added backup state and handled known_hosts

2017-08-21 20:31:12 +00:00 · 2017-08-21 20:31:12 +00:00 · 037fd19b0f
commit 037fd19b0f
parent aa106b5d52
18 changed files with 154 additions and 4 deletions
--- a/merge.sh
+++ b/merge.sh
--- a/pillars/roles/backup/init.sls
+++ b/pillars/roles/backup/init.sls
@ -3,7 +3,7 @@ include:
  - roles.backup.none
 {%- if grains['roles'] is defined -%}
  {%- if grains['roles'] is not none -%}
-    {%- if 'portal' in grains['roles'] -%}
+    {%- if 'backup' in grains['roles'] -%}
      {%- for state in states %}
        {%- if state.startswith("pillars.roles.backup.") -%}
          {%- set role = state.split('.')[3] %}
--- a/pillars/roles/backup/none.sls
+++ b/pillars/roles/backup/none.sls
--- a/pillars/roles/backup/radarr.sls
+++ b/pillars/roles/backup/radarr.sls
@ -1,6 +1,9 @@
 backup:
  radarr:
    location: /var/lib/radarr
    rsync_user: backups
    key: backups_key
    host: host.actcur.com
    user: radarr
    group: radarr
    fmode: 644
--- a/pillars/servers/env/server/archhost1.sls
+++ b/pillars/servers/env/server/archhost1.sls
@ -0,0 +1 @@
 env: prod
--- a/pillars/servers/maintainer/server/archhost1.sls
+++ b/pillars/servers/maintainer/server/archhost1.sls
@ -0,0 +1,3 @@
 maintainer:
  - masaufuku
--- a/pillars/servers/roles/server/archhost1.sls
+++ b/pillars/servers/roles/server/archhost1.sls
@ -0,0 +1,6 @@
 grains:
  roles:
    - server
    - ssh
    - saltminion
    - backup
--- a/states/roles/maintain/backup/backup.service
+++ b/states/roles/maintain/backup/backup.service
@ -0,0 +1,10 @@
 [Unit]
 Description=Runs backup.sh
 [Service]
 Type=oneshot
 RemainAfterExit=no
 ExecStart=/bin/bash /root/scripts/backup.sh
 [Install]
 WantedBy=multi-user.target
--- a/states/roles/maintain/backup/backup.sh
+++ b/states/roles/maintain/backup/backup.sh
@ -0,0 +1,8 @@
 {% for name in bnames %}
 echo "Running {{ name }} backup `date`" > /root/scripts/backup.log
 mkdir -p /mnt/butter/backups/configurations/{{ name }}/archive >> /root/scripts/backup.log;
 tar -cvzf "/mnt/butter/backups/configurations/{{ name }}/archive/`date +%F`.tar.gz" "/mnt/butter/backups/configurations/{{ name }}/latest/" >> /root/scripts/backup.log;
 echo "Removing {{ name }} backups older then 90 days" >> /root/scripts/backup.log
 find "/mnt/butter/backups/configurations/{{ name }}/archive" -mtime +90 -exec rm {} \; >> /root/scripts/backup.log
 echo "Finished {{ name }} backup" >> /root/scripts/backup.log
 {% endfor %}
--- a/states/roles/maintain/backup/backup.timer
+++ b/states/roles/maintain/backup/backup.timer
@ -0,0 +1,10 @@
 [Unit]
 Description=Daily Timer
 [Timer]
 OnCalendar=weekly
 AccuracySec=2h
 Unit=backup.service
 [Install]
 WantedBy=multi-user.target
--- a/states/roles/maintain/backup/init.sls
+++ b/states/roles/maintain/backup/init.sls
@ -0,0 +1,34 @@
 "/root/scripts/backup.sh":
  file.managed:
    - source: salt://roles/maintain/backup/backup.sh
    - user: root
    - group: root
    - mode: 644
    - makedirs: true
    - template: jinja
    - context:
      bnames: {{ pillar['backup'] }}
 "/usr/lib/systemd/system/backup.service":
  file.managed:
    - source: salt://roles/maintain/backup/backup.service
    - user: root
    - group: root
    - mode: 644
 "/usr/lib/systemd/system/backup.timer":
  file.managed:
    - source: salt://roles/maintain/backup/backup.timer
    - user: root
    - group: root
    - mode: 644
 "backup.timer":
  service.running:
    - enable: true
 "backup-reload":
  module.run:
    - name: service.systemctl_reload
    - onchanges:
      - file: /usr/lib/systemd/system/*
--- a/states/roles/maintain/gitlab/conf_files/production.rb
+++ b/states/roles/maintain/gitlab/conf_files/production.rb
--- a/states/roles/maintain/radarr/init.sls
+++ b/states/roles/maintain/radarr/init.sls
--- a/states/systems/core/backup/init.sls
+++ b/states/systems/core/backup/init.sls
@ -0,0 +1,68 @@
 {%- if 'backup' in pillar['grains']['roles'] -%}
 {%- else -%}
  {##ensure that backup pillar exists##}
  {%- if pillar['backup'] is defined -%}
    {##restore directories from backup##}
    {%- for name in pillar['backup'] %}
      {%- if pillar['backup'][name]['location'] is defined %}
        {%- if pillar['backup'][name]['key'] is defined %}
 {{ name }}_key:
  file.managed:
    - name: /root/.ssh/{{ pillar['backup'][name]['key'] }}
    - source: salt://systems/core/backup/keys/{{ pillar['backup'][name]['key'] }}
    - user: root
    - group: root
    - mode: 600
    - makedirs: true
 #this should be made generic and/or added to all machines
 backup_host.actcur.com:
  ssh_known_hosts.present:
    - name: host.actcur.com
    - hash_known_hosts: False
    - user: root
    - enc: ecdsa-sha2-nistp256
    - key: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCnvAIi9HiYDsQCHPWPQrgdLTANveZ3K9v1+0iJDA2yEo67EfkFl7O9Go/pVkOoSjV+eWKQ9A7Az7aMY1tc9ur0="
 #need to add host entry in .ssh/config.d
 {{ name }}_config:
  file.managed:
    - name: /root/.ssh/config
    - source: salt://systems/core/backup/ssh_config
    - user: root
    - group: root
    - mode: 600
    - makedirs: true
 {{ name }}_configd:
  file.managed:
    - name: /root/.ssh/config.d/{{ name }}
    - source: salt://systems/core/backup/ssh_configd
    - user: root
    - group: root
    - mode: 600
    - makedirs: true
    - template: jinja
    - context:
      cname: {{ name }}
      chost: {{ pillar['backup'][name]['host'] }}
      ckey: /root/.ssh/{{ pillar['backup'][name]['key'] }}
      cuser: {{ pillar['backup'][name]['rsync_user'] }}
        {% endif %}
  #handle backing up w/ rsync
 rsync_{{ name }}:
  pkg.installed:
    - name: rsync
 backup_dir_{{ name }}:
  cmd.run:
    - name: "ssh {{ name }} 'mkdir -p /mnt/butter/backups/configurations/{{ name }}/latest'"
 backup_{{ name }}:
  rsync.synchronized:
    - name: {{ name }}:/mnt/butter/backups/configurations/{{ name }}/latest
    - source: {{ pillar['backup'][name]['location'] }}/
    - prepare: true
    - delete: true
    - force: true
      {%- endif -%}
    {%- endfor %}
  {%- endif %}
 {%- endif %}
--- a/states/systems/core/backup/ssh_config
+++ b/states/systems/core/backup/ssh_config
@ -0,0 +1 @@
 Include config.d/*
--- a/states/systems/core/backup/ssh_configd
+++ b/states/systems/core/backup/ssh_configd
@ -0,0 +1,4 @@
 Host {{ cname }}
  Hostname {{ chost }}
  IdentityFile {{ ckey }}
  User {{ cuser }}
--- a/states/systems/core/mount/init.sls
+++ b/states/systems/core/mount/init.sls
@ -26,9 +26,10 @@ fuse-module:
  kmod.present:
    - name: fuse
    - persist: true
-host.actcur.com:
+mount_host.actcur.com:
-  ssh_known_hosts:
+  ssh_known_hosts.present:
-    - present
+    - name: host.actcur.com
    - hash_known_hosts: False
    - user: root
    - enc: ecdsa-sha2-nistp256
    - key: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCnvAIi9HiYDsQCHPWPQrgdLTANveZ3K9v1+0iJDA2yEo67EfkFl7O9Go/pVkOoSjV+eWKQ9A7Az7aMY1tc9ur0="
--- a/states/top.sls
+++ b/states/top.sls
@ -17,6 +17,7 @@
    - systems.core.firewalld
    - systems.core.mount
    - systems.core.git
    - systems.core.backup
 {%- if grains['roles'] is defined -%}
  {%- if grains['roles'] is not none -%}
    {%- for role in grains['roles'] %}