From 037fd19b0f1eebb0362e29f5e90effa4282d2739 Mon Sep 17 00:00:00 2001 From: Beth Parker Date: Mon, 21 Aug 2017 20:31:12 +0000 Subject: [PATCH] added backup state and handled known_hosts --- merge.sh | 0 pillars/roles/backup/init.sls | 2 +- pillars/roles/backup/none.sls | 0 pillars/roles/backup/radarr.sls | 3 + pillars/servers/env/server/archhost1.sls | 1 + .../servers/maintainer/server/archhost1.sls | 3 + pillars/servers/roles/server/archhost1.sls | 6 ++ states/roles/maintain/backup/backup.service | 10 +++ states/roles/maintain/backup/backup.sh | 8 +++ states/roles/maintain/backup/backup.timer | 10 +++ states/roles/maintain/backup/init.sls | 34 ++++++++++ .../maintain/gitlab/conf_files/production.rb | 0 states/roles/maintain/radarr/init.sls | 0 states/systems/core/backup/init.sls | 68 +++++++++++++++++++ states/systems/core/backup/ssh_config | 1 + states/systems/core/backup/ssh_configd | 4 ++ states/systems/core/mount/init.sls | 7 +- states/top.sls | 1 + 18 files changed, 154 insertions(+), 4 deletions(-) mode change 100755 => 100644 merge.sh mode change 100755 => 100644 pillars/roles/backup/none.sls create mode 100644 pillars/servers/env/server/archhost1.sls create mode 100644 pillars/servers/maintainer/server/archhost1.sls create mode 100644 pillars/servers/roles/server/archhost1.sls create mode 100644 states/roles/maintain/backup/backup.service create mode 100644 states/roles/maintain/backup/backup.sh create mode 100644 states/roles/maintain/backup/backup.timer create mode 100644 states/roles/maintain/backup/init.sls mode change 100755 => 100644 states/roles/maintain/gitlab/conf_files/production.rb mode change 100755 => 100644 states/roles/maintain/radarr/init.sls create mode 100644 states/systems/core/backup/init.sls create mode 100644 states/systems/core/backup/ssh_config create mode 100644 states/systems/core/backup/ssh_configd diff --git a/merge.sh b/merge.sh old mode 100755 new mode 100644 diff --git a/pillars/roles/backup/init.sls b/pillars/roles/backup/init.sls index d00a1ed..13c5f7d 100644 --- a/pillars/roles/backup/init.sls +++ b/pillars/roles/backup/init.sls @@ -3,7 +3,7 @@ include: - roles.backup.none {%- if grains['roles'] is defined -%} {%- if grains['roles'] is not none -%} - {%- if 'portal' in grains['roles'] -%} + {%- if 'backup' in grains['roles'] -%} {%- for state in states %} {%- if state.startswith("pillars.roles.backup.") -%} {%- set role = state.split('.')[3] %} diff --git a/pillars/roles/backup/none.sls b/pillars/roles/backup/none.sls old mode 100755 new mode 100644 diff --git a/pillars/roles/backup/radarr.sls b/pillars/roles/backup/radarr.sls index 9f9c6fb..2fbe4e0 100644 --- a/pillars/roles/backup/radarr.sls +++ b/pillars/roles/backup/radarr.sls @@ -1,6 +1,9 @@ backup: radarr: location: /var/lib/radarr + rsync_user: backups + key: backups_key + host: host.actcur.com user: radarr group: radarr fmode: 644 diff --git a/pillars/servers/env/server/archhost1.sls b/pillars/servers/env/server/archhost1.sls new file mode 100644 index 0000000..2fdef9a --- /dev/null +++ b/pillars/servers/env/server/archhost1.sls @@ -0,0 +1 @@ +env: prod diff --git a/pillars/servers/maintainer/server/archhost1.sls b/pillars/servers/maintainer/server/archhost1.sls new file mode 100644 index 0000000..c0b416d --- /dev/null +++ b/pillars/servers/maintainer/server/archhost1.sls @@ -0,0 +1,3 @@ +maintainer: + - masaufuku + diff --git a/pillars/servers/roles/server/archhost1.sls b/pillars/servers/roles/server/archhost1.sls new file mode 100644 index 0000000..6b696ea --- /dev/null +++ b/pillars/servers/roles/server/archhost1.sls @@ -0,0 +1,6 @@ +grains: + roles: + - server + - ssh + - saltminion + - backup diff --git a/states/roles/maintain/backup/backup.service b/states/roles/maintain/backup/backup.service new file mode 100644 index 0000000..b6f0141 --- /dev/null +++ b/states/roles/maintain/backup/backup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Runs backup.sh + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/bin/bash /root/scripts/backup.sh + +[Install] +WantedBy=multi-user.target diff --git a/states/roles/maintain/backup/backup.sh b/states/roles/maintain/backup/backup.sh new file mode 100644 index 0000000..a95fdfa --- /dev/null +++ b/states/roles/maintain/backup/backup.sh @@ -0,0 +1,8 @@ +{% for name in bnames %} +echo "Running {{ name }} backup `date`" > /root/scripts/backup.log +mkdir -p /mnt/butter/backups/configurations/{{ name }}/archive >> /root/scripts/backup.log; +tar -cvzf "/mnt/butter/backups/configurations/{{ name }}/archive/`date +%F`.tar.gz" "/mnt/butter/backups/configurations/{{ name }}/latest/" >> /root/scripts/backup.log; +echo "Removing {{ name }} backups older then 90 days" >> /root/scripts/backup.log +find "/mnt/butter/backups/configurations/{{ name }}/archive" -mtime +90 -exec rm {} \; >> /root/scripts/backup.log +echo "Finished {{ name }} backup" >> /root/scripts/backup.log +{% endfor %} diff --git a/states/roles/maintain/backup/backup.timer b/states/roles/maintain/backup/backup.timer new file mode 100644 index 0000000..2d28d12 --- /dev/null +++ b/states/roles/maintain/backup/backup.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Daily Timer + +[Timer] +OnCalendar=weekly +AccuracySec=2h +Unit=backup.service + +[Install] +WantedBy=multi-user.target diff --git a/states/roles/maintain/backup/init.sls b/states/roles/maintain/backup/init.sls new file mode 100644 index 0000000..29fff98 --- /dev/null +++ b/states/roles/maintain/backup/init.sls @@ -0,0 +1,34 @@ +"/root/scripts/backup.sh": + file.managed: + - source: salt://roles/maintain/backup/backup.sh + - user: root + - group: root + - mode: 644 + - makedirs: true + - template: jinja + - context: + bnames: {{ pillar['backup'] }} + +"/usr/lib/systemd/system/backup.service": + file.managed: + - source: salt://roles/maintain/backup/backup.service + - user: root + - group: root + - mode: 644 + +"/usr/lib/systemd/system/backup.timer": + file.managed: + - source: salt://roles/maintain/backup/backup.timer + - user: root + - group: root + - mode: 644 + +"backup.timer": + service.running: + - enable: true + +"backup-reload": + module.run: + - name: service.systemctl_reload + - onchanges: + - file: /usr/lib/systemd/system/* diff --git a/states/roles/maintain/gitlab/conf_files/production.rb b/states/roles/maintain/gitlab/conf_files/production.rb old mode 100755 new mode 100644 diff --git a/states/roles/maintain/radarr/init.sls b/states/roles/maintain/radarr/init.sls old mode 100755 new mode 100644 diff --git a/states/systems/core/backup/init.sls b/states/systems/core/backup/init.sls new file mode 100644 index 0000000..5da37b2 --- /dev/null +++ b/states/systems/core/backup/init.sls @@ -0,0 +1,68 @@ + +{%- if 'backup' in pillar['grains']['roles'] -%} +{%- else -%} + {##ensure that backup pillar exists##} + {%- if pillar['backup'] is defined -%} + {##restore directories from backup##} + {%- for name in pillar['backup'] %} + {%- if pillar['backup'][name]['location'] is defined %} + + {%- if pillar['backup'][name]['key'] is defined %} +{{ name }}_key: + file.managed: + - name: /root/.ssh/{{ pillar['backup'][name]['key'] }} + - source: salt://systems/core/backup/keys/{{ pillar['backup'][name]['key'] }} + - user: root + - group: root + - mode: 600 + - makedirs: true +#this should be made generic and/or added to all machines +backup_host.actcur.com: + ssh_known_hosts.present: + - name: host.actcur.com + - hash_known_hosts: False + - user: root + - enc: ecdsa-sha2-nistp256 + - key: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCnvAIi9HiYDsQCHPWPQrgdLTANveZ3K9v1+0iJDA2yEo67EfkFl7O9Go/pVkOoSjV+eWKQ9A7Az7aMY1tc9ur0=" +#need to add host entry in .ssh/config.d +{{ name }}_config: + file.managed: + - name: /root/.ssh/config + - source: salt://systems/core/backup/ssh_config + - user: root + - group: root + - mode: 600 + - makedirs: true +{{ name }}_configd: + file.managed: + - name: /root/.ssh/config.d/{{ name }} + - source: salt://systems/core/backup/ssh_configd + - user: root + - group: root + - mode: 600 + - makedirs: true + - template: jinja + - context: + cname: {{ name }} + chost: {{ pillar['backup'][name]['host'] }} + ckey: /root/.ssh/{{ pillar['backup'][name]['key'] }} + cuser: {{ pillar['backup'][name]['rsync_user'] }} + {% endif %} + #handle backing up w/ rsync +rsync_{{ name }}: + pkg.installed: + - name: rsync +backup_dir_{{ name }}: + cmd.run: + - name: "ssh {{ name }} 'mkdir -p /mnt/butter/backups/configurations/{{ name }}/latest'" +backup_{{ name }}: + rsync.synchronized: + - name: {{ name }}:/mnt/butter/backups/configurations/{{ name }}/latest + - source: {{ pillar['backup'][name]['location'] }}/ + - prepare: true + - delete: true + - force: true + {%- endif -%} + {%- endfor %} + {%- endif %} +{%- endif %} diff --git a/states/systems/core/backup/ssh_config b/states/systems/core/backup/ssh_config new file mode 100644 index 0000000..53eda29 --- /dev/null +++ b/states/systems/core/backup/ssh_config @@ -0,0 +1 @@ +Include config.d/* diff --git a/states/systems/core/backup/ssh_configd b/states/systems/core/backup/ssh_configd new file mode 100644 index 0000000..9fc46ad --- /dev/null +++ b/states/systems/core/backup/ssh_configd @@ -0,0 +1,4 @@ +Host {{ cname }} + Hostname {{ chost }} + IdentityFile {{ ckey }} + User {{ cuser }} diff --git a/states/systems/core/mount/init.sls b/states/systems/core/mount/init.sls index 97f0883..d54378c 100644 --- a/states/systems/core/mount/init.sls +++ b/states/systems/core/mount/init.sls @@ -26,9 +26,10 @@ fuse-module: kmod.present: - name: fuse - persist: true -host.actcur.com: - ssh_known_hosts: - - present +mount_host.actcur.com: + ssh_known_hosts.present: + - name: host.actcur.com + - hash_known_hosts: False - user: root - enc: ecdsa-sha2-nistp256 - key: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCnvAIi9HiYDsQCHPWPQrgdLTANveZ3K9v1+0iJDA2yEo67EfkFl7O9Go/pVkOoSjV+eWKQ9A7Az7aMY1tc9ur0=" diff --git a/states/top.sls b/states/top.sls index 915bc0d..640419c 100644 --- a/states/top.sls +++ b/states/top.sls @@ -17,6 +17,7 @@ - systems.core.firewalld - systems.core.mount - systems.core.git + - systems.core.backup {%- if grains['roles'] is defined -%} {%- if grains['roles'] is not none -%} {%- for role in grains['roles'] %}