diff options
author | Jesse Luehrs <doy@tozt.net> | 2021-03-25 21:01:23 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2021-03-25 21:01:23 -0400 |
commit | 6c81e1b01e0850be93419b68d4c61529de519d2a (patch) | |
tree | 0dfdd5574b16cbb03dd819f8c3186572c86ab846 | |
parent | d8f2b5669bb53f4a60979601ddd966f8c5ae12af (diff) | |
download | puppet-tozt-6c81e1b01e0850be93419b68d4c61529de519d2a.tar.gz puppet-tozt-6c81e1b01e0850be93419b68d4c61529de519d2a.zip |
refactor
-rw-r--r-- | modules/borg/files/sshd_config (renamed from modules/partofme/files/sshd_config.borg) | 0 | ||||
-rw-r--r-- | modules/borg/manifests/init.pp | 32 | ||||
-rw-r--r-- | modules/borgmatic/manifests/init.pp | 41 | ||||
-rw-r--r-- | modules/borgmatic/templates/config.yaml (renamed from modules/partofme/templates/borgmatic_config.yaml) | 2 | ||||
-rw-r--r-- | modules/partofme/manifests/backups.pp | 70 |
5 files changed, 78 insertions, 67 deletions
diff --git a/modules/partofme/files/sshd_config.borg b/modules/borg/files/sshd_config index 76c199b..76c199b 100644 --- a/modules/partofme/files/sshd_config.borg +++ b/modules/borg/files/sshd_config diff --git a/modules/borg/manifests/init.pp b/modules/borg/manifests/init.pp new file mode 100644 index 0000000..2f43f83 --- /dev/null +++ b/modules/borg/manifests/init.pp @@ -0,0 +1,32 @@ +class borg($home = '/media/persistent/borg') { + package { 'borg': + ensure => installed; + } + + group { 'borg': + ensure => present; + } + + user { 'borg': + ensure => present, + gid => 'borg', + home => $home; + } + + file { + "/media/persistent/borg/": + ensure => directory, + owner => 'borg', + group => 'borg', + require => User['borg']; + "/media/persistent/borg/.ssh": + ensure => directory, + owner => 'borg', + group => 'borg', + require => User['borg']; + } + + sshd::configsection { 'borg': + source => 'puppet:///modules/borg/sshd_config'; + } +} diff --git a/modules/borgmatic/manifests/init.pp b/modules/borgmatic/manifests/init.pp new file mode 100644 index 0000000..9ea1181 --- /dev/null +++ b/modules/borgmatic/manifests/init.pp @@ -0,0 +1,41 @@ +class borgmatic($host = 'partofme.algo') { + package { 'borgmatic': + ensure => installed; + } + + $current_hostname = "${facts['networking']['hostname']}" + $borgmatic_passphrase = secret::value('borgmatic_passphrase') + file { + "/etc/borgmatic": + ensure => directory; + "/etc/borgmatic/config.yaml": + content => template('borgmatic/config.yaml'), + require => File["/etc/borgmatic"]; + } + + secret { "/etc/borgmatic/borg_ssh_key": + source => 'borg_ssh_key', + require => File["/etc/borgmatic"]; + } + + exec { '/usr/bin/borgmatic init --encryption repokey': + environment => [ + "BORG_PASSPHRASE=${borgmatic_passphrase}", + ], + unless => '/usr/bin/borgmatic info > /dev/null', + require => [ + Package['borgmatic'], + File['/etc/borgmatic/config.yaml'], + ] + } + + service { 'borgmatic.timer': + ensure => running, + enable => true, + require => [ + Package['borgmatic'], + File['/etc/borgmatic/config.yaml'], + Exec['/usr/bin/borgmatic init --encryption repokey'], + ]; + } +} diff --git a/modules/partofme/templates/borgmatic_config.yaml b/modules/borgmatic/templates/config.yaml index 895cfe8..60a1e42 100644 --- a/modules/partofme/templates/borgmatic_config.yaml +++ b/modules/borgmatic/templates/config.yaml @@ -4,7 +4,7 @@ location: - /etc - /usr/local/bin repositories: - - borg@localhost:partofme + - borg@<%= @borgmatic_host %>:<%= current_hostname %> atime: false exclude_patterns: - /home/*/.cache diff --git a/modules/partofme/manifests/backups.pp b/modules/partofme/manifests/backups.pp index 74662cd..45f9976 100644 --- a/modules/partofme/manifests/backups.pp +++ b/modules/partofme/manifests/backups.pp @@ -41,79 +41,17 @@ class partofme::backups { ############################# - package { 'borg': - ensure => installed; - } - - group { 'borg': - ensure => present; - } - - user { 'borg': - ensure => present, - gid => 'borg', - home => '/media/persistent/borg'; - } - + include borg file { - "/media/persistent/borg/": - ensure => directory, - owner => 'borg', - group => 'borg', - require => User['borg']; - "/media/persistent/borg/.ssh": - ensure => directory, - owner => 'borg', - group => 'borg', - require => User['borg']; "/media/persistent/borg/.ssh/authorized_keys": source => 'puppet:///modules/partofme/borg_authorized_keys', owner => 'borg', group => 'borg', mode => '0600', - require => File["/media/persistent/borg/.ssh"]; - } - - sshd::configsection { 'borg': - source => 'puppet:///modules/partofme/sshd_config.borg'; + require => Class['borg']; } - package { 'borgmatic': - ensure => installed; - } - - $borgmatic_passphrase = secret::value('borgmatic_passphrase') - file { - "/etc/borgmatic": - ensure => directory; - "/etc/borgmatic/config.yaml": - content => template('partofme/borgmatic_config.yaml'), - require => File["/etc/borgmatic"]; - } - - secret { "/etc/borgmatic/borg_ssh_key": - source => 'borg_ssh_key', - require => File["/etc/borgmatic"]; - } - - exec { '/usr/bin/borgmatic init --encryption repokey': - environment => [ - "BORG_PASSPHRASE=${borgmatic_passphrase}", - ], - unless => '/usr/bin/borgmatic info > /dev/null', - require => [ - Package['borgmatic'], - File['/etc/borgmatic/config.yaml'], - ] - } - - service { 'borgmatic.timer': - ensure => running, - enable => true, - require => [ - Package['borgmatic'], - File['/etc/borgmatic/config.yaml'], - Exec['/usr/bin/borgmatic init --encryption repokey'], - ]; + class { 'borgmatic': + host => 'localhost'; } } |