from os.path import join if node.metadata['backups'].get('exclude_from_backups', False): files['/etc/backup.priv'] = { 'delete': True, } else: if ':' in node.metadata['backup-client']['server']: server, port = node.metadata['backup-client']['server'].split(':') else: server = node.metadata['backup-client']['server'] port = 22 files['/usr/local/bin/generate-backup'] = { 'content_type': 'mako', 'context': { 'username': node.metadata['backup-client']['user-name'], 'server': server, 'port': port, 'paths': node.metadata.get('backups', {}).get('paths', {}), }, 'mode': '0700', } files['/etc/backup.priv'] = { 'content': repo.vault.decrypt_file(join('backup', 'keys', f'{node.name}.key.vault')), 'mode': '0400', } files['/usr/local/share/icinga/plugins/check_backup_last_run'] = { 'mode': '0755', } directories['/etc/backup-pre-hooks.d'] = { 'purge': True, } for hname, hcontent in node.metadata['backup-client'].get('pre-hooks', {}).items(): files[f'/etc/backup-pre-hooks.d/{hname}'] = { 'content': '#!/bin/sh\n\n' + hcontent, 'mode': '0700', }