From fd86674685ec2b4f59cd442fcac30bc0a6d98507 Mon Sep 17 00:00:00 2001 From: drebs Date: Sun, 12 Jul 2009 16:25:21 -0300 Subject: adding duplicity configfile template. --- templates/dup.conf.erb | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 templates/dup.conf.erb diff --git a/templates/dup.conf.erb b/templates/dup.conf.erb new file mode 100644 index 0000000..1c4ccfc --- /dev/null +++ b/templates/dup.conf.erb @@ -0,0 +1,42 @@ +# This configuration file was auto-generated by the Puppet configuration +# management system. Any changes you make to this file will be overwritten +# the next time Puppet runs. Please make configuration changes to this +# service in Puppet. + +<%= 'options = ' + options if options %> +<%= 'nicelevel = ' + nicelevel if nicelevel %> +<%= 'testconnect = ' + testconnect if testconnect %> +<%= 'tmpdir = ' + tmpdir if tmpdir %> + +[gpg] +<%= 'sign = ' + sign if sign %> +<%= 'encryptkey = ' + encryptkey if encryptkey %> +<%= 'signkey = ' + signkey if signkey %> +<%= 'password = ' + password if password %> + +[source] +<% if include.is_a? String -%> +<%= 'include = ' + include %> +<% elsif include.is_a? Array -%> +<%= include.map { |i| "include = #{i}" }.join("\n") %> +<% end -%> + +<% if exclude.is_a? String -%> +<%= 'exclude = ' + exclude %> +<% elsif exclude.is_a? Array -%> +<%= exclude.map { |i| "exclude = #{i}" }.join("\n") %> +<% end -%> + +<% if vsinclude.is_a? String -%> +<%= 'vsinclude = ' + vsinclude %> +<% elsif vsinclude.is_a? Array -%> +<%= vsinclude.map { |i| "vsinclude = #{i}" }.join("\n") %> +<% end -%> + +[dest] +<%= 'incremental = ' + incremental if incremental %> +<%= 'keep = ' + keep if keep %> +<%= 'bandwithlimit = ' + bandwithlimit if bandwithlimit %> +<%= 'sshoptions = ' + sshoptions if sshoptions %> +<%= 'destdir = ' + destdir if destdir %> +<%= 'desthost = ' + desthost if desthost %> -- cgit v1.2.3 From f3faa38845cbf19292005d6911b3fddaf7589508 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 02:36:34 -0300 Subject: adding duplicity handler. --- manifests/dup.pp | 116 +++++++++++++++++++++++++++++++++++++++++++++++++ templates/dup.conf.erb | 1 + 2 files changed, 117 insertions(+) create mode 100644 manifests/dup.pp diff --git a/manifests/dup.pp b/manifests/dup.pp new file mode 100644 index 0000000..11fca07 --- /dev/null +++ b/manifests/dup.pp @@ -0,0 +1,116 @@ +# Run duplicity-backup as part of a backupninja run. +# +# Valid attributes for this type are: +# +# order: +# +# The prefix to give to the handler config filename, to set order in +# which the actions are executed during the backup run. +# +# ensure: +# +# Allows you to delete an entry if you don't want it any more (but be +# sure to keep the configdir, name, and order the same, so that we can +# find the correct file to remove). +# +# options, nicelevel, testconnect, tmpdir, sign, encryptkey, signkey, +# password, include, exclude, vsinclude, incremental, keep, bandwithlimit, +# sshoptions, destdir, desthost, desuser: +# +# As defined in the backupninja documentation. The options will be +# placed in the correct sections automatically. The include and +# exclude options should be given as arrays if you want to specify +# multiple directories. +# +# directory, ssh_dir_manage, ssh_dir, authorized_keys_file, installuser, +# installkey, backuptag: +# +# Options for the bakupninja::server::sandbox define, check that +# definition for more info. +# +# Some notes about this handler: +# +# - There's no support for a 'local' type in backupninja's duplicity +# handler on version 0.9.6-4, which is the version available in stable and +# testing debian repositories by the time of this writing. +define backupninja::duplicity( $order = 90, + $ensure = present, + # options to the config file + $options = false, # + $nicelevel = 0, # + $testconnect = "yes", # + $tmpdir = "/var/tmp/duplicity", # + # [gpg] + $sign = "no", + $encryptkey = false, + $signkey = false, + $password = "a_very_complicated_passphrase", + # [source] + $include = [ "/var/spool/cron/crontabs", + "/var/backups", + "/etc", + "/root", + "/home", + "/usr/local/*bin", + "/var/lib/dpkg/status*" ], + $exclude = [ "/home/*/.gnupg", + "/home/*/.local/share/Trash", + "/home/*/.Trash", + "/home/*/.thumbnails", + "/home/*/.beagle", + "/home/*/.aMule", + "/home/*/.gnupg", + "/home/*/.gpg", + "/home/*/.ssh", + "/home/*/gtk-gnutella-downloads"], + $vsinclude = false, + # [dest] + $incremental = "yes", + $keep = 60, + $bandwithlimit = "128", + $sshoptions = false, + $destdir = "/backups", + $desthost = false, + $destuser = false, + # options to backupninja's module sandbox + $ssh_dir_manage = true, + $ssh_dir = false, + $authorized_keys_file = false, + $installuser = true, + $backuptag = false, + # key options + $installkey = true ) { + include backupninja::client + + case $host { false: { err("need to define a host for remote backups!") } } + + # guarantees there's a configured backup space for this backup + backupninja::server::sandbox { "${user}-${name}": + user => $destuser, + host => $desthost, + dir => $destdir, + manage_ssh_dir => $ssh_dir_manage, + ssh_dir => $ssh_dir, + authorized_keys_file => $authorized_keys_file, + installuser => $installuser, + backuptag => $backuptag, + } + + # the client's ssh key + backupninja::client::key { "${destuser}-${name}": + user => $destuser, + host => $desthost, + installkey => $installkey, + } + + # the backupninja rule for this duplicity backup + file { "${backupninja::client::configdir}/${order}_${name}.duplicity": + ensure => $ensure, + content => template('backupninja/dup.conf.erb'), + owner => root, + group => root, + mode => 0600, + require => File["${backupninja::client::configdir}"] + } +} + diff --git a/templates/dup.conf.erb b/templates/dup.conf.erb index 1c4ccfc..ce77a5c 100644 --- a/templates/dup.conf.erb +++ b/templates/dup.conf.erb @@ -40,3 +40,4 @@ <%= 'sshoptions = ' + sshoptions if sshoptions %> <%= 'destdir = ' + destdir if destdir %> <%= 'desthost = ' + desthost if desthost %> +<%= 'destuser = ' + destuser if destuser %> -- cgit v1.2.3 From bd948b3e87fb0b16dd598ad566077fc87ff1cbe8 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 03:40:09 -0300 Subject: some corrections to duplicity handler. --- manifests/dup.pp | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/manifests/dup.pp b/manifests/dup.pp index 11fca07..610a2d0 100644 --- a/manifests/dup.pp +++ b/manifests/dup.pp @@ -62,17 +62,21 @@ define backupninja::duplicity( $order = 90, "/home/*/.gnupg", "/home/*/.gpg", "/home/*/.ssh", - "/home/*/gtk-gnutella-downloads"], + "/home/*/gtk-gnutella-downloads", + "/etc/ssh/*" ], $vsinclude = false, # [dest] $incremental = "yes", $keep = 60, - $bandwithlimit = "128", + $bandwithlimit = "0", $sshoptions = false, $destdir = "/backups", $desthost = false, $destuser = false, - # options to backupninja's module sandbox + # configs to backupninja client + $backupkeystore = false, + $backupkeytype = false, + # options to backupninja server sandbox $ssh_dir_manage = true, $ssh_dir = false, $authorized_keys_file = false, @@ -94,6 +98,7 @@ define backupninja::duplicity( $order = 90, authorized_keys_file => $authorized_keys_file, installuser => $installuser, backuptag => $backuptag, + backupkeys => $backupkeystore, } # the client's ssh key -- cgit v1.2.3 From 4c591e339655f7228b4a7d4e5632d4574dd35a99 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 04:13:15 -0300 Subject: eliminating some globbing because of server cache. --- manifests/init.pp | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 8ed54e3..23b4268 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,16 @@ -import "*.pp" +import "client.pp" +import "config.pp" +import "dup.pp" +import "labelmount.pp" +import "maildir.pp" +import "mysql.pp" +import "rdiff.pp" +import "server.pp" +import "sh.pp" +import "svn.pp" +import "sys.pp" class backupninja { } + -- cgit v1.2.3 From fb99850d39a75c5a24ddd15dd237682de07271d3 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 04:35:33 -0300 Subject: adding backup-key-type to duplicity handler. --- manifests/dup.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/dup.pp b/manifests/dup.pp index 610a2d0..0965c21 100644 --- a/manifests/dup.pp +++ b/manifests/dup.pp @@ -106,6 +106,7 @@ define backupninja::duplicity( $order = 90, user => $destuser, host => $desthost, installkey => $installkey, + keytype => $backupkeytype, } # the backupninja rule for this duplicity backup -- cgit v1.2.3 From 856beebe69dedfb23fe8a51ba7eed7846dba121a Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 04:46:23 -0300 Subject: adding support for keytypes in backupninja server. --- manifests/server.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/server.pp b/manifests/server.pp index 162d889..213022b 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -30,8 +30,8 @@ class backupninja::server { # get created on the server define sandbox( $user = false, $host = false, $installuser = true, $dir = false, $manage_ssh_dir = true, - $ssh_dir = false, $authorized_keys_file = false, $backupkeys = false, $uid = false, - $gid = "backupninjas", $backuptag = false) + $ssh_dir = false, $authorized_keys_file = false, $backupkeys = false, $keytype = "rsa", + $uid = false, $gid = "backupninjas", $backuptag = false) { $real_user = $name ? { @@ -84,7 +84,7 @@ class backupninja::server { @@file { "${real_ssh_dir}/${real_authorized_keys_file}": ensure => present, mode => 0644, owner => 0, group => 0, - source => "$real_backupkeys/${user}_id_rsa.pub", + source => "$real_backupkeys/${user}_id_${keytype}.pub", require => File["${real_ssh_dir}"], tag => "$real_backuptag", } -- cgit v1.2.3 From 89853b4dcf8d93446a12527db64a5c36d3ff0a79 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 04:51:49 -0300 Subject: adding key type for duplicity. --- manifests/dup.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/dup.pp b/manifests/dup.pp index 0965c21..8f34b8b 100644 --- a/manifests/dup.pp +++ b/manifests/dup.pp @@ -99,6 +99,7 @@ define backupninja::duplicity( $order = 90, installuser => $installuser, backuptag => $backuptag, backupkeys => $backupkeystore, + keytype => $backupkeytype, } # the client's ssh key -- cgit v1.2.3 From 73c59d37ff9f35abf4307fd243e4ed5ec9e78d97 Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 13 Jul 2009 05:28:25 -0300 Subject: fixing file extension from ".duplicity" to ".dup". --- manifests/dup.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/dup.pp b/manifests/dup.pp index 8f34b8b..170e53a 100644 --- a/manifests/dup.pp +++ b/manifests/dup.pp @@ -111,7 +111,7 @@ define backupninja::duplicity( $order = 90, } # the backupninja rule for this duplicity backup - file { "${backupninja::client::configdir}/${order}_${name}.duplicity": + file { "${backupninja::client::configdir}/${order}_${name}.dup": ensure => $ensure, content => template('backupninja/dup.conf.erb'), owner => root, -- cgit v1.2.3