Add backup role

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-03-16 20:40:27 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-03-19 16:19:17 +0100
commit: d87a489f9585d10f0a185beb59ae16a10f27a7bd (patch)
tree: 58ff0ffad8cbe0230eff1791360bc7cc45501c34 /modules/role/templates/backup
parent: cfa8eb925ff0115d5d4b2298f7d9a054b869fa75 (diff)
download: Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.tar.gz
Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.tar.zst
Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.zip
8 files changed, 165 insertions, 0 deletions
diff --git a/modules/role/templates/backup/backup_dirname_head.sh.erb b/modules/role/templates/backup/backup_dirname_head.sh.erb
new file mode 100644
index 0000000..e20cfd3
--- /dev/null
+++ b/modules/role/templates/backup/backup_dirname_head.sh.erb
@@ -0,0 +1,27 @@
+##### <%= @dirname %> #####
+DEST="<%= @dest %>"
+BASE="<%= @base %>"
+OLD_BAK_BASE=$BASE/older/j
+BAK_BASE=${OLD_BAK_BASE}0
+RSYNC_OUTPUT=$BASE/rsync_output
+NBR=<%= @nbr %>
+if ! ssh \
+    -o PreferredAuthentications=publickey \
+    -o StrictHostKeyChecking=yes \
+    -o ClearAllForwardings=yes \
+    $DEST backup; then
+  echo "Fichier de verrouillage backup sur $DEST ou impossible de se connecter" >&2
+  skip=$DEST
+fi
+rm -rf ${OLD_BAK_BASE}${NBR}
+for j in `seq -w $(($NBR-1)) -1 0`; do
+  [ ! -d ${OLD_BAK_BASE}$j ] && continue
+  mv ${OLD_BAK_BASE}$j ${OLD_BAK_BASE}$(($j+1))
+done
+mkdir $BAK_BASE
+mv $RSYNC_OUTPUT $BAK_BASE
+mkdir $RSYNC_OUTPUT
+if [ "$skip" != "$DEST" ]; then
diff --git a/modules/role/templates/backup/backup_dirname_part.sh.erb b/modules/role/templates/backup/backup_dirname_part.sh.erb
new file mode 100644
index 0000000..ec662c4
--- /dev/null
+++ b/modules/role/templates/backup/backup_dirname_part.sh.erb
@@ -0,0 +1,26 @@
+### <%= @dirname %> <%= @local_folder %> ###
+LOCAL="<%= @local_folder %>"
+REMOTE="<%= @remote_folder %>"
+cd $BASE/$LOCAL
+cat > $EXCL_FROM <<EOF
+<%= @exclude_from.join("\n") %>
+EOF
+cat > $FILES_FROM <<EOF
+<%= @files_from.join("\n") %>
+EOF
+OUT=$RSYNC_OUTPUT/$LOCAL
+rsync -XAavbrz --fake-super -e ssh --numeric-ids --delete \
+  --backup-dir=$BAK_BASE/$LOCAL \
+<%- unless @args.empty? -%>
+  <%= @args %>\
+<% end -%>
+<%- unless @exclude_from.empty? -%>
+  --exclude-from=$EXCL_FROM \
+<% end -%>
+<%- unless @files_from.empty? -%>
+  --files-from=$FILES_FROM \
+<% end -%>
+  $DEST:$REMOTE . > $OUT || true
+### End <%= @dirname %> <%= @local_folder %> ###
diff --git a/modules/role/templates/backup/backup_dirname_tail.sh.erb b/modules/role/templates/backup/backup_dirname_tail.sh.erb
new file mode 100644
index 0000000..6b16c9d
--- /dev/null
+++ b/modules/role/templates/backup/backup_dirname_tail.sh.erb
@@ -0,0 +1,4 @@
+  ssh $DEST sh -c "date > .last_backup"
+fi # [ "$skip" != "$DEST" ]
+##### End <%= @dirname %> #####
diff --git a/modules/role/templates/backup/backup_head.sh.erb b/modules/role/templates/backup/backup_head.sh.erb
new file mode 100644
index 0000000..be9f5bf
--- /dev/null
+++ b/modules/role/templates/backup/backup_head.sh.erb
@@ -0,0 +1,20 @@
+#!/bin/bash
+MAILTO="<%= @mailto %>"
+EXCL_FROM=`mktemp`
+FILES_FROM=`mktemp`
+TMP_STDERR=`mktemp`
+on_exit() {
+  if [ -s "$TMP_STDERR" ]; then
+    cat "$TMP_STDERR" | mail -Ssendwait -s "save_distant rsync error" "$MAILTO" 
+  fi
+  rm -f $TMP_STDERR $EXCL_FROM $FILES_FROM
+}
+trap "on_exit" EXIT
+exec 2> "$TMP_STDERR"
+exec < /dev/null
+set -e
diff --git a/modules/role/templates/backup/backup_immae_eu.sh.erb b/modules/role/templates/backup/backup_immae_eu.sh.erb
new file mode 100644
index 0000000..4fab30e
--- /dev/null
+++ b/modules/role/templates/backup/backup_immae_eu.sh.erb
@@ -0,0 +1,79 @@
+#!/bin/bash
+DEST="<%= @dest %>"
+MAILTO="<%= @mailto %>"
+BASE="<%= @base %>"
+OLD_BAK_BASE=$BASE/older/j
+BAK_BASE=${OLD_BAK_BASE}0
+RSYNC_OUTPUT=$BASE/rsync_output
+NBR=7
+TMP=`mktemp`
+TMP_STDERR=`mktemp`
+trap "rm -f $TMP $TMP_STDERR" EXIT
+exec 2> "$TMP_STDERR"
+set -e
+if ! `ssh -o ClearAllForwardings=yes $DEST backup`; then
+  echo "Fichier de verrouillage backup sur $DEST"
+  exit 1
+fi
+rm -rf ${OLD_BAK_BASE}${NBR}
+for j in `seq -w $(($NBR-1)) -1 0`; do
+  [ ! -d ${OLD_BAK_BASE}$j ] && continue
+  mv ${OLD_BAK_BASE}$j ${OLD_BAK_BASE}$(($j+1))
+done
+mkdir $BAK_BASE
+mv $RSYNC_OUTPUT $BAK_BASE
+mkdir $RSYNC_OUTPUT
+##############
+NAME="home"
+FOLDER="/home/immae"
+cd $BASE/$NAME
+cat > $TMP <<EOF
+/.no_backup/
+/hosts/florian/nobackup/
+/hosts/connexionswing.com/
+/hosts/connexionswing.immae.eu/
+/hosts/ludivine.immae.eu/
+/hosts/ludivinecassal.com/
+/hosts/piedsjaloux.fr/
+/hosts/piedsjaloux.immae.eu/
+/hosts/spip/sites/*/
+/hosts/spip/spip*
+EOF
+OUT=$RSYNC_OUTPUT/$NAME
+rsync -XAavbrz --fake-super -e ssh --numeric-ids --delete \
+  --backup-dir=$BAK_BASE/$NAME --exclude-from=$TMP \
+  $DEST:$FOLDER . > $OUT || true
+##############
+NAME="system"
+FOLDER="/"
+cd $BASE/$NAME
+cat > $TMP <<EOF
+/etc/
+/srv/
+/var/lib/
+/var/spool/
+/var/named/
+/usr/local/
+EOF
+OUT=$RSYNC_OUTPUT/$NAME
+rsync -XAavbrz -R --fake-super -e ssh --numeric-ids --delete \
+  --rsync-path='sudo rsync' \
+  --backup-dir=$BAK_BASE/$NAME \
+  --files-from=$TMP \
+  $DEST:$FOLDER . > $OUT || true
+##############
+ssh $DEST sh -c "date > .last_backup"
+if [ -s "$TMP_STDERR" ]; then
+  cat "$TMP_STDERR" | mail -Ssendwait -s "save_distant rsync error" "$MAILTO" 
+fi
diff --git a/modules/role/templates/backup/backup_tail.sh.erb b/modules/role/templates/backup/backup_tail.sh.erb
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/modules/role/templates/backup/backup_tail.sh.erb
diff --git a/modules/role/templates/backup/ssh_host_changed.info.erb b/modules/role/templates/backup/ssh_host_changed.info.erb
new file mode 100644
index 0000000..ebf202e
--- /dev/null
+++ b/modules/role/templates/backup/ssh_host_changed.info.erb
@@ -0,0 +1,4 @@
+Host <%= @host %> added, please send <%= @user %> key if necessary.
+<%- if File.exist?("/home/#{@user}/.ssh/id_rsa.pub") %>
+  <%= File.read("/home/#{@user}/.ssh/id_rsa.pub") %>
+<% end -%>
diff --git a/modules/role/templates/backup/ssh_key_changed.info.erb b/modules/role/templates/backup/ssh_key_changed.info.erb
new file mode 100644
index 0000000..43fd2ec
--- /dev/null
+++ b/modules/role/templates/backup/ssh_key_changed.info.erb
@@ -0,0 +1,5 @@
+ssh key of <%= @user %> changed,
+please update hosts:
+<%- @hosts.each do |host| %>
+  - <%= host %>
+<% end -%>
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-03-16 20:40:27 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-03-19 16:19:17 +0100
commit	d87a489f9585d10f0a185beb59ae16a10f27a7bd (patch)
tree	58ff0ffad8cbe0230eff1791360bc7cc45501c34 /modules/role/templates/backup
parent	cfa8eb925ff0115d5d4b2298f7d9a054b869fa75 (diff)
download	Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.tar.gz Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.tar.zst Puppet-d87a489f9585d10f0a185beb59ae16a10f27a7bd.zip

diff --git a/modules/role/templates/backup/backup_dirname_head.sh.erb b/modules/role/templates/backup/backup_dirname_head.sh.erb new file mode 100644 index 0000000..e20cfd3 --- /dev/null +++ b/modules/role/templates/backup/backup_dirname_head.sh.erb
@@ -0,0 +1,27 @@
	1	##### <%= @dirname %> #####
	2	DEST="<%= @dest %>"
	3	BASE="<%= @base %>"
	4	OLD_BAK_BASE=$BASE/older/j
	5	BAK_BASE=${OLD_BAK_BASE}0
	6	RSYNC_OUTPUT=$BASE/rsync_output
	7	NBR=<%= @nbr %>
	8
	9	if ! ssh \
	10	-o PreferredAuthentications=publickey \
	11	-o StrictHostKeyChecking=yes \
	12	-o ClearAllForwardings=yes \
	13	$DEST backup; then
	14	echo "Fichier de verrouillage backup sur $DEST ou impossible de se connecter" >&2
	15	skip=$DEST
	16	fi
	17
	18	rm -rf ${OLD_BAK_BASE}${NBR}
	19	for j in `seq -w $(($NBR-1)) -1 0`; do
	20	[ ! -d ${OLD_BAK_BASE}$j ] && continue
	21	mv ${OLD_BAK_BASE}$j ${OLD_BAK_BASE}$(($j+1))
	22	done
	23	mkdir $BAK_BASE
	24	mv $RSYNC_OUTPUT $BAK_BASE
	25	mkdir $RSYNC_OUTPUT
	26
	27	if [ "$skip" != "$DEST" ]; then


diff --git a/modules/role/templates/backup/backup_dirname_part.sh.erb b/modules/role/templates/backup/backup_dirname_part.sh.erb new file mode 100644 index 0000000..ec662c4 --- /dev/null +++ b/modules/role/templates/backup/backup_dirname_part.sh.erb
@@ -0,0 +1,26 @@
	1	### <%= @dirname %> <%= @local_folder %> ###
	2	LOCAL="<%= @local_folder %>"
	3	REMOTE="<%= @remote_folder %>"
	4
	5	cd $BASE/$LOCAL
	6	cat > $EXCL_FROM <<EOF
	7	<%= @exclude_from.join("\n") %>
	8	EOF
	9	cat > $FILES_FROM <<EOF
	10	<%= @files_from.join("\n") %>
	11	EOF
	12
	13	OUT=$RSYNC_OUTPUT/$LOCAL
	14	rsync -XAavbrz --fake-super -e ssh --numeric-ids --delete \
	15	--backup-dir=$BAK_BASE/$LOCAL \
	16	<%- unless @args.empty? -%>
	17	<%= @args %>\
	18	<% end -%>
	19	<%- unless @exclude_from.empty? -%>
	20	--exclude-from=$EXCL_FROM \
	21	<% end -%>
	22	<%- unless @files_from.empty? -%>
	23	--files-from=$FILES_FROM \
	24	<% end -%>
	25	$DEST:$REMOTE . > $OUT \|\| true
	26	### End <%= @dirname %> <%= @local_folder %> ###


diff --git a/modules/role/templates/backup/backup_dirname_tail.sh.erb b/modules/role/templates/backup/backup_dirname_tail.sh.erb new file mode 100644 index 0000000..6b16c9d --- /dev/null +++ b/modules/role/templates/backup/backup_dirname_tail.sh.erb
@@ -0,0 +1,4 @@
	1
	2	ssh $DEST sh -c "date > .last_backup"
	3	fi # [ "$skip" != "$DEST" ]
	4	##### End <%= @dirname %> #####


diff --git a/modules/role/templates/backup/backup_head.sh.erb b/modules/role/templates/backup/backup_head.sh.erb new file mode 100644 index 0000000..be9f5bf --- /dev/null +++ b/modules/role/templates/backup/backup_head.sh.erb
@@ -0,0 +1,20 @@
	1	#!/bin/bash
	2	MAILTO="<%= @mailto %>"
	3
	4	EXCL_FROM=`mktemp`
	5	FILES_FROM=`mktemp`
	6	TMP_STDERR=`mktemp`
	7
	8	on_exit() {
	9	if [ -s "$TMP_STDERR" ]; then
	10	cat "$TMP_STDERR" \| mail -Ssendwait -s "save_distant rsync error" "$MAILTO"
	11	fi
	12	rm -f $TMP_STDERR $EXCL_FROM $FILES_FROM
	13	}
	14
	15	trap "on_exit" EXIT
	16
	17	exec 2> "$TMP_STDERR"
	18	exec < /dev/null
	19
	20	set -e


diff --git a/modules/role/templates/backup/backup_immae_eu.sh.erb b/modules/role/templates/backup/backup_immae_eu.sh.erb new file mode 100644 index 0000000..4fab30e --- /dev/null +++ b/modules/role/templates/backup/backup_immae_eu.sh.erb
@@ -0,0 +1,79 @@
	1	#!/bin/bash
	2	DEST="<%= @dest %>"
	3	MAILTO="<%= @mailto %>"
	4	BASE="<%= @base %>"
	5	OLD_BAK_BASE=$BASE/older/j
	6	BAK_BASE=${OLD_BAK_BASE}0
	7	RSYNC_OUTPUT=$BASE/rsync_output
	8	NBR=7
	9
	10	TMP=`mktemp`
	11	TMP_STDERR=`mktemp`
	12
	13	trap "rm -f $TMP $TMP_STDERR" EXIT
	14
	15	exec 2> "$TMP_STDERR"
	16
	17	set -e
	18	if ! `ssh -o ClearAllForwardings=yes $DEST backup`; then
	19	echo "Fichier de verrouillage backup sur $DEST"
	20	exit 1
	21	fi
	22
	23	rm -rf ${OLD_BAK_BASE}${NBR}
	24	for j in `seq -w $(($NBR-1)) -1 0`; do
	25	[ ! -d ${OLD_BAK_BASE}$j ] && continue
	26	mv ${OLD_BAK_BASE}$j ${OLD_BAK_BASE}$(($j+1))
	27	done
	28	mkdir $BAK_BASE
	29	mv $RSYNC_OUTPUT $BAK_BASE
	30	mkdir $RSYNC_OUTPUT
	31
	32	##############
	33	NAME="home"
	34	FOLDER="/home/immae"
	35
	36	cd $BASE/$NAME
	37	cat > $TMP <<EOF
	38	/.no_backup/
	39	/hosts/florian/nobackup/
	40	/hosts/connexionswing.com/
	41	/hosts/connexionswing.immae.eu/
	42	/hosts/ludivine.immae.eu/
	43	/hosts/ludivinecassal.com/
	44	/hosts/piedsjaloux.fr/
	45	/hosts/piedsjaloux.immae.eu/
	46	/hosts/spip/sites/*/
	47	/hosts/spip/spip*
	48	EOF
	49	OUT=$RSYNC_OUTPUT/$NAME
	50	rsync -XAavbrz --fake-super -e ssh --numeric-ids --delete \
	51	--backup-dir=$BAK_BASE/$NAME --exclude-from=$TMP \
	52	$DEST:$FOLDER . > $OUT \|\| true
	53
	54	##############
	55	NAME="system"
	56	FOLDER="/"
	57
	58	cd $BASE/$NAME
	59	cat > $TMP <<EOF
	60	/etc/
	61	/srv/
	62	/var/lib/
	63	/var/spool/
	64	/var/named/
	65	/usr/local/
	66	EOF
	67	OUT=$RSYNC_OUTPUT/$NAME
	68	rsync -XAavbrz -R --fake-super -e ssh --numeric-ids --delete \
	69	--rsync-path='sudo rsync' \
	70	--backup-dir=$BAK_BASE/$NAME \
	71	--files-from=$TMP \
	72	$DEST:$FOLDER . > $OUT \|\| true
	73
	74	##############
	75	ssh $DEST sh -c "date > .last_backup"
	76
	77	if [ -s "$TMP_STDERR" ]; then
	78	cat "$TMP_STDERR" \| mail -Ssendwait -s "save_distant rsync error" "$MAILTO"
	79	fi


diff --git a/modules/role/templates/backup/backup_tail.sh.erb b/modules/role/templates/backup/backup_tail.sh.erb new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/modules/role/templates/backup/backup_tail.sh.erb


diff --git a/modules/role/templates/backup/ssh_host_changed.info.erb b/modules/role/templates/backup/ssh_host_changed.info.erb new file mode 100644 index 0000000..ebf202e --- /dev/null +++ b/modules/role/templates/backup/ssh_host_changed.info.erb
@@ -0,0 +1,4 @@
	1	Host <%= @host %> added, please send <%= @user %> key if necessary.
	2	<%- if File.exist?("/home/#{@user}/.ssh/id_rsa.pub") %>
	3	<%= File.read("/home/#{@user}/.ssh/id_rsa.pub") %>
	4	<% end -%>


diff --git a/modules/role/templates/backup/ssh_key_changed.info.erb b/modules/role/templates/backup/ssh_key_changed.info.erb new file mode 100644 index 0000000..43fd2ec --- /dev/null +++ b/modules/role/templates/backup/ssh_key_changed.info.erb
@@ -0,0 +1,5 @@
	1	ssh key of <%= @user %> changed,
	2	please update hosts:
	3	<%- @hosts.each do \|host\| %>
	4	- <%= host %>
	5	<% end -%>