1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
class partofme::backups {
syncthing::user { $::default_user:
}
$encrypt_passphrase = secret::value('duplicati')
duplicati::backup { "partofme":
content => template('partofme/duplicati-partofme.json');
}
$cloud_encrypt_passphrase = secret::value('duplicati-cloud')
$cloud_url = secret::value('duplicati-cloud-url')
duplicati::backup { "partofme-cloud":
content => template('partofme/duplicati-partofme-cloud.json');
}
file { '/usr/local/bin/sftp-only':
content => 'exec false',
mode => '0755';
}
user { 'duplicati':
home => '/media/persistent/duplicati',
password => secret::value('passwd/duplicati'),
shell => '/usr/local/bin/sftp-only',
require => [
Package::Makepkg['duplicati-latest'],
File['/usr/local/bin/sftp-only'],
];
}
sshd::configsection { 'duplicati':
source => 'puppet:///modules/partofme/sshd_config.duplicati';
}
exec { 'allow sftp logins for duplicati':
provider => 'shell',
command => 'echo /usr/local/bin/sftp-only >> /etc/shells',
unless => 'grep -qF /usr/local/bin/sftp-only /etc/shells',
require => File['/usr/local/bin/sftp-only'];
}
#############################
include borg
file {
"/media/persistent/borg/.ssh/authorized_keys":
source => 'puppet:///modules/partofme/borg_authorized_keys',
owner => 'borg',
group => 'borg',
mode => '0600',
require => Class['borg'];
}
class { 'borgmatic':
host => 'localhost';
}
package { 'rclone':
ensure => installed;
}
$b2_account = secret::value('b2-account')
$b2_key = secret::value('b2-key')
file { '/etc/rclone.conf':
content => template('partofme/rclone.conf');
}
cron::job { 'rclone':
frequency => "daily",
source => 'puppet:///modules/partofme/rclone-cron',
require => [
Package['rclone'],
File['/etc/rclone.conf'],
];
}
}
|