X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpostgres%2Fmanifests%2Fbackup_server.pp;h=a5361b1e1cd52080914fc826ab7a881adb8ecc9e;hb=d72d73ccae39e018592248314119b22994520e29;hp=3d9308ed2208e01db78a6e0497431f4ba07bc21b;hpb=1cb97228cc59907f5eacbd5927e74c715000ac6c;p=mirror%2Fdsa-puppet.git diff --git a/modules/postgres/manifests/backup_server.pp b/modules/postgres/manifests/backup_server.pp index 3d9308ed2..a5361b1e1 100644 --- a/modules/postgres/manifests/backup_server.pp +++ b/modules/postgres/manifests/backup_server.pp @@ -7,19 +7,20 @@ class postgres::backup_server::globals { $tag_base_backup = "postgresql::server::backup-source-make-base-backup-entry" $tag_source_sshkey = "postgresql::server::backup-source-sshkey" $tag_source_pgpassline = "postgresql::server::backup-source-pgpassline" + $tag_dsa_check_backupp = "postgresql::server::backup-dsa-check-backuppg" } class postgres::backup_server { include postgres::backup_server::globals - package { 'postgresql-client-9.1': - ensure => installed - } - package { 'postgresql-client-9.4': - ensure => installed - } + #### + # Regularly pull base backups + # + ensure_packages ( "postgresql-client-9.1", { ensure => 'installed' }) + ensure_packages ( "postgresql-client-9.4", { ensure => 'installed' }) concat { $postgres::backup_server::globals::make_base_backups: + mode => '0555', } concat::fragment { 'make-base-backups-header': target => $postgres::backup_server::globals::make_base_backups, @@ -35,16 +36,20 @@ class postgres::backup_server { | EOTEMPLATE order => '99', } - if $::hostname in [backuphost] { - file { '/etc/cron.d/puppet-postgres-make-base-backups': - content => "20 1 * * 0 debbackup chronic ${$postgres::backup_server::globals::make_base_backups}\n", - } - } else { - file { '/etc/cron.d/puppet-postgres-make-base-backups': - content => "20 0 * * 6 debbackup chronic ${$postgres::backup_server::globals::make_base_backups}\n", - } + file { '/etc/cron.d/puppet-postgres-make-base-backups': ensure => absent; } + file { '/var/lib/dsa/postgres-make-base-backups': + ensure => directory, + owner => 'debbackup', + mode => '0755', + } + concat::fragment { 'dsa-puppet-stuff--postgres-make_base_backups': + target => '/etc/cron.d/dsa-puppet-stuff', + content => @("EOF") + */30 * * * * debbackup sleep $(( RANDOM \% 1200 )); chronic ${$postgres::backup_server::globals::make_base_backups} + | EOF } + #### # Maintain authorized_keys file on backup servers for WAL shipping # # do not let other hosts directly build our authorized_keys file, @@ -57,6 +62,10 @@ class postgres::backup_server { mode => '0555', notify => Exec['postgres-make-backup-sshauthkeys'], } + file { '/usr/local/bin/postgres-make-one-base-backup': + source => 'puppet:///modules/postgres/backup_server/postgres-make-one-base-backup', + mode => '0555' + } file { '/etc/dsa/postgresql-backup/sshkeys-manual': content => template('postgres/backup_server/sshkeys-manual.erb'), notify => Exec['postgres-make-backup-sshauthkeys'], @@ -77,7 +86,38 @@ class postgres::backup_server { refreshonly => true, } + #### + # Maintain /etc/nagios/dsa-check-backuppg.conf + # + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d': + ensure => 'directory', + purge => true, + force => true, + recurse => true, + source => 'puppet:///files/empty/', + notify => Exec['update dsa-check-backuppg-manual.conf'], + } + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/manual.conf': + content => template('postgres/backup_server/dsa-check-backuppg-manual.conf.erb'), + notify => Exec['update dsa-check-backuppg-manual.conf'] + } + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/moszumanska.conf': + ensure => 'absent', + notify => Exec['update dsa-check-backuppg-manual.conf'] + } + File<<| tag == $postgres::backup_server::globals::tag_dsa_check_backupp |>> + ensure_packages ( "libhash-merge-simple-perl", { ensure => 'installed' }) + exec { "update dsa-check-backuppg-manual.conf": + command => @(EOF), + perl -MYAML=LoadFile,Dump -MHash::Merge::Simple=merge -E 'say Dump(merge(map{LoadFile($_)}@ARGV))' /etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/*.conf > /etc/nagios/dsa-check-backuppg.conf + | EOF + provider => shell, + refreshonly => true, + } + + #### # Maintain .pgpass file on backup servers + # # concat { $postgres::backup_server::globals::pgpassfile: owner => 'debbackup', group => 'debbackup', @@ -111,7 +151,8 @@ define postgres::backup_server::register_backup_clienthost ( } define postgres::backup_server::register_backup_cluster ( - $hostname = $::fqdn, + $hostname = $::hostname, + $fqdn = $::fqdn, $pg_port, $pg_role, $pg_password, @@ -124,7 +165,7 @@ define postgres::backup_server::register_backup_cluster ( @@concat::fragment { "postgresql::server::backup-source-pgpassline::$hostname::$pg_port::$pg_role": target => $postgres::backup_server::globals::pgpassfile, content => @("EOF"), - ${hostname}:${pg_port}:*:${pg_role}:${pg_password} + ${fqdn}:${pg_port}:*:${pg_role}:${pg_password} | EOF tag => $postgres::backup_server::globals::tag_source_pgpassline, } @@ -133,8 +174,19 @@ define postgres::backup_server::register_backup_cluster ( @@concat::fragment { "postgresql::server::backup-source-make-base-backup-entry::$hostname::$pg_port::$pg_role": target => $postgres::backup_server::globals::make_base_backups, content => @("EOF"), - ${hostname} ${pg_port} ${pg_role} ${pg_cluster} ${pg_version} + ${fqdn} ${pg_port} ${pg_role} ${pg_cluster} ${pg_version} | EOF tag => $postgres::backup_server::globals::tag_base_backup, } + + @@file { "/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/${hostname}-${pg_cluster}.conf": + content => @("EOF"), + --- + backups: + ${hostname}: + ${pg_cluster}: + | EOF + tag => $postgres::backup_server::globals::tag_dsa_check_backupp, + notify => Exec['update dsa-check-backuppg-manual.conf'] + } }