63 lines
1.5 KiB
Python
63 lines
1.5 KiB
Python
repo.libs.tools.require_bundle(node, 'zfs')
|
|
|
|
from os.path import join
|
|
from bundlewrap.metadata import metadata_to_json
|
|
|
|
dataset = node.metadata.get('backup-server/zfs-base')
|
|
|
|
files = {
|
|
'/etc/backup-server/config.json': {
|
|
'content': metadata_to_json({
|
|
'zfs-base': dataset,
|
|
}),
|
|
},
|
|
'/usr/local/bin/rotate-single-backup-client': {
|
|
'mode': '0755',
|
|
},
|
|
}
|
|
|
|
directories['/etc/backup-server/clients'] = {
|
|
'purge': True,
|
|
}
|
|
|
|
sudoers = {}
|
|
|
|
for nodename, config in node.metadata.get('backup-server/clients', {}).items():
|
|
with open(join(repo.path, 'data', 'backup', 'keys', f'{nodename}.pub'), 'r') as f:
|
|
pubkey = f.read().strip()
|
|
|
|
sudoers[config['user']] = nodename
|
|
|
|
users[config['user']] = {
|
|
'home': f'/srv/backups/{nodename}',
|
|
}
|
|
|
|
files[f'/etc/backup-server/clients/{nodename}'] = {
|
|
'content': metadata_to_json(config['retain']),
|
|
}
|
|
|
|
files[f'/srv/backups/{nodename}/.ssh/authorized_keys'] = {
|
|
'content': pubkey,
|
|
'owner': config['user'],
|
|
'mode': '0400',
|
|
'needs': {
|
|
f'zfs_dataset:{dataset}/{nodename}',
|
|
},
|
|
}
|
|
|
|
directories[f'/srv/backups/{nodename}/backups'] = {
|
|
'owner': config['user'],
|
|
'mode': '0700',
|
|
'needs': {
|
|
f'zfs_dataset:{dataset}/{nodename}',
|
|
},
|
|
}
|
|
|
|
files['/etc/sudoers.d/backup-server'] = {
|
|
'source': 'sudoers',
|
|
'content_type': 'mako',
|
|
'context': {
|
|
'clients': sudoers,
|
|
},
|
|
}
|