1 files changed, 53 insertions, 18 deletions

diff --git a/manifests/server.pp b/manifests/server.pp
index 790c931..9db950a 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -23,18 +23,36 @@ class backupninja::server {
     mode => 0710, owner => root, group => "backupninjas"
   }
   
+  file { "/usr/local/bin/checkbackups":
+    ensure => "present",
+    source => "puppet://$servername/backupninja/checkbackups.pl",
+    mode => 0755, owner => root, group => root,
+  }
+
+  cron { checkbackups:
+    command => "/usr/local/bin/checkbackups -d $real_backupdir | /usr/sbin/send_nsca -H nagios.koumbit.net -c /etc/send_nsca.cfg | grep -v 'sent to host successfully'",
+    user => "root",
+    hour => "8-23",
+    minute => 59,
+    require => [ File["/usr/local/bin/checkbackups"], Package['nsca'] ]
+  }
+
   User <<| tag == "backupninja-$real_backupserver_tag" |>>
   File <<| tag == "backupninja-$real_backupserver_tag" |>>
+  Ssh_authorized_key <<| tag == "backupninja-$real_backupserver_tag" |>>
+
+  package { "rsync": ensure => installed }
+  include backupninja::rdiff-installed
 
   # this define allows nodes to declare a remote backup sandbox, that have to
   # get created on the server
   define sandbox(
     $user = false, $host = false, $installuser = true, $dir = false, $manage_ssh_dir = true,
-    $ssh_dir = false, $authorized_keys_file = false, $backupkeys = false, $keytype = "rsa",
-    $uid = false, $gid = "backupninjas", $backuptag = false)
+    $ssh_dir = false, $authorized_keys_file = false, $key = false, $keytype = 'dss', $backupkeys = false, $uid = false,
+    $gid = "backupninjas", $backuptag = false)
   {
     
-    $real_user = $name ? {
+    $real_user = $user ? {
       false => $name,
       default => $user,
       '' => $name,
@@ -63,11 +81,14 @@ class backupninja::server {
       false => "backupninja-$real_host",
       default => $backuptag,
     }
-     
+      
+    # configure a passive service check for backups
+    nagios2::passive_service { "backups-$real_host": nagios2_host_name => $real_host, nagios2_description => 'backups', servicegroups => "backups" }
+
     if !defined(File["$real_dir"]) {
       @@file { "$real_dir":
         ensure => directory,
-        mode => 0750, owner => $user, group => 0,
+        mode => 0750, owner => $real_user, group => 0,
         tag => "$real_backuptag",
       }
     }
@@ -78,22 +99,36 @@ class backupninja::server {
             if !defined(File["$real_ssh_dir"]) {
               @@file { "${real_ssh_dir}":
                 ensure => directory,
-                mode => 0700, owner => $user, group => 0,
-                require => File["$real_dir"],
+                mode => 0700, owner => $real_user, group => 0,
+                require => [User[$real_user], File["$real_dir"]],
                 tag => "$real_backuptag",
               }
             }
           }
         } 
-        if !defined(File["${real_ssh_dir}/${real_authorized_keys_file}"]) {
-          @@file { "${real_ssh_dir}/${real_authorized_keys_file}":
-            ensure => present,
-            mode => 0644, owner => 0, group => 0,
-            source => "$real_backupkeys/${user}_id_${keytype}.pub",
-            require => File["${real_ssh_dir}"],
-            tag => "$real_backuptag",
+	case $key {
+	  false: {
+            if !defined(File["${real_ssh_dir}/${real_authorized_keys_file}"]) {
+              @@file { "${real_ssh_dir}/${real_authorized_keys_file}":
+                ensure => present,
+                mode => 0644, owner => 0, group => 0,
+                source => "$real_backupkeys/${real_user}_id_${keytype}.pub",
+                require => File["${real_ssh_dir}"],
+                tag => "$real_backuptag",
+              }
+            }
+	  }
+	  default: {
+	    @@ssh_authorized_key{ $real_user:
+	      type => $keytype,
+              key => $key,
+	      user => $real_user,
+	      target => "${real_ssh_dir}/${real_authorized_keys_file}",
+       	      tag => "$real_backuptag",
+	      require => User[$real_user],
+            }
           }
-        }
+	}
         case $uid {
           false: {
             if !defined(User["$real_user"]) {
@@ -105,13 +140,13 @@ class backupninja::server {
                 managehome => true,
                 shell   => "/bin/sh",
                 password => '*',
-                require => Group['backupninjas'],
+	        require => Group['backupninjas'],
                 tag => "$real_backuptag"
               }
             }
           }
           default: {
-              if !defined(User["$real_user"]) {
+            if !defined(User["$real_user"]) {
               @@user { "$real_user":
                 ensure  => "present",
                 uid     => "$uid",
@@ -121,7 +156,7 @@ class backupninja::server {
                 managehome => true,
                 shell   => "/bin/sh",
                 password => '*',
-                require => Group['backupninjas'],
+	        require => Group['backupninjas'],
                 tag => "$real_backuptag"
               }
             }