bundles/backup-client: add backup-pre-hooks (fixes #24)

This commit is contained in:
Franzi 2021-02-07 20:47:22 +01:00
parent a8690b13b8
commit 0d1e987a6f
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 41 additions and 21 deletions

View file

@ -27,6 +27,12 @@ elif status[0] == 'rsync_error':
', '.join(status[1:]) ', '.join(status[1:])
)) ))
exit(2) exit(2)
elif status[0] == 'hook':
print('run-parts /etc/backup-pre-hook.d failed with exit code {}'.format(status[1]))
exit(2)
elif status[0] == 'abort_no_key':
print('no ssh key found in /etc/backup.priv!')
exit(1)
else: else:
# garbage in file # garbage in file
print(' '.join(status)) print(' '.join(status))

View file

@ -9,6 +9,14 @@ then
exit 1 exit 1
fi fi
run-parts --exit-on-error -- /etc/backup-pre-hooks.d
exitcode=$?
if [[ $exitcode != 0]]
then
echo "hook $exitcode" > "$statusfile"
exit 1
fi
rsync_errors="" rsync_errors=""
% for path in sorted(paths): % for path in sorted(paths):
rsync -zaAP --numeric-ids --delete --relative \ rsync -zaAP --numeric-ids --delete --relative \

View file

@ -1,10 +1,8 @@
from os.path import join from os.path import join
if node.metadata['backups'].get('exclude_from_backups', False): if node.metadata['backups'].get('exclude_from_backups', False):
files = { files['/etc/backup.priv'] = {
'/etc/backup.priv': { 'delete': True,
'delete': True,
},
} }
else: else:
if ':' in node.metadata['backup-client']['server']: if ':' in node.metadata['backup-client']['server']:
@ -13,23 +11,31 @@ else:
server = node.metadata['backup-client']['server'] server = node.metadata['backup-client']['server']
port = 22 port = 22
files = { files['/usr/local/bin/generate-backup'] = {
'/usr/local/bin/generate-backup': { 'content_type': 'mako',
'content_type': 'mako', 'context': {
'context': { 'username': node.metadata['backup-client']['user-name'],
'username': node.metadata['backup-client']['user-name'], 'server': server,
'server': server, 'port': port,
'port': port, 'paths': node.metadata.get('backups', {}).get('paths', {}),
'paths': node.metadata.get('backups', {}).get('paths', {}),
},
'mode': '0700',
},
'/usr/local/share/icinga/plugins/check_backup_last_run': {
'mode': '0755',
},
'/etc/backup.priv': {
'content': repo.vault.decrypt_file(join('backup', 'keys', f'{node.name}.key.vault')),
'mode': '0400',
}, },
'mode': '0700',
}
files['/etc/backup.priv'] = {
'content': repo.vault.decrypt_file(join('backup', 'keys', f'{node.name}.key.vault')),
'mode': '0400',
} }
files['/usr/local/share/icinga/plugins/check_backup_last_run'] = {
'mode': '0755',
}
directories['/etc/backup-pre-hooks.d'] = {
'purge': True,
}
for hname, hcontent in node.metadata['backup-client'].get('pre-hooks', {}).items():
files[f'/etc/backup-pre-hooks.d/{hname}'] = {
'content': hcontent,
'mode': '0700',
}