Tree - heroes/salt - Pagure for openSUSE

heroes / salt

Source
Stats

Blame salt/profile/borgbackup/client.sls

Blob History Raw

Christian Boltz	9ccde7	`include:`
Christian Boltz	9ccde7	`- profile.borgbackup.packages`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# client-side user (non-privileged or root)`
Christian Boltz	9ccde7	`{% set client_user = 'cboltz' %} # TODO (use pillar - from pillar/id or pillar/role?)`
Christian Boltz	9ccde7	`{% set client_home = salt['user.info'](client_user).home %}`
Christian Boltz	9ccde7	`{% set backup_pass = 'topsecret' %} # TODO: create encrypted pillar borgbackup/{{ server_user }}.sls with backup_pass and ssh private key`
Christian Boltz	9ccde7	`{% set backup_server = pillar.get('profile:borgbackup:backupserver') %}`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# server-side`
Christian Boltz	9ccde7	`{% set server_user = 'cboltz' %} # TODO (use pillar)`
Christian Boltz	9ccde7	`{% set backupdir = '/backup/' + server_user + '/borgbackup' %}`
Christian Boltz	9ccde7
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# setup user and ssh stuff`
Christian Boltz	9ccde7	`borgbackup_user:`
Christian Boltz	9ccde7	`user.present:`
Christian Boltz	9ccde7	`- name: {{ client_user }}`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`{{ salt['user.info'](client_user).home }}/.ssh:`
Christian Boltz	9ccde7	`file.directory:`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7	`- mode: 700`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`{{ salt['user.info'](client_user).home }}/.ssh/borgbackup_key:`
Christian Boltz	9ccde7	`file.managed:`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7	`- mode: 600`
Christian Boltz	9ccde7	`- contents_pillar: profile.borgbackup.{{ server_user }}.privatekey`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`{{ salt['user.info'](client_user).home }}/.ssh/known_hosts:`
Christian Boltz	9ccde7	`file.append:`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7	`- mode: 600`
Christian Boltz	9ccde7	`- contents_pillar: profile.borgbackup.ssh_known_hosts`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# backup config file`
Christian Boltz	9ccde7	`{{ salt['user.info'](client_user).home }}/borg-env:`
Christian Boltz	9ccde7	`file.managed:`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7	`- mode: 600`
Christian Boltz	9ccde7	`- contents:`
Christian Boltz	9ccde7	`- export BORG_RSH="ssh -i {{ salt['user.info'](client_user).home }}/.ssh/borgbackup_key"`
Christian Boltz	9ccde7	`- export BORG_PASSPHRASE='{{ backup_pass }}'`
Christian Boltz	9ccde7	`- "export BORG_REPO='ssh://{{ client_user }}@{{ backup_server }}{{ backupdir }}'"`
Christian Boltz	9ccde7	`- export LOG='/var/log/borg/backup.log'`
Christian Boltz	9ccde7	`# TODO: make the directory to backup configurable`
Christian Boltz	9ccde7	`# TODO: make excludes configurable`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# initialize the backup`
Christian Boltz	9ccde7	`borgbackup_init:`
Christian Boltz	9ccde7	`cmd.run:`
Christian Boltz	9ccde7	`- env: {{ backup_pass }}`
Christian Boltz	9ccde7	`- name: borg init --encryption=repokey 'ssh://{{ client_user }}@{{backup_server}}{{ backupdir }}'`
Christian Boltz	9ccde7	`- runas: {{ client_user }}`
Christian Boltz	9ccde7	`- creates: {{ salt['user.info'](client_user).home }}/.cache/borg/CACHEDIR.TAG`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`{{ salt['user.info'](client_user).home }}/borg-backup-script:`
Christian Boltz	9ccde7	`file.managed:`
Christian Boltz	9ccde7	`- source: salt://profile/borgbackup/files/borg-backup-script`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7	`- mode: 600`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`/var/log/borg:`
Christian Boltz	9ccde7	`file.directory`
Christian Boltz	9ccde7	`- user: {{ client_user }}`
Christian Boltz	9ccde7
Christian Boltz	9ccde7	`# create cronjob`
Christian Boltz	9ccde7	`# TODO`

heroes / salt

Source Code

Blame salt/profile/borgbackup/client.sls