Commit 79c64c88 authored by Jerome Charaoui's avatar Jerome Charaoui

lint worst offenders

parent ab02d473
......@@ -15,20 +15,50 @@
# options should be given as arrays if you want to specify multiple
# directories.
#
define backupninja::rdiff(
$order = 90, $ensure = present,
$user = false, $home = "/home/${user}-${name}", $host = false,
$type = 'local',
$exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash",
"/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule",
"/home/*/gtk-gnutella-downloads" ],
$include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root",
"/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ],
$vsinclude = false, $keep = 30, $sshoptions = false, $options = '--force', $ssh_dir_manage = true,
$ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys', $installuser = true, $keymanage = $backupninja::keymanage, $key = false,
$backuptag = "backupninja-${::fqdn}", $backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore,
$extras = false, $nagios_description = "backups-${name}")
{
define backupninja::rdiff( $order = 90,
$ensure = present,
# [general]
$options = '--force',
$extras = false,
# [source]
$include = [ "/var/spool/cron/crontabs",
"/var/backups",
"/etc",
"/root",
"/home",
"/usr/local/*bin",
"/var/lib/dpkg/status*"
],
$exclude = [ "/home/*/.gnupg",
"/home/*/.local/share/Trash",
"/home/*/.Trash",
"/home/*/.thumbnails",
"/home/*/.beagle",
"/home/*/.aMule",
"/home/*/gtk-gnutella-downloads"
],
$vsinclude = false,
# [dest]
$type = 'local',
$host = false,
$user = false,
$home = "/home/${user}-${name}",
$keep = 30,
$sshoptions = false,
# ssh keypair config
$key = false,
$keymanage = $backupninja::keymanage,
$backupkeystore = $backupninja::keystore,
$backupkeytype = $backupninja::keytype,
$ssh_dir_manage = true,
$ssh_dir = "${home}/.ssh",
$authorized_keys_file = 'authorized_keys',
# sandbox config
$installuser = true,
$backuptag = "backupninja-${::fqdn}",
# monitoring
$nagios_description = "backups-${name}" ) {
# install client dependencies
ensure_resource('package', 'rdiff-backup', {'ensure' => $backupninja::ensure_rdiffbackup_version})
......@@ -38,32 +68,37 @@ define backupninja::rdiff(
'remote': {
case $host { false: { err("need to define a host for remote backups!") } }
backupninja::server::sandbox
{
"${user}-${name}": user => $user, host => $host, dir => $home,
manage_ssh_dir => $ssh_dir_manage, ssh_dir => $ssh_dir, key => $key,
authorized_keys_file => $authorized_keys_file, installuser => $installuser,
backuptag => $backuptag, keytype => $backupkeytype, backupkeys => $backupkeystore,
nagios_description => $nagios_description
backupninja::server::sandbox { "${user}-${name}":
user => $user,
host => $host,
dir => $home,
manage_ssh_dir => $ssh_dir_manage,
ssh_dir => $ssh_dir,
key => $key,
authorized_keys_file => $authorized_keys_file,
installuser => $installuser,
backuptag => $backuptag,
backupkeys => $backupkeystore,
keytype => $backupkeytype,
nagios_description => $nagios_description
}
backupninja::key
{
"${user}-${name}": user => $user,
backupninja::key { "${user}-${name}":
user => $user,
keymanage => $keymanage,
keytype => $backupkeytype,
keystore => $backupkeystore,
keytype => $backupkeytype,
keystore => $backupkeystore,
}
}
}
file { "${backupninja::configdir}/${order}_${name}.rdiff":
ensure => $ensure,
ensure => $ensure,
content => template('backupninja/rdiff.conf.erb'),
owner => root,
group => root,
mode => 0600,
owner => root,
group => root,
mode => 0600,
require => File["${backupninja::configdir}"]
}
}
......
# Run rsync as part of a backupninja run.
# Based on backupninja::rdiff
define backupninja::rsync(
$order = 90, $ensure = present,
$user = false, $home = "/home/${user}-${name}", $host = false,
$ssh_dir_manage = true, $ssh_dir = "${home}/.ssh", $authorized_keys_file = 'authorized_keys',
$installuser = true, $keymanage = $backupninja::keymanage, $key = false, $backuptag = "backupninja-${::fqdn}",
$backupkeytype = $backupninja::keytype, $backupkeystore = $backupninja::keystore, $extras = false,
$nagios_description = "backups-${name}", $subfolder = 'rsync',
define backupninja::rsync( $order = 90,
$ensure = present,
# [general]
$log = false,
$partition = false,
$fscheck = false,
$read_only = false,
$mountpoint = false,
$format = false,
$days = false,
$keepdaily = false,
$keepweekly = false,
$keepmonthly = false,
$lockfile = false,
$nicelevel = 0,
$tmp = false,
$multiconnection = false,
$enable_mv_timestamp_bug = false,
# [source]
$include = [ "/var/spool/cron/crontabs",
"/var/backups",
"/etc",
"/root",
"/home",
"/usr/local/*bin",
"/var/lib/dpkg/status*"
],
$exclude = [ "/home/*/.gnupg",
"/home/*/.local/share/Trash",
"/home/*/.Trash",
"/home/*/.thumbnails",
"/home/*/.beagle",
"/home/*/.aMule",
"/home/*/gtk-gnutella-downloads"
],
# [dest]
$host = false,
$user = false,
$home = "/home/${user}-${name}",
$subfolder = 'rsync',
$testconnect = false,
$ssh = false,
$protocol = false,
$numericids = false,
$compress = false,
$port = false,
$bandwidthlimit = false,
$remote_rsync = false,
$batch = false,
$batchbase = false,
$fakesuper = false,
$id_file = false,
# [services]
$initscripts = false,
$service = false,
# [system]
$rm = false,
$cp = false,
$touch = false,
$mv = false,
$fsck = false,
# ssh keypair config
$key = false,
$keymanage = $backupninja::keymanage,
$backupkeystore = $backupninja::keystore,
$backupkeytype = $backupninja::keytype,
$ssh_dir_manage = true,
$ssh_dir = "${home}/.ssh",
$authorized_keys_file = 'authorized_keys',
# sandbox config
$installuser = true,
$backuptag = "backupninja-${::fqdn}",
# monitoring
$nagios_description = "backups-${name}" ) {
$log = false, $partition = false, $fscheck = false, $read_only = false,
$mountpoint = false, $backupdir = false, $format = false, $days = false,
$keepdaily = false, $keepweekly = false, $keepmonthly = false, $lockfile = false,
$nicelevel = 0, $enable_mv_timestamp_bug = false, $tmp = false, $multiconnection = false,
$exclude_vserver = false,
$exclude = [ "/home/*/.gnupg", "/home/*/.local/share/Trash", "/home/*/.Trash",
"/home/*/.thumbnails", "/home/*/.beagle", "/home/*/.aMule",
"/home/*/gtk-gnutella-downloads" ],
$include = [ "/var/spool/cron/crontabs", "/var/backups", "/etc", "/root",
"/home", "/usr/local/*bin", "/var/lib/dpkg/status*" ],
$testconnect = false, $protocol = false, $ssh = false, $port = false,
$bandwidthlimit = false, $remote_rsync = false, $id_file = false,
$batch = false, $batchbase = false, $numericids = false, $compress = false,
$fakesuper = false,
$initscripts = false, $service = false,
$rm = false, $cp = false, $touch = false, $mv = false, $fsck = false)
{
# install client dependencies
ensure_resource('package', 'rsync', {'ensure' => $backupninja::ensure_rsync_version})
......@@ -55,7 +101,7 @@ define backupninja::rsync(
backuptag => $backuptag,
keytype => $backupkeytype,
backupkeys => $backupkeystore,
nagios_description => $nagios_description
nagios_description => $nagios_description
}
backupninja::key { "${user}-${name}":
......
......@@ -54,11 +54,22 @@ class backupninja::server (
# this define allows nodes to declare a remote backup sandbox, that have to
# get created on the server
define sandbox(
$user = $name, $host = $::fqdn, $installuser = true, $dir, $manage_ssh_dir = true,
$ssh_dir = "${dir}/.ssh", $authorized_keys_file = 'authorized_keys', $key = false, $keytype = 'dss', $backupkeys = "${fileserver}/keys/backupkeys", $uid = false,
$gid = "backupninjas", $backuptag = "backupninja-${::fqdn}", $nagios_description = 'backups')
{
define sandbox (
$user = $name,
$host = $::fqdn,
$installuser = true,
$dir,
$manage_ssh_dir = true,
$ssh_dir = "${dir}/.ssh",
$authorized_keys_file = 'authorized_keys',
$key = false,
$keytype = 'dss',
$backupkeys = "${fileserver}/keys/backupkeys",
$uid = false,
$gid = "backupninjas",
$backuptag = "backupninja-${::fqdn}",
$nagios_description = 'backups'
) {
if $backupninja::manage_nagios {
# configure a passive service check for backups
......@@ -80,61 +91,62 @@ class backupninja::server (
}
}
case $installuser {
true: {
if $manage_ssh_dir == true {
if !defined(File["$ssh_dir"]) {
@@file { "${ssh_dir}":
ensure => directory,
mode => 0700, owner => $user, group => 0,
require => [User[$user], File["$dir"]],
tag => "$backuptag",
}
if $installuser {
if $manage_ssh_dir {
if !defined(File["$ssh_dir"]) {
@@file { "${ssh_dir}":
ensure => directory,
mode => 0700, owner => $user, group => 0,
require => [User[$user], File["$dir"]],
tag => "$backuptag",
}
}
case $key {
false: {
if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
@@file { "${ssh_dir}/${authorized_keys_file}":
ensure => present,
mode => 0644, owner => 0, group => 0,
source => "${backupkeys}/${user}_id_${keytype}.pub",
require => File["${ssh_dir}"],
tag => "$backuptag",
}
}
}
default: {
if !defined(Ssh_autorized_key["$user"]) {
@@ssh_authorized_key{ "$user":
type => $keytype,
key => $key,
user => $user,
target => "${ssh_dir}/${authorized_keys_file}",
tag => "$backuptag",
require => User[$user],
}
}
}
}
if !defined(User["$user"]) {
@@user { "$user":
ensure => "present",
uid => $uid ? {
false => undef,
default => $uid
},
gid => "$gid",
comment => "$user backup sandbox",
home => "$dir",
managehome => true,
shell => "/bin/bash",
password => '*',
require => Group['backupninjas'],
tag => "$backuptag"
}
}
if $key {
# $key contais ssh public key
if !defined(Ssh_autorized_key["$user"]) {
@@ssh_authorized_key{ "$user":
type => $keytype,
key => $key,
user => $user,
target => "${ssh_dir}/${authorized_keys_file}",
tag => "$backuptag",
require => User[$user],
}
}
}
else {
# get ssh public key exists from server
if !defined(File["${ssh_dir}/${authorized_keys_file}"]) {
@@file { "${ssh_dir}/${authorized_keys_file}":
ensure => present,
mode => 0644, owner => 0, group => 0,
source => "${backupkeys}/${user}_id_${keytype}.pub",
require => File["${ssh_dir}"],
tag => "$backuptag",
}
}
}
if !defined(User["$user"]) {
@@user { "$user":
ensure => "present",
uid => $uid ? {
false => undef,
default => $uid
},
gid => "$gid",
comment => "$user backup sandbox",
home => "$dir",
managehome => true,
shell => "/bin/bash",
password => '*',
require => Group['backupninjas'],
tag => "$backuptag"
}
}
}
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment