1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
node 'dixie.bcn.int.pdp7.net' {
class {'dns_dhcp':}
file {'/etc/dnsmasq.d/static.conf':
content => "host-record=router,router.bcn.int.pdp7.net,192.168.76.1
host-record=archerc7,archerc7.bcn.int.pdp7.net,192.168.76.6
host-record=dixie.bcn.int.pdp7.net,dixie,192.168.76.2
host-record=router4g.bcn.int.pdp7.net,router4g,192.168.76.3
dhcp-option=121,10.0.0.0/8,192.168.76.2
",
notify => Service["dnsmasq"],
}
class {'backups':
sanoid_config => "",
}
file {'/usr/local/sbin/zfs_receive_h2':
content => @(EOT)
#!/bin/bash
set -ue
run_backups_remote() {
host=$1
shift
sudo -u backups sh -c "export KRB5CCNAME=KEYRING:persistent:1284000004 && kinit -k -t /home/backups/.keytab backups && ssh $host $*"
}
get_last_remote_snapshot() {
host=$1
fs=$2
run_backups_remote $host /sbin/zfs list -H -t snapshot $fs | tail -1 | cut -f 1 | cut -d @ -f 2
}
get_last_local_snapshot() {
zfs list -H -t snapshot $1 | tail -1 | cut -f 1 | cut -d @ -f 2
}
replicate() {
host=$1
remote=$2
local=$3
last_local=$(get_last_local_snapshot $local)
last_remote=$(get_last_remote_snapshot $host $remote)
if test $last_local != $last_remote ; then
run_backups_remote $host /sbin/zfs send -w -i @$last_local $remote@$last_remote | zfs receive $local
fi
}
replicate case.ces.int.pdp7.net rpool/user/backed/cesar cesar_hdd_red_2/cesar
replicate case.ces.int.pdp7.net rpool/user/backed/filer cesar_hdd_red_2/filer
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-204-disk-1 rpool/user/backed/pg-h1-int-pg --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-208-disk-1 rpool/user/backed/nextcloud_new --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-210-disk-1 rpool/user/backed/bitwarden --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-211-disk-1 rpool/user/backed/gitolite --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-214-disk-1 rpool/user/backed/weed --quiet
| EOT
,
owner => root,
group => root,
mode => '744',
}
file {'/etc/cron.hourly/zfs_receive_h2':
ensure => link,
target => '/usr/local/sbin/zfs_receive_h2',
}
}
|
