From 79c64c8854c6f6a6eb3615a6612440298c31ad4f Mon Sep 17 00:00:00 2001 From: Jerome Charaoui Date: Mon, 11 May 2015 16:50:35 -0400 Subject: lint worst offenders --- manifests/rdiff.pp | 95 +++++++++++++++++++++++++++------------- manifests/rsync.pp | 104 +++++++++++++++++++++++++++++++------------ manifests/server.pp | 124 ++++++++++++++++++++++++++++------------------------ 3 files changed, 208 insertions(+), 115 deletions(-) diff --git a/manifests/rdiff.pp b/manifests/rdiff.pp index 4929d68..a20077f 100644 --- a/manifests/rdiff.pp +++ b/manifests/rdiff.pp @@ -15,20 +15,50 @@ # options should be given as arrays if you want to specify multiple # directories. # -define backupninja::rdiff( - $order = 90, $ensure = present, - $user = false, $home = "/home/${user}-${name}", $host = false, - $type = 'local', - $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash", - "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule", - "/home/*/gtk-gnutella-downloads" ], - $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root", - "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ], - $vsinclude = false, $keep = 30, $sshoptions = false, $options = '--force', $ssh_dir_manage = true, - $ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys', $installuser = true, $keymanage = $backupninja::keymanage, $key = false, - $backuptag = "backupninja-${::fqdn}", $backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore, - $extras = false, $nagios_description = "backups-${name}") -{ +define backupninja::rdiff( $order = 90, + $ensure = present, + # [general] + $options = '--force', + $extras = false, + # [source] + $include = [ "/var/spool/cron/crontabs", + "/var/backups", + "/etc", + "/root", + "/home", + "/usr/local/*bin", + "/var/lib/dpkg/status*" + ], + $exclude = [ "/home/*/.gnupg", + "/home/*/.local/share/Trash", + "/home/*/.Trash", + "/home/*/.thumbnails", + "/home/*/.beagle", + "/home/*/.aMule", + "/home/*/gtk-gnutella-downloads" + ], + $vsinclude = false, + # [dest] + $type = 'local', + $host = false, + $user = false, + $home = "/home/${user}-${name}", + $keep = 30, + $sshoptions = false, + # ssh keypair config + $key = false, + $keymanage = $backupninja::keymanage, + $backupkeystore = $backupninja::keystore, + $backupkeytype = $backupninja::keytype, + $ssh_dir_manage = true, + $ssh_dir = "${home}/.ssh", + $authorized_keys_file = 'authorized_keys', + # sandbox config + $installuser = true, + $backuptag = "backupninja-${::fqdn}", + # monitoring + $nagios_description = "backups-${name}" ) { + # install client dependencies ensure_resource('package', 'rdiff-backup', {'ensure' => $backupninja::ensure_rdiffbackup_version}) @@ -38,32 +68,37 @@ define backupninja::rdiff( 'remote': { case $host { false: { err("need to define a host for remote backups!") } } - backupninja::server::sandbox - { - "${user}-${name}": user => $user, host => $host, dir => $home, - manage_ssh_dir => $ssh_dir_manage, ssh_dir => $ssh_dir, key => $key, - authorized_keys_file => $authorized_keys_file, installuser => $installuser, - backuptag => $backuptag, keytype => $backupkeytype, backupkeys => $backupkeystore, - nagios_description => $nagios_description + backupninja::server::sandbox { "${user}-${name}": + user => $user, + host => $host, + dir => $home, + manage_ssh_dir => $ssh_dir_manage, + ssh_dir => $ssh_dir, + key => $key, + authorized_keys_file => $authorized_keys_file, + installuser => $installuser, + backuptag => $backuptag, + backupkeys => $backupkeystore, + keytype => $backupkeytype, + nagios_description => $nagios_description } - backupninja::key - { - "${user}-${name}": user => $user, + backupninja::key { "${user}-${name}": + user => $user, keymanage => $keymanage, - keytype => $backupkeytype, - keystore => $backupkeystore, + keytype => $backupkeytype, + keystore => $backupkeystore, } } } file { "${backupninja::configdir}/${order}_${name}.rdiff": - ensure => $ensure, + ensure => $ensure, content => template('backupninja/rdiff.conf.erb'), - owner => root, - group => root, - mode => 0600, + owner => root, + group => root, + mode => 0600, require => File["${backupninja::configdir}"] } } diff --git a/manifests/rsync.pp b/manifests/rsync.pp index af427bf..145fdad 100644 --- a/manifests/rsync.pp +++ b/manifests/rsync.pp @@ -1,35 +1,81 @@ # Run rsync as part of a backupninja run. # Based on backupninja::rdiff -define backupninja::rsync( - $order = 90, $ensure = present, - $user = false, $home = "/home/${user}-${name}", $host = false, - $ssh_dir_manage = true, $ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys', - $installuser = true, $keymanage = $backupninja::keymanage, $key = false, $backuptag = "backupninja-${::fqdn}", - $backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore, $extras = false, - $nagios_description = "backups-${name}", $subfolder = 'rsync', +define backupninja::rsync( $order = 90, + $ensure = present, + # [general] + $log = false, + $partition = false, + $fscheck = false, + $read_only = false, + $mountpoint = false, + $format = false, + $days = false, + $keepdaily = false, + $keepweekly = false, + $keepmonthly = false, + $lockfile = false, + $nicelevel = 0, + $tmp = false, + $multiconnection = false, + $enable_mv_timestamp_bug = false, + # [source] + $include = [ "/var/spool/cron/crontabs", + "/var/backups", + "/etc", + "/root", + "/home", + "/usr/local/*bin", + "/var/lib/dpkg/status*" + ], + $exclude = [ "/home/*/.gnupg", + "/home/*/.local/share/Trash", + "/home/*/.Trash", + "/home/*/.thumbnails", + "/home/*/.beagle", + "/home/*/.aMule", + "/home/*/gtk-gnutella-downloads" + ], + # [dest] + $host = false, + $user = false, + $home = "/home/${user}-${name}", + $subfolder = 'rsync', + $testconnect = false, + $ssh = false, + $protocol = false, + $numericids = false, + $compress = false, + $port = false, + $bandwidthlimit = false, + $remote_rsync = false, + $batch = false, + $batchbase = false, + $fakesuper = false, + $id_file = false, + # [services] + $initscripts = false, + $service = false, + # [system] + $rm = false, + $cp = false, + $touch = false, + $mv = false, + $fsck = false, + # ssh keypair config + $key = false, + $keymanage = $backupninja::keymanage, + $backupkeystore = $backupninja::keystore, + $backupkeytype = $backupninja::keytype, + $ssh_dir_manage = true, + $ssh_dir = "${home}/.ssh", + $authorized_keys_file = 'authorized_keys', + # sandbox config + $installuser = true, + $backuptag = "backupninja-${::fqdn}", + # monitoring + $nagios_description = "backups-${name}" ) { - $log = false, $partition = false, $fscheck = false, $read_only = false, - $mountpoint = false, $backupdir = false, $format = false, $days = false, - $keepdaily = false, $keepweekly = false, $keepmonthly = false, $lockfile = false, - $nicelevel = 0, $enable_mv_timestamp_bug = false, $tmp = false, $multiconnection = false, - - $exclude_vserver = false, - $exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash", - "/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule", - "/home/*/gtk-gnutella-downloads" ], - $include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root", - "/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ], - - $testconnect = false, $protocol = false, $ssh = false, $port = false, - $bandwidthlimit = false, $remote_rsync = false, $id_file = false, - $batch = false, $batchbase = false, $numericids = false, $compress = false, - $fakesuper = false, - - $initscripts = false, $service = false, - - $rm = false, $cp = false, $touch = false, $mv = false, $fsck = false) -{ # install client dependencies ensure_resource('package', 'rsync', {'ensure' => $backupninja::ensure_rsync_version}) @@ -55,7 +101,7 @@ define backupninja::rsync( backuptag => $backuptag, keytype => $backupkeytype, backupkeys => $backupkeystore, - nagios_description => $nagios_description + nagios_description => $nagios_description } backupninja::key { "${user}-${name}": diff --git a/manifests/server.pp b/manifests/server.pp index d76ddca..e742f03 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -54,11 +54,22 @@ class backupninja::server ( # this define allows nodes to declare a remote backup sandbox, that have to # get created on the server - define sandbox( - $user = $name, $host = $::fqdn, $installuser = true, $dir, $manage_ssh_dir = true, - $ssh_dir = "${dir}/.ssh", $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false, - $gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $nagios_description = 'backups') - { + define sandbox ( + $user = $name, + $host = $::fqdn, + $installuser = true, + $dir, + $manage_ssh_dir = true, + $ssh_dir = "${dir}/.ssh", + $authorized_keys_file = 'authorized_keys', + $key = false, + $keytype = 'dss', + $backupkeys = "${fileserver}/keys/backupkeys", + $uid = false, + $gid = "backupninjas", + $backuptag = "backupninja-${::fqdn}", + $nagios_description = 'backups' + ) { if $backupninja::manage_nagios { # configure a passive service check for backups @@ -80,61 +91,62 @@ class backupninja::server ( } } - case $installuser { - true: { - if $manage_ssh_dir == true { - if !defined(File["$ssh_dir"]) { - @@file { "${ssh_dir}": - ensure => directory, - mode => 0700, owner => $user, group => 0, - require => [User[$user], File["$dir"]], - tag => "$backuptag", - } + if $installuser { + + if $manage_ssh_dir { + if !defined(File["$ssh_dir"]) { + @@file { "${ssh_dir}": + ensure => directory, + mode => 0700, owner => $user, group => 0, + require => [User[$user], File["$dir"]], + tag => "$backuptag", } - } - case $key { - false: { - if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { - @@file { "${ssh_dir}/${authorized_keys_file}": - ensure => present, - mode => 0644, owner => 0, group => 0, - source => "${backupkeys}/${user}_id_${keytype}.pub", - require => File["${ssh_dir}"], - tag => "$backuptag", - } - } - } - default: { - if !defined(Ssh_autorized_key["$user"]) { - @@ssh_authorized_key{ "$user": - type => $keytype, - key => $key, - user => $user, - target => "${ssh_dir}/${authorized_keys_file}", - tag => "$backuptag", - require => User[$user], - } - } - } - } - if !defined(User["$user"]) { - @@user { "$user": - ensure => "present", - uid => $uid ? { - false => undef, - default => $uid - }, - gid => "$gid", - comment => "$user backup sandbox", - home => "$dir", - managehome => true, - shell => "/bin/bash", - password => '*', - require => Group['backupninjas'], - tag => "$backuptag" + } + } + + if $key { + # $key contais ssh public key + if !defined(Ssh_autorized_key["$user"]) { + @@ssh_authorized_key{ "$user": + type => $keytype, + key => $key, + user => $user, + target => "${ssh_dir}/${authorized_keys_file}", + tag => "$backuptag", + require => User[$user], } } } + else { + # get ssh public key exists from server + if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { + @@file { "${ssh_dir}/${authorized_keys_file}": + ensure => present, + mode => 0644, owner => 0, group => 0, + source => "${backupkeys}/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$backuptag", + } + } + } + + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + uid => $uid ? { + false => undef, + default => $uid + }, + gid => "$gid", + comment => "$user backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/bash", + password => '*', + require => Group['backupninjas'], + tag => "$backuptag" + } + } } } } -- cgit v1.2.3