diff options
Diffstat (limited to 'manifests/server.pp')
| -rw-r--r-- | manifests/server.pp | 124 |
1 files changed, 68 insertions, 56 deletions
diff --git a/manifests/server.pp b/manifests/server.pp index d76ddca..e742f03 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -54,11 +54,22 @@ class backupninja::server ( # this define allows nodes to declare a remote backup sandbox, that have to # get created on the server - define sandbox( - $user = $name, $host = $::fqdn, $installuser = true, $dir, $manage_ssh_dir = true, - $ssh_dir = "${dir}/.ssh", $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false, - $gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $nagios_description = 'backups') - { + define sandbox ( + $user = $name, + $host = $::fqdn, + $installuser = true, + $dir, + $manage_ssh_dir = true, + $ssh_dir = "${dir}/.ssh", + $authorized_keys_file = 'authorized_keys', + $key = false, + $keytype = 'dss', + $backupkeys = "${fileserver}/keys/backupkeys", + $uid = false, + $gid = "backupninjas", + $backuptag = "backupninja-${::fqdn}", + $nagios_description = 'backups' + ) { if $backupninja::manage_nagios { # configure a passive service check for backups @@ -80,61 +91,62 @@ class backupninja::server ( } } - case $installuser { - true: { - if $manage_ssh_dir == true { - if !defined(File["$ssh_dir"]) { - @@file { "${ssh_dir}": - ensure => directory, - mode => 0700, owner => $user, group => 0, - require => [User[$user], File["$dir"]], - tag => "$backuptag", - } + if $installuser { + + if $manage_ssh_dir { + if !defined(File["$ssh_dir"]) { + @@file { "${ssh_dir}": + ensure => directory, + mode => 0700, owner => $user, group => 0, + require => [User[$user], File["$dir"]], + tag => "$backuptag", } - } - case $key { - false: { - if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { - @@file { "${ssh_dir}/${authorized_keys_file}": - ensure => present, - mode => 0644, owner => 0, group => 0, - source => "${backupkeys}/${user}_id_${keytype}.pub", - require => File["${ssh_dir}"], - tag => "$backuptag", - } - } - } - default: { - if !defined(Ssh_autorized_key["$user"]) { - @@ssh_authorized_key{ "$user": - type => $keytype, - key => $key, - user => $user, - target => "${ssh_dir}/${authorized_keys_file}", - tag => "$backuptag", - require => User[$user], - } - } - } - } - if !defined(User["$user"]) { - @@user { "$user": - ensure => "present", - uid => $uid ? { - false => undef, - default => $uid - }, - gid => "$gid", - comment => "$user backup sandbox", - home => "$dir", - managehome => true, - shell => "/bin/bash", - password => '*', - require => Group['backupninjas'], - tag => "$backuptag" + } + } + + if $key { + # $key contais ssh public key + if !defined(Ssh_autorized_key["$user"]) { + @@ssh_authorized_key{ "$user": + type => $keytype, + key => $key, + user => $user, + target => "${ssh_dir}/${authorized_keys_file}", + tag => "$backuptag", + require => User[$user], } } } + else { + # get ssh public key exists from server + if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { + @@file { "${ssh_dir}/${authorized_keys_file}": + ensure => present, + mode => 0644, owner => 0, group => 0, + source => "${backupkeys}/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$backuptag", + } + } + } + + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + uid => $uid ? { + false => undef, + default => $uid + }, + gid => "$gid", + comment => "$user backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/bash", + password => '*', + require => Group['backupninjas'], + tag => "$backuptag" + } + } } } } |