# this define allows nodes to declare a remote backup sandbox, that have to # get created on the server define backupninja::sandbox ( $user = $name, $host = $::fqdn, $installuser = true, $manage_ssh_dir = true, $ssh_dir = "${dir}/.ssh", $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false, $gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $dir, ) { if !defined(Backupninja::Storedconfigs::Realize["${::fqdn}@${host}"]) { @@backupninja::storedconfigs::realize { "${::fqdn}@${host}": host => $::fqdn, tag => $host, } } if !defined(File["$dir"]) { @@file { "$dir": ensure => directory, mode => 0750, owner => $user, group => 0, tag => "$backuptag", } } if $installuser { if $manage_ssh_dir { if !defined(File["$ssh_dir"]) { @@file { "${ssh_dir}": ensure => directory, mode => 0700, owner => $user, group => 0, require => [User[$user], File["$dir"]], tag => "$backuptag", } } } if $key { # $key contais ssh public key if !defined(Ssh_autorized_key["$user"]) { @@ssh_authorized_key{ "$user": type => $keytype, key => $key, user => $user, target => "${ssh_dir}/${authorized_keys_file}", tag => "$backuptag", require => User[$user], } } } else { # get ssh public key exists from server if !defined(File["${ssh_dir}/${authorized_keys_file}"]) { @@file { "${ssh_dir}/${authorized_keys_file}": ensure => present, mode => 0644, owner => 0, group => 0, source => "${backupkeys}/${user}_id_${keytype}.pub", require => File["${ssh_dir}"], tag => "$backuptag", } } } if !defined(User["$user"]) { @@user { "$user": ensure => "present", uid => $uid ? { false => undef, default => $uid }, gid => "$gid", comment => "$user backup sandbox", home => "$dir", managehome => true, shell => "/bin/bash", password => '*', require => Group['backupninjas'], tag => "$backuptag" } } } }