instance-pullrdiffbackup.cfg.in 6.87 KB
{% set part_list = [] -%}
{% set crontab_line_list = [] -%}
###############################
#
# Instanciate dcron
#
###############################

[directory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc
bin = $${buildout:directory}/bin
srv = $${buildout:directory}/srv
var = $${buildout:directory}/var
run = $${:var}/run
log = $${:var}/log
varnginx = $${:var}/nginx
# scripts = $${:etc}/run
services = $${:etc}/service
cron-entries = $${:etc}/cron.d
cron-lines = $${:etc}/cron.lines
crontabs = $${:etc}/crontabs
cronstamps = $${:etc}/cronstamps
backup = $${:srv}/backup
status = $${:srv}/status
statistic = $${:srv}/statistic
backupscript = $${:etc}/backup
www = $${:srv}/www
home = $${:etc}/home
ssl = $${:etc}/ssl
ssh = $${:home}/.ssh

#################################
# Cron service
#################################
[dcron-service]
recipe = slapos.recipe.template
url = ${template-dcron-service:output}
output = $${directory:services}/crond
mode = 0700
logfile = $${directory:log}/crond.log

#################################
# Slave backup scripts and crontab
#################################
# Go throught slave list to set their configuration
{% for slave_instance in slave_instance_list -%}
{%   set slave_reference = slave_instance.get('slave_reference') -%}
{%   set frequency = slave_instance.get('frequency', '') -%}
{%   set hostname = slave_instance.get('hostname', '') -%}
{%   set connection = slave_instance.get('connection', '') -%}
{%   set include = slave_instance.get('include', '') -%}
{%   set include_string = "' --include='".join(include.split(' ')) -%}
{%   set exclude = slave_instance.get('exclude', '') -%}
{%   set exclude_string = '' -%}
{%   set sudo = slave_instance.get('sudo', 'False') -%}
{%   set remote_schema = 'rdiff-backup --server --restrict-read-only / -- "$@"' -%}

{%   if (exclude != '') -%}
{%     set exclude_string = "' --exclude='".join(exclude.split(' ')) -%}
{%     set exclude_string = "--exclude='" + exclude_string + "'" -%}
{%   endif -%}

{%   if (sudo == 'True') -%}
{%     set remote_schema = 'sudo backupagent_rdiff-backup' -%}
{%   endif -%}

{%   if (frequency != '') and (hostname != '') and (connection != '') and (include != '') -%}

[{{ slave_reference }}-backup-directory]
recipe = slapos.cookbook:mkdirectory
directory = $${directory:backup}/$${:_buildout_section_name_}

[{{ slave_reference }}-backup-private_key]
recipe = plone.recipe.command
stop-on-error = false
command = ${dropbear-output:keygen} -t $${:type} -s 2048 -f $${:key} 
key = $${directory:ssh}/$${:_buildout_section_name_}
type = rsa

[{{ slave_reference }}-backup-public_key]
recipe = plone.recipe.command
stop-on-error = true
command = ${coreutils-output:rm} -f $${:key} && ${dropbear-output:keygen} -y -f {{ '$${' ~ slave_reference }}-backup-private_key:key} | ${grep-output:grep} {{ '$${' ~ slave_reference }}-backup-private_key:type} > $${:key}
key = {{ '$${' ~ slave_reference }}-backup-private_key:key}.pub
location = $${:key}
# Insert as a beginning part, to ensure that all public keys are generated before trying to publish. This will reduce the number of slapgrid-cp run.
{%   do part_list.insert(0, "%s-backup-public_key" % slave_reference) -%}

[{{ slave_reference }}-backup-read-public_key]
recipe = slapos.cookbook:readline
storage-path = {{ '$${' ~ slave_reference }}-backup-public_key:key}

# Publish slave {{ slave_reference }} information
[{{ slave_reference }}-backup-publish]
recipe = slapos.cookbook:publish
-slave-reference = {{ slave_reference }}
authorized_key = {{ '$${' ~ slave_reference }}-backup-read-public_key:readline}
rss = https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/{{ '$${' ~ slave_reference }}-backup-script:status_name}.rss
{%   do part_list.append("%s-backup-publish" % slave_reference) -%}

[{{ slave_reference }}-backup-script]
recipe = slapos.recipe.template
url = ${template-backup-script:output}
output = $${directory:backupscript}/$${:_buildout_section_name_}
mode = 0700
datadirectory = {{ '$${' ~ slave_reference }}-backup-directory:directory}
sshkey = {{ '$${' ~ slave_reference }}-backup-private_key:key}
connection = {{ connection }}
hostname = {{ hostname }}
include = {{ include_string }}
exclude_string = {{ exclude_string }}
remote_schema = {{ remote_schema }}
status_name = {{ slave_reference }}_status.txt
statistic_name = {{ slave_reference }}_statistic.txt
status_log = $${directory:status}/$${:status_name}
statistic_log = $${directory:statistic}/$${:statistic_name}

[{{ slave_reference }}-backup-crontab-line]
recipe = slapos.recipe.template
url = ${template-crontab-line:output}
output = $${directory:cron-lines}/$${:_buildout_section_name_}
mode = 0600
script = {{ '$${' ~ slave_reference }}-backup-script:output}
frequency = {{ frequency }}
{%   do crontab_line_list.append("$${%s-backup-crontab-line:output}" % slave_reference) -%}

{%   endif -%}
{% endfor -%}

#################################
# Generate crontab file
#################################
[update-rss-script]
recipe = slapos.recipe.template
url = ${template-update-rss-script:output}
output = $${directory:etc}/$${:_buildout_section_name_}
mode = 0700
global_rss = $${slap-connection:computer-id}-$${slap-connection:partition-id}.rss

[update-rss-crontab-line]
recipe = slapos.recipe.template
url = ${template-crontab-line:output}
output = $${directory:cron-lines}/$${:_buildout_section_name_}
mode = 0600
script = $${update-rss-script:output}
frequency = */5 * * * *
{% do crontab_line_list.append("$${update-rss-crontab-line:output}") -%}

[publish-global-rss]
recipe = slapos.cookbook:publish
rss = https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/$${update-rss-script:global_rss}

{% set crontab_line_list_string = " ".join(crontab_line_list) -%}
[activate-crontab-file]
# XXX File is never removed
recipe = plone.recipe.command
stop-on-error = true
command = ${coreutils-output:cat} ${template-crontab:output} {{ crontab_line_list_string }} | ${dcron-output:crontab} -c $${directory:crontabs} -

#################################
# Nginx service
#################################
[nginx-service]
recipe = slapos.recipe.template
url = ${template-nginx-service:output}
output = $${directory:services}/nginx
mode = 0700
virtual-depends = 
  $${nginx-configuration:ip}

[nginx-configuration]
recipe = slapos.recipe.template
url = ${template-nginx-configuration:output}
output = $${directory:etc}/nginx.cfg
mode = 0600
access_log = $${directory:log}/nginx-access.log
error_log = $${directory:log}/nginx-error.log
ip = $${slap-network-information:global-ipv6}
port = 9443
ssl_key = $${directory:ssl}/nginx.key
ssl_csr = $${directory:ssl}/nginx.csr
ssl_crt = $${directory:ssl}/nginx.crt

# Add parts generated by template
[buildout]
parts =
  dcron-service
  nginx-service
  activate-crontab-file
  publish-global-rss
{% for part in part_list -%}
{{ '    %s' % part }}
{% endfor -%}

eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true