From ac0e969325e7928b585284c42956d6579f646972 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sat, 2 Sep 2017 15:41:38 +0000 Subject: [PATCH] Maintain /etc/nagios/dsa-check-backuppg.conf with puppet --- modules/postgres/manifests/backup_server.pp | 71 ++++++++++++++++--- .../dsa-check-backuppg-manual.conf.erb | 26 +++++++ 2 files changed, 88 insertions(+), 9 deletions(-) create mode 100644 modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb diff --git a/modules/postgres/manifests/backup_server.pp b/modules/postgres/manifests/backup_server.pp index b5a4ef7d7..653b5f88d 100644 --- a/modules/postgres/manifests/backup_server.pp +++ b/modules/postgres/manifests/backup_server.pp @@ -7,17 +7,17 @@ class postgres::backup_server::globals { $tag_base_backup = "postgresql::server::backup-source-make-base-backup-entry" $tag_source_sshkey = "postgresql::server::backup-source-sshkey" $tag_source_pgpassline = "postgresql::server::backup-source-pgpassline" + $tag_dsa_check_backupp = "postgresql::server::backup-dsa-check-backuppg" } class postgres::backup_server { include postgres::backup_server::globals - package { 'postgresql-client-9.1': - ensure => installed - } - package { 'postgresql-client-9.4': - ensure => installed - } + #### + # Regularly pull base backups + # + ensure_packages ( "postgresql-client-9.1", { ensure => 'installed' }) + ensure_packages ( "postgresql-client-9.4", { ensure => 'installed' }) concat { $postgres::backup_server::globals::make_base_backups: mode => '0555', @@ -46,6 +46,7 @@ class postgres::backup_server { } } + #### # Maintain authorized_keys file on backup servers for WAL shipping # # do not let other hosts directly build our authorized_keys file, @@ -78,7 +79,47 @@ class postgres::backup_server { refreshonly => true, } + #### + # Maintain /etc/nagios/dsa-check-backuppg.conf + # + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d': + ensure => 'directory', + purge => true, + force => true, + recurse => true, + source => 'puppet:///files/empty/', + notify => Exec['update dsa-check-backuppg-manual.conf'], + } + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/manual.conf': + content => template('postgres/backup_server/dsa-check-backuppg-manual.conf.erb'), + notify => Exec['update dsa-check-backuppg-manual.conf'] + } + file { '/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/moszumanska.conf': + ensure => ($::hostname in [backuphost]) ? { + true => 'absent', + default => 'present' + }, + content => @(EOF), + --- + backups: + moszumanska: + main: + | EOF + notify => Exec['update dsa-check-backuppg-manual.conf'] + } + File<<| tag == $postgres::backup_server::globals::tag_dsa_check_backupp |>> + ensure_packages ( "libhash-merge-simple-perl", { ensure => 'installed' }) + exec { "update dsa-check-backuppg-manual.conf": + command => @(EOF), + perl -MYAML=LoadFile,Dump -MHash::Merge::Simple=merge -E 'say Dump(merge(map{LoadFile($_)}@ARGV))' /etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/*.conf > /etc/nagios/dsa-check-backuppg.conf + | EOF + provider => shell, + refreshonly => true, + } + + #### # Maintain .pgpass file on backup servers + # # concat { $postgres::backup_server::globals::pgpassfile: owner => 'debbackup', group => 'debbackup', @@ -112,7 +153,8 @@ define postgres::backup_server::register_backup_clienthost ( } define postgres::backup_server::register_backup_cluster ( - $hostname = $::fqdn, + $hostname = $::hostname, + $fqdn = $::fqdn, $pg_port, $pg_role, $pg_password, @@ -125,7 +167,7 @@ define postgres::backup_server::register_backup_cluster ( @@concat::fragment { "postgresql::server::backup-source-pgpassline::$hostname::$pg_port::$pg_role": target => $postgres::backup_server::globals::pgpassfile, content => @("EOF"), - ${hostname}:${pg_port}:*:${pg_role}:${pg_password} + ${fqdn}:${pg_port}:*:${pg_role}:${pg_password} | EOF tag => $postgres::backup_server::globals::tag_source_pgpassline, } @@ -134,8 +176,19 @@ define postgres::backup_server::register_backup_cluster ( @@concat::fragment { "postgresql::server::backup-source-make-base-backup-entry::$hostname::$pg_port::$pg_role": target => $postgres::backup_server::globals::make_base_backups, content => @("EOF"), - ${hostname} ${pg_port} ${pg_role} ${pg_cluster} ${pg_version} + ${fqdn} ${pg_port} ${pg_role} ${pg_cluster} ${pg_version} | EOF tag => $postgres::backup_server::globals::tag_base_backup, } + + @@file { "/etc/dsa/postgresql-backup/dsa-check-backuppg.conf.d/${hostname}-${pg_cluster}.conf": + content => @("EOF"), + --- + backups: + ${hostname}: + ${pg_cluster}: + | EOF + tag => $postgres::backup_server::globals::tag_dsa_check_backupp, + notify => Exec['update dsa-check-backuppg-manual.conf'] + } } diff --git a/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb b/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb new file mode 100644 index 000000000..11b1980e3 --- /dev/null +++ b/modules/postgres/templates/backup_server/dsa-check-backuppg-manual.conf.erb @@ -0,0 +1,26 @@ +--- +rootdir: /srv/backups/pg +warn-age: + wal: 43200 + base: 691200 +retention: 1814400 +backups: + fasolo: + dak: + sibelius: + snapshot: + danzi: + main: + bmdb1: + wannabuild: + timeline: 2 + main: + timeline: 2 + debsources: + seger: + dak: + vittoria: + main: + buxtehude: + main: + debbugs: -- 2.20.1