From 6733f1a95137886d32d63af904d1a903b5dcf1b6 Mon Sep 17 00:00:00 2001
From: 7u83 <7u83@mail.ru>
Date: Wed, 16 Sep 2020 19:02:13 +0200
Subject: [PATCH] Initial commit

---
 manifests/init.pp | 233 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 233 insertions(+)
 create mode 100644 manifests/init.pp

diff --git a/manifests/init.pp b/manifests/init.pp
new file mode 100644
index 0000000..97936c7
--- /dev/null
+++ b/manifests/init.pp
@@ -0,0 +1,233 @@
+#wmdeit_backup
+
+
+
+class wmdeit_backup(
+	$backup_dir = "/srv/backup",
+	$backup_key_file = "/root/.ssh/backup_key",
+	$backup_key,
+	$mnt_server = undef
+
+) {
+
+
+
+	
+	file {$backup_dir:
+		ensure => directory
+	}  -> 
+	file {"$backup_dir/mnt":
+		ensure => directory
+	} ->
+	file {"$backup_dir/backup.sh":
+		ensure => absent,
+		content => "#!/bin/bash\n/usr/bin/rsnapshot -c $backup_dir/\$1 daily && we=\$(LC_TIME=C date +%A) && if [ \$we = \"Friday\" ]; then /usr/bin/rsnapshot -c $backup_dir/\$1 weekly; fi",
+		mode => '755',
+	}
+
+	if $mnt_server {
+		mount {"$backup_dir/mnt":
+			device => "sshfs#$mnt_server",
+			fstype => "fuse",
+			ensure => mounted,
+			require => File["$backup_dir/mnt"],
+			options => defaults,
+			remounts => false
+		} 
+	}
+
+
+
+	package { ["rsnapshot","sshfs"]:
+		ensure => installed,
+	}
+
+	file { "/root/.ssh":
+		ensure => directory,
+		mode => "600",
+	} ->
+	file {"$backup_key_file":
+		ensure => file,
+		content => $backup_key,
+		mode => "600",
+	}
+}
+
+
+define wmdeit_backup::scpbackup (
+	$weekday = 0
+
+) {
+	$dir = $title
+
+	$bname = $title
+	$backup_key_file = $wmdeit_backup::backup_key_file
+	$backup_pub_key_file = "/tmp/backup_pub.pem" 
+	$privkey = "/root/${title}_privkey"
+	$backup_dir = $wmdeit_backup::backup_dir 
+	$shellscript = "$backup_dir/backup-scp-$title.sh"
+
+	$tdir = "$backup_dir/$dir/daily.0"
+
+
+	file {"$shellscript":
+		mode => "700",
+		ensure => file,
+		content => "#!/bin/sh
+#Get current week of year modulo 2, so we can name our backups alternating backup1 and backup02 
+G=\$((`/bin/date +%V` % 2))
+# create key
+/usr/bin/openssl rand -hex 64 -out $privkey
+# create encrypted backup
+/usr/bin/openssl rsautl -encrypt -inkey $backup_pub_key_file -pubin -in $privkey -out  $backup_dir/mnt/backup-$bname-0\$G-privkey.enc
+cd $tdir
+tar  c ./ | xz -3  |  openssl enc -aes-256-cbc -salt -pass file:$privkey > $backup_dir/mnt/backup-$bname-0\$G-tar.xz.enc
+# upload backup to server
+#scp $backup_dir/mnt/backup-$bname\$G-privkey.enc $server:backup-$bname\$G-privkey.enc
+#rsync $backup_dir/mnt/backup-$bname\$G-tar.xz.enc $server:backup-$bname\$G-tar.xz.enc 
+rm $privkey
+"
+	}
+#
+#
+#	exec {"/usr/bin/openssl rsa -in $backup_key_file -pubout -out $backup_pub_key_file":
+#		creates => $backup_pub_key_file
+#	}
+#
+
+	cron {"scpbackup-$title":
+		weekday => $weekday,
+		hour => 23,
+		minute => 0,
+		command => "$shellscript"
+	}
+
+
+}
+
+class wmdeit_backup::mysqldump_all (
+	$hour = 20,		# Start SQL-Dump by default after Tagesschau
+	$minute = 15
+	){
+
+	$mysql = '/usr/bin/mysql'
+	$mysqldump = '/usr/bin/mysqldump'
+
+	cron {'mysqldump':
+		ensure => present,
+		user => root,	
+		command => "$mysql -N -e 'show databases' | while read dbname; do $mysqldump --complete-insert --routines --triggers --single-transaction --max_allowed_packet=512M \"\$dbname\" > /var/backups/\"\$dbname\".sql; done",
+
+		hour => $hour,
+		minute => $minute,
+	}
+}
+
+
+
+define wmdeit_backup::backup(
+
+	$ssh_port = 22, 
+	$server=$title,
+	$dirs = ["/"],
+	$local_dir = "./",
+	$retain_daily = 30,
+	$retain_weekly = 24,
+	$retain_monthly = 0,
+	$daily_hour = 3,
+	$daily_minute = 0,
+
+) {
+	$bname = $title
+	$backup_dir = $wmdeit_backup::backup_dir 
+	$backup_key_file = $wmdeit_backup::backup_key_file
+
+	if $daily_hour > 23 {
+		$idaily_hour = $daily_hour - 23
+	}
+	else {
+		$idaily_hour = $daily_hour 
+	}
+
+
+	if $idaily_hour-1 < 0 {
+		$weekly_hour = $idaily_hout+23
+	}
+	else {
+		$weekly_hour = $idaily_hour-1
+	}
+	$weekly_minute = $daily_minute
+
+	cron {"daily_backup$title":
+		ensure => present,
+		hour => $idaily_hour,
+		minute => $daily_minute,
+		command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf daily",
+		user => 'root'
+	}
+
+	if $retain_weekly != 0 {
+		$retain_weekly_string = "retain\tweekly\t$retain_weekly"
+		$weekly_cron = present
+	}
+	else {
+		$weekly_cron = absent
+	}	
+
+	cron {"weekly_backup$title":
+		ensure => present,
+		hour => $weekly_hour,
+		minute => $weekly_minute,
+		weekday => 0,
+		command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf weekly",
+		user => 'root'
+	}
+
+	if $retain_monthly != 0 {
+		$retain_monthly_string = "retain\tmonthly\t$retain_monthly"
+		$monthly_cron = present
+	}
+	else {
+		$monthly_cron = absent
+	}
+
+	cron {"monthly_backup$title":
+		ensure => $monthly_cron,
+		monthday => 1,
+		hour => 1,
+		minute => 0,
+		command => "/usr/bin/rsnapshot -c $backup_dir/$bname.conf monthly",
+		user => 'root'
+	}
+
+
+
+
+	$bdirs = join ($dirs.map | String $dir| {
+		"backup	root@$server:$dir\t$local_dir\n"
+	},"")
+
+	file {"$backup_dir/$bname.conf":
+		ensure => file,
+		content => "config_version	1.2
+snapshot_root	$backup_dir/$bname
+cmd_cp		/bin/cp
+cmd_rm		/bin/rm
+cmd_rsync	/usr/bin/rsync
+cmd_ssh		/usr/bin/ssh
+cmd_logger	/usr/bin/logger
+retain	daily	$retain_daily
+$retain_weekly_string
+$retain_monthly_string
+
+verbose		2
+loglevel	3
+lockfile	/var/run/rsnapshot-$bname.pid
+ssh_args	-p $ssh_port -i $backup_key_file
+rsync_long_args	--delete --numeric-ids --relative --delete-excluded 
+
+$bdirs
+
+"			
+	}
+}