aboutsummaryrefslogtreecommitdiff
path: root/manifests/dup.pp
blob: 610a2d0fccac68f2d51c69730ed2e8874f59f1b5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Run duplicity-backup as part of a backupninja run.
#
# Valid attributes for this type are:
#
#   order:
#
#      The prefix to give to the handler config filename, to set order in
#      which the actions are executed during the backup run.
#
#   ensure:
#
#      Allows you to delete an entry if you don't want it any more (but be
#      sure to keep the configdir, name, and order the same, so that we can
#      find the correct file to remove).
#
#   options, nicelevel, testconnect, tmpdir, sign, encryptkey, signkey,
#   password, include, exclude, vsinclude, incremental, keep, bandwithlimit,
#   sshoptions, destdir, desthost, desuser:
#
#      As defined in the backupninja documentation.  The options will be
#      placed in the correct sections automatically.  The include and
#      exclude options should be given as arrays if you want to specify
#      multiple directories.
#
#   directory, ssh_dir_manage, ssh_dir, authorized_keys_file, installuser,
#   installkey, backuptag:
#
#      Options for the bakupninja::server::sandbox define, check that
#      definition for more info.
#
# Some notes about this handler:
#
#   - There's no support for a 'local' type in backupninja's duplicity
#     handler on version 0.9.6-4, which is the version available in stable and
#     testing debian repositories by the time of this writing.
define backupninja::duplicity( $order  = 90,
                               $ensure = present,
                               # options to the config file
                               $options     = false, #
                               $nicelevel   = 0, #
                               $testconnect = "yes", #
                               $tmpdir      = "/var/tmp/duplicity", #
                               # [gpg]
                               $sign       = "no",
                               $encryptkey = false,
                               $signkey    = false,
                               $password   = "a_very_complicated_passphrase",
                               # [source]
                               $include = [ "/var/spool/cron/crontabs",
                                            "/var/backups",
                                            "/etc",
                                            "/root",
                                            "/home",
                                            "/usr/local/*bin",
                                            "/var/lib/dpkg/status*" ],
                               $exclude = [ "/home/*/.gnupg",
                                            "/home/*/.local/share/Trash",
                                            "/home/*/.Trash",
                                            "/home/*/.thumbnails",
                                            "/home/*/.beagle",
                                            "/home/*/.aMule",
                                            "/home/*/.gnupg",
                                            "/home/*/.gpg",
                                            "/home/*/.ssh",
                                            "/home/*/gtk-gnutella-downloads",
                                            "/etc/ssh/*" ],
                               $vsinclude = false,
                               # [dest]
                               $incremental   = "yes",
                               $keep          = 60,
                               $bandwithlimit = "0",
                               $sshoptions    = false,
                               $destdir       = "/backups",
                               $desthost      = false,
                               $destuser      = false,
                               # configs to backupninja client
                               $backupkeystore       = false,
                               $backupkeytype        = false,
                               # options to backupninja server sandbox
                               $ssh_dir_manage       = true,
                               $ssh_dir              = false,
                               $authorized_keys_file = false,
                               $installuser          = true,
                               $backuptag            = false,
                               # key options
                               $installkey           = true ) {
  include backupninja::client

  case $host { false: { err("need to define a host for remote backups!") } }
  
  # guarantees there's a configured backup space for this backup
  backupninja::server::sandbox { "${user}-${name}":
    user                 => $destuser,
    host                 => $desthost,
    dir                  => $destdir,
    manage_ssh_dir       => $ssh_dir_manage,
    ssh_dir              => $ssh_dir,
    authorized_keys_file => $authorized_keys_file,
    installuser          => $installuser,
    backuptag            => $backuptag,
    backupkeys           => $backupkeystore,
  }
  
  # the client's ssh key
  backupninja::client::key { "${destuser}-${name}":
    user       => $destuser,
    host       => $desthost,
    installkey => $installkey,
  }

  # the backupninja rule for this duplicity backup
  file { "${backupninja::client::configdir}/${order}_${name}.duplicity":
    ensure  => $ensure,
    content => template('backupninja/dup.conf.erb'),
    owner   => root,
    group   => root,
    mode    => 0600,
    require => File["${backupninja::client::configdir}"]
  }
}