 +25,8 @@ define backupninja::rdiff( "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ], $vsinclude = false, $keep = 30, $sshoptions = false, $options = '--force', $ssh_dir_manage = true, $ssh_dir = false, $authorized_keys_file = false, $installuser = true, $installkey = true, $key = false, - $backuptag = false, $home = false, $backupkeytype = "rsa", $backupkeystore = false, $extras = false, $nagios2_description = 'backups') + $backuptag = false, $home = false, $backupkeytype = "rsa", $backupkeystore = false, $extras = false, + $nagios2_description = 'backups', $subfolder = 'rdiff-backup') { include backupninja::client::rdiff_backup @@ -33,7 +34,7 @@ define backupninja::rdiff( 'remote': { case $host { false: { err("need to define a host for remote backups!") } } $real_backuptag = $backuptag ? { - false => "backupninja-$host", + false => "backupninja-$fqdn", default => $backuptag } @@ -41,11 +42,11 @@ define backupninja::rdiff( false => "/home/${user}-${name}", default => $home, } - $directory = "$real_home/rdiff-backup/" + $directory = "${real_home}/${subfolder}/" backupninja::server::sandbox { - "${user}-${name}": user => $user, host => $fqdn, dir => $real_home, + "${user}-${name}": user => $user, host => $host, dir => $real_home, manage_ssh_dir => $ssh_dir_manage, ssh_dir => $ssh_dir, key => $key, authorized_keys_file => $authorized_keys_file, installuser => $installuser, backuptag => $real_backuptag, keytype => $backupkeytype, backupkeys => $backupkeystore, diff --git a/manifests/rsync.pp b/manifests/rsync.pp new file mode 100644 index 0000000..1c82889 --- /dev/null +++ b/manifests/rsync.pp @@ -0,0 +1,87 @@ +# Run rsync as part of a backupninja run. +# Based on backupninja::rdiff + +define backupninja::rsync( + $order = 90, $ensure = present, $user = false, $home = false, $host = false, + $ssh_dir_manage = true, $ssh_dir = false, $authorized_keys_file = false, + $installuser = true, $installkey = true, $key = false, $backuptag = false, + $home = false, $backupkeytype = "rsa", $backupkeystore = false, $extras = false, + $nagios2_description = 'backups', $subfolder = 'rsync', + + $log = false, $partition = false, $fscheck = false, $read_only = false, + $mountpoint = false, $backupdir = false, $format = false, $days = false, + $keepdaily = false, $keepweekly = false, $keepmonthly = false, $lockfile = false, + $nicelevel = 0, $enable_mv_timestamp_bug = false, $tmp = false, $multiconnection = false, + + $exclude_vserver = false, + $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash", + "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule", + "/home/*/gtk-gnutella-downloads" ], + $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root", + "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ], + + $testconnect = false, $protocol = false, $ssh = false, $port = false, + $bandwidthlimit = false, $remote_rsync = false, $id_file = false, + $batch = false, $batchbase = false, $numericids = false, $compress = false, + $fakesuper = false, + + $initscripts = false, $service = false, + + $rm = false, $cp = false, $touch = false, $mv = false, $fsck = false) +{ + include backupninja::client::rsync + + # Right now just local origin with remote destination is supported. + $from = 'local' + $dest = 'remote' + + case $dest { + 'remote': { + case $host { false: { err("need to define a host for remote backups!") } } + + $real_backuptag = $backuptag ? { + false => "backupninja-$fqdn", + default => $backuptag, + } + + $real_home = $home ? { + false => "/home/${user}-${name}", + default => $home, + } + + $directory = "${real_home}/${subfolder}/" + + backupninja::server::sandbox { "${user}-${name}": + user => $user, + host => $host, + dir => $real_home, + manage_ssh_dir => $ssh_dir_manage, + ssh_dir => $ssh_dir, + key => $key, + authorized_keys_file => $authorized_keys_file, + installuser => $installuser, + backuptag => $real_backuptag, + keytype => $backupkeytype, + backupkeys => $backupkeystore, + nagios2_description => $nagios2_description + } + + backupninja::client::key { "${user}-${name}": + user => $user, + host => $host, + installkey => $installkey, + keytype => $backupkeytype, + keystore => $backupkeystore, + } + } + } + + file { "${backupninja::client::defaults::configdir}/${order}_${name}.rsync": + ensure => $ensure, + content => template('backupninja/rsync.conf.erb'), + owner => root, + group => root, + mode => 0600, + require => File["${backupninja::client::defaults::configdir}"] + } +} diff --git a/manifests/server.pp b/manifests/server.pp index a0bcbf2..3114b92 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,3 +1,10 @@ +# this define realizes all needed resources for a hosted backup +define backupninja_server_realize($host) { + User <<| tag == "backupninja-$host" |>> + File <<| tag == "backupninja-$host" |>> + Ssh_authorized_key <<| tag == "backupninja-$host" |>> +} + class backupninja::server { $real_backupdir = $backupdir ? { @@ -46,9 +53,8 @@ class backupninja::server { } } - User <<| tag == "backupninja-$real_backupserver_tag" |>> - File <<| tag == "backupninja-$real_backupserver_tag" |>> - Ssh_authorized_key <<| tag == "backupninja-$real_backupserver_tag" |>> + # collect all resources from hosted backups + Backupninja_server_realize <<| tag == "$real_backupserver_tag" |>> if !defined(Package["rsync"]) { if $rsync_ensure_version == '' { $rsync_ensure_version = 'installed' } @@ -91,7 +97,7 @@ class backupninja::server { default => $authorized_keys_file, } $real_backuptag = $backuptag ? { - false => "backupninja-$real_host", + false => "backupninja-$fqdn", default => $backuptag, } @@ -105,6 +111,14 @@ class backupninja::server { nagios2::passive_service { "backups-${name}": nagios2_host_name => $real_host, nagios2_description => $real_nagios2_description, servicegroups => "backups" } } + if !defined(Backupninja_server_realize["${fqdn}@${real_host}"]) { + # this defines just maps that $real_host host backups for $fdqn + @@backupninja_server_realize { "${fqdn}@${real_host}": + host => $fqdn, + tag => $real_host, + } + } + if !defined(File["$real_dir"]) { @@file { "$real_dir": ensure => directory, @@ -139,15 +153,17 @@ class backupninja::server { } } default: { - @@ssh_authorized_key{ $real_user: - type => $keytype, - key => $key, - user => $real_user, - target => "${real_ssh_dir}/${real_authorized_keys_file}", - tag => "$real_backuptag", - require => User[$real_user], - } - } + if !defined(Ssh_autorized_key["$real_user"]) { + @@ssh_authorized_key{ "$real_user": + type => $keytype, + key => $key, + user => $real_user, + target => "${real_ssh_dir}/${real_authorized_keys_file}", + tag => "$real_backuptag", + require => User[$real_user], + } + } + } } case $uid { false: { @@ -155,12 +171,12 @@ class backupninja::server { @@user { "$real_user": ensure => "present", gid => "$gid", - comment => "$name backup sandbox", + comment => "$real_user backup sandbox", home => "$real_dir", managehome => true, shell => "/bin/sh", password => '*', - require => Group['backupninjas'], + require => Group['backupninjas'], tag => "$real_backuptag" } } @@ -171,12 +187,12 @@ class backupninja::server { ensure => "present", uid => "$uid", gid => "$gid", - comment => "$name backup sandbox", + comment => "$real_user backup sandbox", home => "$real_dir", managehome => true, shell => "/bin/sh", password => '*', - require => Group['backupninjas'], + require => Group['backupninjas'], tag => "$real_backuptag" } } diff --git a/templates/rsync.conf.erb b/templates/rsync.conf.erb new file mode 100644 index 0000000..71bf0b6 --- /dev/null +++ b/templates/rsync.conf.erb @@ -0,0 +1,44 @@ +# This configuration file was auto-generated by the Puppet configuration +# management system. Any changes you make to this file will be overwritten +# the next time Puppet runs. Please make configuration changes to this +# service in Puppet. + +[general] +<%- %w{log partition fscheck read_only mountpoint backupdir format days keepdaily keepweekly keepmonthly lockfile nicelevel enable_mv_timestamp_bug, tmp, multiconnection}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[source] +<%- %w{from include exclude}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[dest] +<%- %w{dest testconnect ssh protocol numericids compress host port user id_file bandwidthlimit remote_rsync batch batchbase fakesuper}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[services] +<%- %w{initscripts service}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> + +[system] +<%- %w{rm cp touch mv fsck}.each do |v| + if has_variable?(v) and instance_variable_get("@#{v}").to_s != "false" -%> +<%= v + ' = ' + instance_variable_get("@#{v}").to_s %> +<%- + end +end -%> |