aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/rdiff.pp95
-rw-r--r--manifests/rsync.pp104
-rw-r--r--manifests/server.pp124
3 files changed, 208 insertions, 115 deletions
diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp
index 4929d68..a20077f 100644
--- a/manifests/rdiff.pp
+++ b/manifests/rdiff.pp
@@ -15,20 +15,50 @@
# options should be given as arrays if you want to specify multiple
# directories.
#
-define backupninja::rdiff(
- $order = 90, $ensure = present,
- $user = false, $home = "/home/${user}-${name}", $host = false,
- $type = 'local',
- $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash",
- "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule",
- "/home/*/gtk-gnutella-downloads" ],
- $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root",
- "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ],
- $vsinclude = false, $keep = 30, $sshoptions = false, $options = '--force', $ssh_dir_manage = true,
- $ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys', $installuser = true, $keymanage = $backupninja::keymanage, $key = false,
- $backuptag = "backupninja-${::fqdn}", $backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore,
- $extras = false, $nagios_description = "backups-${name}")
-{
+define backupninja::rdiff( $order = 90,
+ $ensure = present,
+ # [general]
+ $options = '--force',
+ $extras = false,
+ # [source]
+ $include = [ "/var/spool/cron/crontabs",
+ "/var/backups",
+ "/etc",
+ "/root",
+ "/home",
+ "/usr/local/*bin",
+ "/var/lib/dpkg/status*"
+ ],
+ $exclude = [ "/home/*/.gnupg",
+ "/home/*/.local/share/Trash",
+ "/home/*/.Trash",
+ "/home/*/.thumbnails",
+ "/home/*/.beagle",
+ "/home/*/.aMule",
+ "/home/*/gtk-gnutella-downloads"
+ ],
+ $vsinclude = false,
+ # [dest]
+ $type = 'local',
+ $host = false,
+ $user = false,
+ $home = "/home/${user}-${name}",
+ $keep = 30,
+ $sshoptions = false,
+ # ssh keypair config
+ $key = false,
+ $keymanage = $backupninja::keymanage,
+ $backupkeystore = $backupninja::keystore,
+ $backupkeytype = $backupninja::keytype,
+ $ssh_dir_manage = true,
+ $ssh_dir = "${home}/.ssh",
+ $authorized_keys_file = 'authorized_keys',
+ # sandbox config
+ $installuser = true,
+ $backuptag = "backupninja-${::fqdn}",
+ # monitoring
+ $nagios_description = "backups-${name}" ) {
+
# install client dependencies
ensure_resource('package', 'rdiff-backup', {'ensure' => $backupninja::ensure_rdiffbackup_version})
@@ -38,32 +68,37 @@ define backupninja::rdiff(
'remote': {
case $host { false: { err("need to define a host for remote backups!") } }
- backupninja::server::sandbox
- {
- "${user}-${name}": user => $user, host => $host, dir => $home,
- manage_ssh_dir => $ssh_dir_manage, ssh_dir => $ssh_dir, key => $key,
- authorized_keys_file => $authorized_keys_file, installuser => $installuser,
- backuptag => $backuptag, keytype => $backupkeytype, backupkeys => $backupkeystore,
- nagios_description => $nagios_description
+ backupninja::server::sandbox { "${user}-${name}":
+ user => $user,
+ host => $host,
+ dir => $home,
+ manage_ssh_dir => $ssh_dir_manage,
+ ssh_dir => $ssh_dir,
+ key => $key,
+ authorized_keys_file => $authorized_keys_file,
+ installuser => $installuser,
+ backuptag => $backuptag,
+ backupkeys => $backupkeystore,
+ keytype => $backupkeytype,
+ nagios_description => $nagios_description
}
- backupninja::key
- {
- "${user}-${name}": user => $user,
+ backupninja::key { "${user}-${name}":
+ user => $user,
keymanage => $keymanage,
- keytype => $backupkeytype,
- keystore => $backupkeystore,
+ keytype => $backupkeytype,
+ keystore => $backupkeystore,
}
}
}
file { "${backupninja::configdir}/${order}_${name}.rdiff":
- ensure => $ensure,
+ ensure => $ensure,
content => template('backupninja/rdiff.conf.erb'),
- owner => root,
- group => root,
- mode => 0600,
+ owner => root,
+ group => root,
+ mode => 0600,
require => File["${backupninja::configdir}"]
}
}
diff --git a/manifests/rsync.pp b/manifests/rsync.pp
index af427bf..145fdad 100644
--- a/manifests/rsync.pp
+++ b/manifests/rsync.pp
@@ -1,35 +1,81 @@
# Run rsync as part of a backupninja run.
# Based on backupninja::rdiff
-define backupninja::rsync(
- $order = 90, $ensure = present,
- $user = false, $home = "/home/${user}-${name}", $host = false,
- $ssh_dir_manage = true, $ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys',
- $installuser = true, $keymanage = $backupninja::keymanage, $key = false, $backuptag = "backupninja-${::fqdn}",
- $backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore, $extras = false,
- $nagios_description = "backups-${name}", $subfolder = 'rsync',
+define backupninja::rsync( $order = 90,
+ $ensure = present,
+ # [general]
+ $log = false,
+ $partition = false,
+ $fscheck = false,
+ $read_only = false,
+ $mountpoint = false,
+ $format = false,
+ $days = false,
+ $keepdaily = false,
+ $keepweekly = false,
+ $keepmonthly = false,
+ $lockfile = false,
+ $nicelevel = 0,
+ $tmp = false,
+ $multiconnection = false,
+ $enable_mv_timestamp_bug = false,
+ # [source]
+ $include = [ "/var/spool/cron/crontabs",
+ "/var/backups",
+ "/etc",
+ "/root",
+ "/home",
+ "/usr/local/*bin",
+ "/var/lib/dpkg/status*"
+ ],
+ $exclude = [ "/home/*/.gnupg",
+ "/home/*/.local/share/Trash",
+ "/home/*/.Trash",
+ "/home/*/.thumbnails",
+ "/home/*/.beagle",
+ "/home/*/.aMule",
+ "/home/*/gtk-gnutella-downloads"
+ ],
+ # [dest]
+ $host = false,
+ $user = false,
+ $home = "/home/${user}-${name}",
+ $subfolder = 'rsync',
+ $testconnect = false,
+ $ssh = false,
+ $protocol = false,
+ $numericids = false,
+ $compress = false,
+ $port = false,
+ $bandwidthlimit = false,
+ $remote_rsync = false,
+ $batch = false,
+ $batchbase = false,
+ $fakesuper = false,
+ $id_file = false,
+ # [services]
+ $initscripts = false,
+ $service = false,
+ # [system]
+ $rm = false,
+ $cp = false,
+ $touch = false,
+ $mv = false,
+ $fsck = false,
+ # ssh keypair config
+ $key = false,
+ $keymanage = $backupninja::keymanage,
+ $backupkeystore = $backupninja::keystore,
+ $backupkeytype = $backupninja::keytype,
+ $ssh_dir_manage = true,
+ $ssh_dir = "${home}/.ssh",
+ $authorized_keys_file = 'authorized_keys',
+ # sandbox config
+ $installuser = true,
+ $backuptag = "backupninja-${::fqdn}",
+ # monitoring
+ $nagios_description = "backups-${name}" ) {
- $log = false, $partition = false, $fscheck = false, $read_only = false,
- $mountpoint = false, $backupdir = false, $format = false, $days = false,
- $keepdaily = false, $keepweekly = false, $keepmonthly = false, $lockfile = false,
- $nicelevel = 0, $enable_mv_timestamp_bug = false, $tmp = false, $multiconnection = false,
-
- $exclude_vserver = false,
- $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash",
- "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule",
- "/home/*/gtk-gnutella-downloads" ],
- $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root",
- "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ],
-
- $testconnect = false, $protocol = false, $ssh = false, $port = false,
- $bandwidthlimit = false, $remote_rsync = false, $id_file = false,
- $batch = false, $batchbase = false, $numericids = false, $compress = false,
- $fakesuper = false,
-
- $initscripts = false, $service = false,
-
- $rm = false, $cp = false, $touch = false, $mv = false, $fsck = false)
-{
# install client dependencies
ensure_resource('package', 'rsync', {'ensure' => $backupninja::ensure_rsync_version})
@@ -55,7 +101,7 @@ define backupninja::rsync(
backuptag => $backuptag,
keytype => $backupkeytype,
backupkeys => $backupkeystore,
- nagios_description => $nagios_description
+ nagios_description => $nagios_description
}
backupninja::key { "${user}-${name}":
diff --git a/manifests/server.pp b/manifests/server.pp
index d76ddca..e742f03 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -54,11 +54,22 @@ class backupninja::server (
# this define allows nodes to declare a remote backup sandbox, that have to
# get created on the server
- define sandbox(
- $user = $name, $host = $::fqdn, $installuser = true, $dir, $manage_ssh_dir = true,
- $ssh_dir = "${dir}/.ssh", $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false,
- $gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $nagios_description = 'backups')
- {
+ define sandbox (
+ $user = $name,
+ $host = $::fqdn,
+ $installuser = true,
+ $dir,
+ $manage_ssh_dir = true,
+ $ssh_dir = "${dir}/.ssh",
+ $authorized_keys_file = 'authorized_keys',
+ $key = false,
+ $keytype = 'dss',
+ $backupkeys = "${fileserver}/keys/backupkeys",
+ $uid = false,
+ $gid = "backupninjas",
+ $backuptag = "backupninja-${::fqdn}",
+ $nagios_description = 'backups'
+ ) {
if $backupninja::manage_nagios {
# configure a passive service check for backups
@@ -80,61 +91,62 @@ class backupninja::server (
}
}
- case $installuser {
- true: {
- if $manage_ssh_dir == true {
- if !defined(File["$ssh_dir"]) {
- @@file { "${ssh_dir}":
- ensure => directory,
- mode => 0700, owner => $user, group => 0,
- require => [User[$user], File["$dir"]],
- tag => "$backuptag",
- }
+ if $installuser {
+
+ if $manage_ssh_dir {
+ if !defined(File["$ssh_dir"]) {
+ @@file { "${ssh_dir}":
+ ensure => directory,
+ mode => 0700, owner => $user, group => 0,
+ require => [User[$user], File["$dir"]],
+ tag => "$backuptag",
}
- }
- case $key {
- false: {
- if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
- @@file { "${ssh_dir}/${authorized_keys_file}":
- ensure => present,
- mode => 0644, owner => 0, group => 0,
- source => "${backupkeys}/${user}_id_${keytype}.pub",
- require => File["${ssh_dir}"],
- tag => "$backuptag",
- }
- }
- }
- default: {
- if !defined(Ssh_autorized_key["$user"]) {
- @@ssh_authorized_key{ "$user":
- type => $keytype,
- key => $key,
- user => $user,
- target => "${ssh_dir}/${authorized_keys_file}",
- tag => "$backuptag",
- require => User[$user],
- }
- }
- }
- }
- if !defined(User["$user"]) {
- @@user { "$user":
- ensure => "present",
- uid => $uid ? {
- false => undef,
- default => $uid
- },
- gid => "$gid",
- comment => "$user backup sandbox",
- home => "$dir",
- managehome => true,
- shell => "/bin/bash",
- password => '*',
- require => Group['backupninjas'],
- tag => "$backuptag"
+ }
+ }
+
+ if $key {
+ # $key contais ssh public key
+ if !defined(Ssh_autorized_key["$user"]) {
+ @@ssh_authorized_key{ "$user":
+ type => $keytype,
+ key => $key,
+ user => $user,
+ target => "${ssh_dir}/${authorized_keys_file}",
+ tag => "$backuptag",
+ require => User[$user],
}
}
}
+ else {
+ # get ssh public key exists from server
+ if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
+ @@file { "${ssh_dir}/${authorized_keys_file}":
+ ensure => present,
+ mode => 0644, owner => 0, group => 0,
+ source => "${backupkeys}/${user}_id_${keytype}.pub",
+ require => File["${ssh_dir}"],
+ tag => "$backuptag",
+ }
+ }
+ }
+
+ if !defined(User["$user"]) {
+ @@user { "$user":
+ ensure => "present",
+ uid => $uid ? {
+ false => undef,
+ default => $uid
+ },
+ gid => "$gid",
+ comment => "$user backup sandbox",
+ home => "$dir",
+ managehome => true,
+ shell => "/bin/bash",
+ password => '*',
+ require => Group['backupninjas'],
+ tag => "$backuptag"
+ }
+ }
}
}
}