Compare commits

..

2 Commits

Author SHA1 Message Date
Charlie Root 7df89cbba9 Borg support - initial commit 2021-06-25 10:36:35 +02:00
Charlie Root fd3074d31c Make pubkey unique 2021-06-25 10:35:55 +02:00
4 changed files with 138 additions and 5 deletions

84
manifests/borg.pp Normal file
View File

@ -0,0 +1,84 @@
class wmdeit_backup::borg (
$repos = $borg_repos,
$scripts = $borg_scripts
)
inherits wmdeit_backup::params
{
class {"wmdeit_backup::setup":
}->
package {$borg_packages:
ensure => installed
}
file {$scripts:
ensure => directory
}
}
define wmdeit_backup::borg_backup
(
$server = $title,
$dirs = [],
$encryption = "keyfile",
$passphrase = "",
$ssh_user = 'root',
$ssh_port = '22',
$ssh_check_hostkey = 'no',
$weekday = undef,
$hour = '0',
$minute = '0',
) {
$scripts = $wmdeit_backup::borg::scripts
$repos = $wmdeit_backup::borg::repos
$borg_cmd = $wmdeit_backup::borg::borg_cmd
$repo = "$repos/$title"
exec {"borg_init_$title":
command => "/bin/sh -c 'export BORG_PASSPHRASE=$passphrase && $borg_cmd init -e $encryption $repo'",
unless => "/bin/sh -c 'export BORG_PASSPHRASE=$passphrase && $borg_cmd list -e $encryption $repo'",
# creates => $repo
}
$p = $dirs.map | $str | { ".$str" }
$backup_dirs = join($p," ")
$mnt = "$wmdeit_backup::borg::borg_mnt/$title"
$script_name = "$scripts/$title.sh"
file {$mnt:
ensure => directory
}->
file {$script_name:
ensure => file,
content => "#!/bin/sh
export BORG_PASSPHRASE=$passphrase
D=`date +%F`
$wmdeit_backup::borg::sshfs_cmd -oStrictHostKeyChecking=$ssh_check_hostkey -oPort=$ssh_port $ssh_user@$server:/ $mnt
cd $mnt
CMD=\"$borg_cmd create ${repo}::$title-\${D} $backup_dirs\"
\$CMD
cd /
umount $mnt
"
}->
cron {"borg-$title":
weekday => $weekday,
hour => $hour,
minute => $minute,
command => "/bin/sh $script_name"
}
}

View File

@ -6,7 +6,7 @@ class wmdeit_backup(
$backup_dir = "/srv/backup", $backup_dir = "/srv/backup",
$backup_key_file = "/root/.ssh/backup_key", $backup_key_file = "/root/.ssh/backup_key",
$backup_key, $backup_key,
$mnt_server = undef $mnt_server = undef,
) { ) {
@ -62,19 +62,19 @@ define wmdeit_backup::scpbackup (
$bname = $title $bname = $title
$backup_key_file = $wmdeit_backup::backup_key_file $backup_key_file = $wmdeit_backup::backup_key_file
$backup_pub_key_file = "/tmp/backup_pub.pem" $backup_pub_key_file = "/tmp/backup_pub-$title.pem"
$privkey = "/root/${title}_privkey" $privkey = "/root/${title}_privkey"
$backup_dir = $wmdeit_backup::backup_dir $backup_dir = $wmdeit_backup::backup_dir
$shellscript = "$backup_dir/backup-scp-$title.sh" $shellscript = "$backup_dir/backup-scp-$title.sh"
$tdir = "$backup_dir/$dir/daily.0" $tdir = "$backup_dir/$dir/daily.0"
exec {"pubkey": exec {"pubkey$title":
command => "/usr/bin/openssl rsa -in $backup_key_file -pubout -out $backup_pub_key_file", command => "/usr/bin/openssl rsa -in $backup_key_file -pubout -out $backup_pub_key_file",
} }
file {"$shellscript": file {"$shellscript":
require => Exec["pubkey"], require => Exec["pubkey$title"],
mode => "700", mode => "700",
ensure => file, ensure => file,
content => "#!/bin/sh content => "#!/bin/sh
@ -140,6 +140,7 @@ define wmdeit_backup::backup(
$retain_monthly = 0, $retain_monthly = 0,
$daily_hour = 3, $daily_hour = 3,
$daily_minute = 0, $daily_minute = 0,
$backupuser = 'root',
) { ) {
$bname = $title $bname = $title
@ -208,7 +209,7 @@ define wmdeit_backup::backup(
$bdirs = join ($dirs.map | String $dir| { $bdirs = join ($dirs.map | String $dir| {
"backup root@$server:$dir\t$local_dir\n" "backup $backupuser@$server:$dir\t$local_dir\n"
},"") },"")
file {"$backup_dir/$bname.conf": file {"$backup_dir/$bname.conf":
@ -235,3 +236,6 @@ $bdirs
" "
} }
} }

27
manifests/params.pp Normal file
View File

@ -0,0 +1,27 @@
#
# params.pp
#
class wmdeit_backup::params {
case $::osfamily {
'FreeBSD':{
$borg_packages = [
"py37-borgbackup",
"fusefs-sshfs",
]
$sshfs_cmd = '/usr/local/bin/sshfs'
$borg_cmd = "/usr/local/bin/borg"
}
default: {
}}
$borg_repos = "/tank/backups"
$borg_scripts = "/root/borg"
$borg_mnt = "/mnt"
}

18
manifests/setup.pp Normal file
View File

@ -0,0 +1,18 @@
class wmdeit_backup::setup
{
case $::osfamily {
'FreeBSD':{
exec {"/sbin/kldload fusefs":
unless => "/sbin/kldstat -n fusefs"
}
}
default: {
}}
}