profile_backup: Install and configure NCSA Service Backups for clients and backup serversprofile_backup::client: Configure backup clientprofile_backup::common: Configure common things for both backup clients and servers.profile_backup::server: Configure backup server
profile_backup::client::add_cmd_jobprofile_backup::client::add_job: Defined type to add a new service backup jobprofile_backup::server::allow_client: Enable backup client to access backup server
See: https://wiki.ncsa.illinois.edu/display/ICI/NCSA+Server+Backup
This class should never be included. Only one of the following should be included, depending on the role:
- backup client:
include profile_backup::client - backup server:
include profile_backup::server
include profile_backup::clientConfigure backup client
include profile_backup::clientThe following parameters are available in the profile_backup::client class:
enabledencryption_passphraseenv_varsjob_cron_schedulenetwork_interfaceprune_settingsserver_userserversssh_key_privssh_key_pubssh_key_typeverify_cron_schedulework_directory
Data type: Boolean
Abitilty to enable/disable backups
Data type: String
Encryption passphrase used by the client's backups
Data type: Hash
Optionally provide specific additional environment variables to be set/ exported in the borg_defaults.sh script. These are references in the borg_defaults.sh.erb template file. E.g. if the borgbackup and the other required Python packages have been installed in /opt/borg/ instead of the default system location, you might add this: profile_backup::client::env_vars: PYTHONPATH: "/opt/borg/lib64/python3.6/site-packages:/opt/borg/lib/python3.6/site-packages:$PYTHONPATH" BORG: "/opt/borg/bin/borg"
Data type: Hash
Cron settings for backup jobs
Data type: Optional[String]
Optional. The name of the network interface (e.g., eth0, ib0) that the client will use to SSH to the backup server. Use this to get the client to export an IP address that is different from the default IP address that facter determines.
Data type: Hash
Settings used for pruning client's backup data
Data type: String
User that client connects to backup server as
Data type: Array[String]
List of backup servers that client can backup to
Data type: String
The private ssh key itself; generally a very long string...
Data type: String
The public ssh key itself; generally a long string...
Data type: String
The encryption type used in the ssh key.
Data type: Hash
Cron settings for backup verification
Data type: String
Directory path where backup scripts and jobs are located
Configure common things for both backup clients and servers.
include profile_backup::commonThe following parameters are available in the profile_backup::common class:
Data type: Hash
Packages to install to support the backup service.
Data type: String
Path to pip config file
Data type: String
Optional proxy server for pip configuration
Configure backup server
include profile_backup::serverThe following parameters are available in the profile_backup::server class:
additional_sshd_match_paramsallow_client_requiresbackup_directoryclientsgidgroupnameuidusername
Data type: Hash
Hash of additional sshd match parameters.
Passed to sshd::allow_from defined type from profile_backup::server::allow_client.
Data type: Array[String]
Optional list of resources requirements (e.g. mounts) that should be present before
the allow_client type is ensured. Should be in the form that would
be specified as a require array, e.g.:
- "File[file1]"
- "Package[package1]"
Data type: String
Directory path where backups are stored for each client.
Data type: Hash
Some clients will need to be manually configured for access to the servers.
Backup clients that are using the same PuppetDB server as used by the backup servers should
not need to be added here as those are added via 'exported resources'.
This is a hash that contains all the parameters for profile_backup::server::allow_client:
profile_backup::server::clients:
client1:
hostname: "client1.local"
ip: "172.1.2.3"
ssh_key_pub: "AAAAB..." # PUBLIC KEY
ssh_key_type: "ssh-rsa" # ENCRYPTION TYPEData type: String
Group id of user that owns backup files.
Data type: String
Groupname that owns backup files.
Data type: String
User id of user that owns backup files.
Data type: String
Username that owns backup files and allowed access.
The profile_backup::client::add_cmd_job class.
The following parameters are available in the profile_backup::client::add_cmd_job defined type:
Data type: String
Data type: String
Data type: Optional[Array[String]]
Default value: undef
Data type: Optional[Array[String]]
Default value: undef
Add a service backup job to this backup client
profile_backup::client::add_job { 'jobname':
paths => [ '/directory1', '/tmp/directory2.tar', ],
prehook_commands => [ 'tar cf /tmp/directory2.tar /directory2', ],
posthook_commands => [ 'rm -f /tmp/directory2.tar', ],
}The following parameters are available in the profile_backup::client::add_job defined type:
Data type: Array[String]
List of directory paths for the job to backup. Can be a list of directories and/or specific files.
Data type: Optional[Array[String]]
Optional list of commands to run before backup job
Default value: undef
Data type: Optional[Array[String]]
Optional list of commands to run after the backup job
Default value: undef
Enable backup client to access backup server
profile_backup::server::allow_client { 'allow host hostname access to backup servers':
'hostname' => String,
'ip' => String,
'ssh_key_pub' => String,
'ssh_key_type' => String,
}The following parameters are available in the profile_backup::server::allow_client defined type:
Data type: String
fqdn hostname of backup client.
Data type: String
ip of backup client.
Data type: String
The public ssh key itself; generally a long string...
Data type: String
The encryption type used in the ssh key.