Franziska Kunsmann
14e4415e5f
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
71 lines
2.1 KiB
Python
71 lines
2.1 KiB
Python
from os.path import join
|
|
|
|
if node.has_bundle('zfs'):
|
|
wanted_paths = node.metadata.get('backups/paths', set())
|
|
snapshot_paths = node.metadata.get('zfs/filesystems_with_backup_snapshots', {})
|
|
backup_paths = set()
|
|
|
|
for path in wanted_paths:
|
|
path_found = False
|
|
for zfs_paths in snapshot_paths.values():
|
|
if path in zfs_paths:
|
|
backup_paths.add(f'/mnt/backup-snapshot{path}')
|
|
path_found = True
|
|
|
|
if not path_found:
|
|
backup_paths.add(path)
|
|
else:
|
|
backup_paths = node.metadata.get('backups/paths', set())
|
|
|
|
if node.metadata.get('backups/exclude_from_backups', False):
|
|
# make sure nobody tries to do something funny
|
|
for file in [
|
|
'/etc/backup.priv',
|
|
'/usr/local/bin/generate-backup',
|
|
'/usr/local/bin/generate-backup-with-retries',
|
|
'/var/tmp/backup.monitoring', # status file
|
|
]:
|
|
files[file] = {
|
|
'delete': True,
|
|
}
|
|
|
|
else:
|
|
backup_target = repo.get_node(node.metadata.get('backup-client/target'))
|
|
|
|
files['/etc/backup.priv'] = {
|
|
'content': repo.vault.decrypt_file(join('backup', 'keys', f'{node.name}.key.vault')),
|
|
'mode': '0400',
|
|
}
|
|
|
|
files['/usr/local/bin/generate-backup'] = {
|
|
'content_type': 'mako',
|
|
'context': {
|
|
'username': node.metadata['backup-client']['user-name'],
|
|
'server': backup_target.metadata.get('backup-server/my_hostname'),
|
|
'port': backup_target.metadata.get('backup-server/my_ssh_port'),
|
|
'paths': backup_paths,
|
|
},
|
|
'mode': '0700',
|
|
}
|
|
|
|
files['/usr/local/bin/generate-backup-with-retries'] = {
|
|
'mode': '0700',
|
|
}
|
|
|
|
files['/usr/local/share/icinga/plugins/check_backup_last_run'] = {
|
|
'mode': '0755',
|
|
}
|
|
|
|
files['/etc/logrotate.d/backup-client'] = {
|
|
'delete': True,
|
|
}
|
|
|
|
directories['/etc/backup-pre-hooks.d'] = {
|
|
'purge': True,
|
|
}
|
|
|
|
for hname, hcontent in node.metadata.get('backup-client/pre-hooks', {}).items():
|
|
files[f'/etc/backup-pre-hooks.d/50-{hname}'] = {
|
|
'content': '#!/bin/sh\n\n' + hcontent,
|
|
'mode': '0700',
|
|
}
|