Use backup::params at backup::borg

diff --git a/manifests/borg.pp b/manifests/borg.pp
index 4d08908ac02a909e85b594d4aaccd017c9b93a39..e0279843577c98c3533fec554cf138e39460f568 100644 (file)
--- a/manifests/borg.pp
+++ b/manifests/borg.pp
@@ -11,6 +11,9 @@ define backup::borg(
     $periodic_check = absent,
     $password,
 ) {
+  $exclude_unencrypted = $backup::params::exclude_unencrypted
+  $include_unencrypted = $backup::params::include_unencrypted
+
   file { "${backupninja::configdir}/${order}_borg-${host}.sh":
     ensure  => $ensure,
     content => template('backup/borg.sh.erb'),

diff --git a/manifests/params.pp b/manifests/params.pp
index 4efed5b8632ad636fedf91877bb50c8e9cc63d5d..e94e1d33605d9d4b44042b7c9b7ac7791f1dc07e 100644 (file)
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -5,7 +5,7 @@ class backup::params {
   $backupdir_ensure = hiera('backup::dir::ensure', 'directory')
 
   # for data that's going to be encrypted and signed
-  $include_unencrypted = [ "/etc", "/var", "/home", ]
+  $include_unencrypted = [ "/etc", "/var", "/home", "/root" ]
   $exclude_unencrypted = [ "$backupdir_remote", "$backupdir/duplicity", "$backupdir/borg", "$backupdir/restore", "/var/cache", "/var/log", "/var/vservers", "/var/chroot", "/root/.cache", "/var/lib/dpkg", "/var/lib/apt", "/var/lib/aptitude/", "/var/sites/backups", "/var/data/crypt", "/var/data/backups", "/var/data/cache" ]
 
   # for data that were previously encrypted and signed

diff --git a/templates/borg.sh.erb b/templates/borg.sh.erb
index 3eddd879c607fbab308e7f3fdba1ad05daf93963..b37ab402a0fe278027279b08a6985b5c371f026b 100644 (file)
--- a/templates/borg.sh.erb
+++ b/templates/borg.sh.erb
@@ -26,14 +26,14 @@ fi
 
 # Initialize
 if ! ssh $SSH_SERVER -p $SSH_PORT test -f /var/backups/remote/$HOSTNAME/borg/config; then
-       info "Initializing borg repository at ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg..."
+  info "Initializing borg repository at ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg..."
   borg init --encryption=<%= @encryption %> ssh://$SSH_SERVER:$SSH_PORT//var/backups/remote/$HOSTNAME/borg
 
-       init_exit=$?
+  init_exit=$?
 
-       if [ "$init_exit" != "0" ]; then
-               fatal "Error initializing repository"
-       fi
+  if [ "$init_exit" != "0" ]; then
+    fatal "Error initializing repository"
+  fi
 fi
 
 # Backup the most important directories into an archive named after
@@ -41,41 +41,29 @@ fi
 
 info "Starting backup..."
 
-borg create                                \
-       --verbose                          \
-       --filter AME                       \
-       --list                             \
-       --stats                            \
-       --show-rc                          \
-       --compression lz4                  \
-       --exclude-caches                   \
-       --exclude '/home/*/.cache/*'       \
-       --exclude '/var/cache/*'           \
-       --exclude '/var/tmp/*'             \
-  --exclude '/var/backups/remote'    \
-  --exclude '/var/backups/duplicity' \
-  --exclude '/var/backups/restore'   \
-  --exclude '/var/cache'             \
-  --exclude '/var/vservers'          \
-  --exclude '/var/chroot'            \
-  --exclude '/root/.cache'           \
-  --exclude '/var/lib/dpkg'          \
-  --exclude '/var/lib/apt'           \
-  --exclude '/var/lib/aptitude'      \
-  --exclude '/var/sites/backups'     \
-  --exclude '/var/data/crypt'        \
-  --exclude '/var/data/backups'      \
-  --exclude '/var/data/cache'        \
-       ::'{hostname}-{now}'               \
-       /etc                               \
-       /home                              \
-       /root                              \
-       /var                               \
-
-       backup_exit=$?
+borg create                          \
+  --verbose                          \
+  --filter AME                       \
+  --list                             \
+  --stats                            \
+  --show-rc                          \
+  --compression lz4                  \
+  --exclude-caches                   \
+  --exclude '/home/*/.cache/*'       \
+  --exclude '/var/cache/*'           \
+  --exclude '/var/tmp/*'             \
+<% @exclude_unencrypted.each do |del| -%>
+  --exclude <%= del %>               \
+<% end -%>
+  ::'{hostname}-{now}'               \
+<% @include_unencrypted.each do |add| -%>
+  <%= add %>                         \
+<% end -%>
+
+  backup_exit=$?
 
 if [ "$backup_exit" != "0" ]; then
-       fatal "Error creating snapshot"
+  fatal "Error creating snapshot"
 fi
 
 info "Pruning repository..."
@@ -85,18 +73,18 @@ info "Pruning repository..."
 # limit prune's operation to this machine's archives and not apply to
 # other machines' archives also:
 
-borg prune                           \
-       --list                             \
-       --prefix '{hostname}-'             \
-       --show-rc                          \
+borg prune                            \
+  --list                              \
+  --prefix '{hostname}-'              \
+  --show-rc                           \
   --keep-daily    <%= @keepdaily %>   \
   --keep-weekly   <%= @keepweekly %>  \
   --keep-monthly  <%= @keepmonthly %> \
 
-       prune_exit=$?
+  prune_exit=$?
 
 if [ "$prune_exit" != "0" ]; then
-       fatal "Error pruning repository"
+  fatal "Error pruning repository"
 fi
 
 # use highest exit code as global exit code
@@ -104,12 +92,12 @@ fi
 #
 #if [ ${global_exit} -eq 1 ];
 #then
-#      info "Backup and/or Prune finished with a warning"
+#  info "Backup and/or Prune finished with a warning"
 #fi
 #
 #if [ ${global_exit} -gt 1 ];
 #then
-#      info "Backup and/or Prune finished with an error"
+#  info "Backup and/or Prune finished with an error"
 #fi
 #
 #exit ${global_exit}