From d07b6344a8762a255bb895dcc0e6db1bf1ae0435 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 22 Mar 2016 17:29:21 -0300 Subject: Move storedconfig code to separate folders, trying to avoid warnings on masterless setup --- manifests/sandbox.pp | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 manifests/sandbox.pp (limited to 'manifests/sandbox.pp') diff --git a/manifests/sandbox.pp b/manifests/sandbox.pp new file mode 100644 index 0000000..4446b67 --- /dev/null +++ b/manifests/sandbox.pp @@ -0,0 +1,97 @@ +# this define allows nodes to declare a remote backup sandbox, that have to +# get created on the server +define backupninja::sandbox ( + $user = $name, + $host = $::fqdn, + $installuser = true, + $manage_ssh_dir = true, + $ssh_dir = "${dir}/.ssh", + $authorized_keys_file = 'authorized_keys', + $key = false, + $keytype = 'dss', + $backupkeys = "${fileserver}/keys/backupkeys", + $uid = false, + $gid = "backupninjas", + $backuptag = "backupninja-${::fqdn}", + $dir, +) { + + if !defined(Backupninja::Storedconfigs::Realize["${::fqdn}@${host}"]) { + @@backupninja::storedconfigs::realize { "${::fqdn}@${host}": + host => $::fqdn, + tag => $host, + } + } + + if !defined(File["$dir"]) { + @@file { "$dir": + ensure => directory, + mode => 0750, + owner => $user, + group => 0, + tag => "$backuptag", + } + } + + if $installuser { + + if $manage_ssh_dir { + if !defined(File["$ssh_dir"]) { + @@file { "${ssh_dir}": + ensure => directory, + mode => 0700, + owner => $user, + group => 0, + require => [User[$user], File["$dir"]], + tag => "$backuptag", + } + } + } + + if $key { + # $key contais ssh public key + if !defined(Ssh_autorized_key["$user"]) { + @@ssh_authorized_key{ "$user": + type => $keytype, + key => $key, + user => $user, + target => "${ssh_dir}/${authorized_keys_file}", + tag => "$backuptag", + require => User[$user], + } + } + } + else { + # get ssh public key exists from server + if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { + @@file { "${ssh_dir}/${authorized_keys_file}": + ensure => present, + mode => 0644, + owner => 0, + group => 0, + source => "${backupkeys}/${user}_id_${keytype}.pub", + require => File["${ssh_dir}"], + tag => "$backuptag", + } + } + } + + if !defined(User["$user"]) { + @@user { "$user": + ensure => "present", + uid => $uid ? { + false => undef, + default => $uid + }, + gid => "$gid", + comment => "$user backup sandbox", + home => "$dir", + managehome => true, + shell => "/bin/bash", + password => '*', + require => Group['backupninjas'], + tag => "$backuptag" + } + } + } +} -- cgit v1.2.3