aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/sandbox.pp97
-rw-r--r--manifests/server.pp102
-rw-r--r--manifests/storedconfigs.pp10
3 files changed, 108 insertions, 101 deletions
diff --git a/manifests/sandbox.pp b/manifests/sandbox.pp
new file mode 100644
index 0000000..4446b67
--- /dev/null
+++ b/manifests/sandbox.pp
@@ -0,0 +1,97 @@
+# this define allows nodes to declare a remote backup sandbox, that have to
+# get created on the server
+define backupninja::sandbox (
+ $user = $name,
+ $host = $::fqdn,
+ $installuser = true,
+ $manage_ssh_dir = true,
+ $ssh_dir = "${dir}/.ssh",
+ $authorized_keys_file = 'authorized_keys',
+ $key = false,
+ $keytype = 'dss',
+ $backupkeys = "${fileserver}/keys/backupkeys",
+ $uid = false,
+ $gid = "backupninjas",
+ $backuptag = "backupninja-${::fqdn}",
+ $dir,
+) {
+
+ if !defined(Backupninja::Storedconfigs::Realize["${::fqdn}@${host}"]) {
+ @@backupninja::storedconfigs::realize { "${::fqdn}@${host}":
+ host => $::fqdn,
+ tag => $host,
+ }
+ }
+
+ if !defined(File["$dir"]) {
+ @@file { "$dir":
+ ensure => directory,
+ mode => 0750,
+ owner => $user,
+ group => 0,
+ tag => "$backuptag",
+ }
+ }
+
+ if $installuser {
+
+ if $manage_ssh_dir {
+ if !defined(File["$ssh_dir"]) {
+ @@file { "${ssh_dir}":
+ ensure => directory,
+ mode => 0700,
+ owner => $user,
+ group => 0,
+ require => [User[$user], File["$dir"]],
+ tag => "$backuptag",
+ }
+ }
+ }
+
+ if $key {
+ # $key contais ssh public key
+ if !defined(Ssh_autorized_key["$user"]) {
+ @@ssh_authorized_key{ "$user":
+ type => $keytype,
+ key => $key,
+ user => $user,
+ target => "${ssh_dir}/${authorized_keys_file}",
+ tag => "$backuptag",
+ require => User[$user],
+ }
+ }
+ }
+ else {
+ # get ssh public key exists from server
+ if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
+ @@file { "${ssh_dir}/${authorized_keys_file}":
+ ensure => present,
+ mode => 0644,
+ owner => 0,
+ group => 0,
+ source => "${backupkeys}/${user}_id_${keytype}.pub",
+ require => File["${ssh_dir}"],
+ tag => "$backuptag",
+ }
+ }
+ }
+
+ if !defined(User["$user"]) {
+ @@user { "$user":
+ ensure => "present",
+ uid => $uid ? {
+ false => undef,
+ default => $uid
+ },
+ gid => "$gid",
+ comment => "$user backup sandbox",
+ home => "$dir",
+ managehome => true,
+ shell => "/bin/bash",
+ password => '*',
+ require => Group['backupninjas'],
+ tag => "$backuptag"
+ }
+ }
+ }
+}
diff --git a/manifests/server.pp b/manifests/server.pp
index 6f7a30e..3a8761e 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -1,10 +1,3 @@
-# this define realizes all needed resources for a hosted backup
-define backupninja_server_realize($host) {
- User <<| tag == "backupninja-$host" |>>
- File <<| tag == "backupninja-$host" |>>
- Ssh_authorized_key <<| tag == "backupninja-$host" |>>
-}
-
class backupninja::server (
$backupdir = '/backup',
$backupdir_ensure = 'directory',
@@ -52,99 +45,6 @@ class backupninja::server (
# collect all resources from hosted backups
if $use_storedconfigs {
- Backupninja_server_realize <<| tag == $::fqdn |>>
- }
-
- # this define allows nodes to declare a remote backup sandbox, that have to
- # get created on the server
- define sandbox (
- $user = $name,
- $host = $::fqdn,
- $installuser = true,
- $dir,
- $manage_ssh_dir = true,
- $ssh_dir = "${dir}/.ssh",
- $authorized_keys_file = 'authorized_keys',
- $key = false,
- $keytype = 'dss',
- $backupkeys = "${fileserver}/keys/backupkeys",
- $uid = false,
- $gid = "backupninjas",
- $backuptag = "backupninja-${::fqdn}",
- ) {
-
- if !defined(Backupninja_server_realize["${::fqdn}@${host}"]) {
- @@backupninja_server_realize { "${::fqdn}@${host}":
- host => $::fqdn,
- tag => $host,
- }
- }
-
- if !defined(File["$dir"]) {
- @@file { "$dir":
- ensure => directory,
- mode => 0750, owner => $user, group => 0,
- tag => "$backuptag",
- }
- }
-
- if $installuser {
-
- if $manage_ssh_dir {
- if !defined(File["$ssh_dir"]) {
- @@file { "${ssh_dir}":
- ensure => directory,
- mode => 0700, owner => $user, group => 0,
- require => [User[$user], File["$dir"]],
- tag => "$backuptag",
- }
- }
- }
-
- if $key {
- # $key contais ssh public key
- if !defined(Ssh_autorized_key["$user"]) {
- @@ssh_authorized_key{ "$user":
- type => $keytype,
- key => $key,
- user => $user,
- target => "${ssh_dir}/${authorized_keys_file}",
- tag => "$backuptag",
- require => User[$user],
- }
- }
- }
- else {
- # get ssh public key exists from server
- if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
- @@file { "${ssh_dir}/${authorized_keys_file}":
- ensure => present,
- mode => 0644, owner => 0, group => 0,
- source => "${backupkeys}/${user}_id_${keytype}.pub",
- require => File["${ssh_dir}"],
- tag => "$backuptag",
- }
- }
- }
-
- if !defined(User["$user"]) {
- @@user { "$user":
- ensure => "present",
- uid => $uid ? {
- false => undef,
- default => $uid
- },
- gid => "$gid",
- comment => "$user backup sandbox",
- home => "$dir",
- managehome => true,
- shell => "/bin/bash",
- password => '*',
- require => Group['backupninjas'],
- tag => "$backuptag"
- }
- }
- }
+ include backupninja::storedconfigs
}
}
-
diff --git a/manifests/storedconfigs.pp b/manifests/storedconfigs.pp
new file mode 100644
index 0000000..899661c
--- /dev/null
+++ b/manifests/storedconfigs.pp
@@ -0,0 +1,10 @@
+class backupninja::storedconfigs {
+ Backupninja::Storedconfigs::Realize <<| tag == $::fqdn |>>
+
+ # this define realizes all needed resources for a hosted backup
+ define realize($host) {
+ User <<| tag == "backupninja-$host" |>>
+ File <<| tag == "backupninja-$host" |>>
+ Ssh_authorized_key <<| tag == "backupninja-$host" |>>
+ }
+}