Initial commit

This commit is contained in:
7u83 2020-09-16 19:02:13 +02:00
parent f1582f8953
commit 6733f1a951
1 changed files with 233 additions and 0 deletions

233
manifests/init.pp Normal file
View File

@ -0,0 +1,233 @@
#wmdeit_backup
class wmdeit_backup(
$backup_dir = "/srv/backup",
$backup_key_file = "/root/.ssh/backup_key",
$backup_key,
$mnt_server = undef
) {
file {$backup_dir:
ensure => directory
} ->
file {"$backup_dir/mnt":
ensure => directory
} ->
file {"$backup_dir/backup.sh":
ensure => absent,
content => "#!/bin/bash\n/usr/bin/rsnapshot -c $backup_dir/\$1 daily && we=\$(LC_TIME=C date +%A) && if [ \$we = \"Friday\" ]; then /usr/bin/rsnapshot -c $backup_dir/\$1 weekly; fi",
mode => '755',
}
if $mnt_server {
mount {"$backup_dir/mnt":
device => "sshfs#$mnt_server",
fstype => "fuse",
ensure => mounted,
require => File["$backup_dir/mnt"],
options => defaults,
remounts => false
}
}
package { ["rsnapshot","sshfs"]:
ensure => installed,
}
file { "/root/.ssh":
ensure => directory,
mode => "600",
} ->
file {"$backup_key_file":
ensure => file,
content => $backup_key,
mode => "600",
}
}
define wmdeit_backup::scpbackup (
$weekday = 0
) {
$dir = $title
$bname = $title
$backup_key_file = $wmdeit_backup::backup_key_file
$backup_pub_key_file = "/tmp/backup_pub.pem"
$privkey = "/root/${title}_privkey"
$backup_dir = $wmdeit_backup::backup_dir
$shellscript = "$backup_dir/backup-scp-$title.sh"
$tdir = "$backup_dir/$dir/daily.0"
file {"$shellscript":
mode => "700",
ensure => file,
content => "#!/bin/sh
#Get current week of year modulo 2, so we can name our backups alternating backup1 and backup02
G=\$((`/bin/date +%V` % 2))
# create key
/usr/bin/openssl rand -hex 64 -out $privkey
# create encrypted backup
/usr/bin/openssl rsautl -encrypt -inkey $backup_pub_key_file -pubin -in $privkey -out $backup_dir/mnt/backup-$bname-0\$G-privkey.enc
cd $tdir
tar c ./ | xz -3 | openssl enc -aes-256-cbc -salt -pass file:$privkey > $backup_dir/mnt/backup-$bname-0\$G-tar.xz.enc
# upload backup to server
#scp $backup_dir/mnt/backup-$bname\$G-privkey.enc $server:backup-$bname\$G-privkey.enc
#rsync $backup_dir/mnt/backup-$bname\$G-tar.xz.enc $server:backup-$bname\$G-tar.xz.enc
rm $privkey
"
}
#
#
# exec {"/usr/bin/openssl rsa -in $backup_key_file -pubout -out $backup_pub_key_file":
# creates => $backup_pub_key_file
# }
#
cron {"scpbackup-$title":
weekday => $weekday,
hour => 23,
minute => 0,
command => "$shellscript"
}
}
class wmdeit_backup::mysqldump_all (
$hour = 20, # Start SQL-Dump by default after Tagesschau
$minute = 15
){
$mysql = '/usr/bin/mysql'
$mysqldump = '/usr/bin/mysqldump'
cron {'mysqldump':
ensure => present,
user => root,
command => "$mysql -N -e 'show databases' | while read dbname; do $mysqldump --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M \"\$dbname\" > /var/backups/\"\$dbname\".sql; done",
hour => $hour,
minute => $minute,
}
}
define wmdeit_backup::backup(
$ssh_port = 22,
$server=$title,
$dirs = ["/"],
$local_dir = "./",
$retain_daily = 30,
$retain_weekly = 24,
$retain_monthly = 0,
$daily_hour = 3,
$daily_minute = 0,
) {
$bname = $title
$backup_dir = $wmdeit_backup::backup_dir
$backup_key_file = $wmdeit_backup::backup_key_file
if $daily_hour > 23 {
$idaily_hour = $daily_hour - 23
}
else {
$idaily_hour = $daily_hour
}
if $idaily_hour-1 < 0 {
$weekly_hour = $idaily_hout+23
}
else {
$weekly_hour = $idaily_hour-1
}
$weekly_minute = $daily_minute
cron {"daily_backup$title":
ensure => present,
hour => $idaily_hour,
minute => $daily_minute,
command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf daily",
user => 'root'
}
if $retain_weekly != 0 {
$retain_weekly_string = "retain\tweekly\t$retain_weekly"
$weekly_cron = present
}
else {
$weekly_cron = absent
}
cron {"weekly_backup$title":
ensure => present,
hour => $weekly_hour,
minute => $weekly_minute,
weekday => 0,
command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf weekly",
user => 'root'
}
if $retain_monthly != 0 {
$retain_monthly_string = "retain\tmonthly\t$retain_monthly"
$monthly_cron = present
}
else {
$monthly_cron = absent
}
cron {"monthly_backup$title":
ensure => $monthly_cron,
monthday => 1,
hour => 1,
minute => 0,
command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf monthly",
user => 'root'
}
$bdirs = join ($dirs.map | String $dir| {
"backup root@$server:$dir\t$local_dir\n"
},"")
file {"$backup_dir/$bname.conf":
ensure => file,
content => "config_version 1.2
snapshot_root $backup_dir/$bname
cmd_cp /bin/cp
cmd_rm /bin/rm
cmd_rsync /usr/bin/rsync
cmd_ssh /usr/bin/ssh
cmd_logger /usr/bin/logger
retain daily $retain_daily
$retain_weekly_string
$retain_monthly_string
verbose 2
loglevel 3
lockfile /var/run/rsnapshot-$bname.pid
ssh_args -p $ssh_port -i $backup_key_file
rsync_long_args --delete --numeric-ids --relative --delete-excluded
$bdirs
"
}
}