blob: 89483cf44a60346895024b940c95680556709691 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# Fluxo Puppet Backup Module
## About
This module contains the general backup conventions and defintions used by the
Fluxo Group according to the [Fluxo Pattern](https://padrao.fluxo.info/backup/).
It relies on the [backupninja module](https://gitlab.com/shared-puppet-modules-group/backupninja).
What is basically do is to help the creation of standardized definitions for
backup definitions.
Note: this is a simple module that don't manages backup users or keys by
itself: you should do that manually or use another puppet module such as
`backupninja::server`.
## Available methods
### Remote backups using Borg
# remote encrypted backup from localhost to $node_name using Borg
backup::borg { "$node_name":
port => "$port",
}
### Local encrypted backups pushed to remotes
One of the methods relies in a local encrypted backup that's later on pushed to
remotes.
The advantage of this two stage approach, as the experience showed, is that
it's more reliable and fast than to let duplicity do all the job.
#### Example with [duplicity][] and [rsync][]
# local encrypted/signed backup
backup::duplicity { "localhost":
encryptkey => "$key_id",
password => "$key_password",
}
# remote backup of previously encrypted/signed backup sent to $node_name
backup::rsync { "$node_name":
port => "$port",
}
* The first definition will keep local encrypted/signed backups using duplicity
at `/var/backups/duplicity`.
* The second definition will push the local `/var/backups/duplicity` to a
remote destination using [rsync][] over SSH.
#### Example with [duplicity][] and [rdiff-backup][]
# local encrypted/signed backup
backup::duplicity { "localhost":
encryptkey => "$key_id",
password => "$key_password",
}
# remote backup of previously encrypted/signed backup sent to $node_name
backup::rdiff { "$node_name":
port => "$port",
}
[duplicity]: https://duplicity.gitlab.io/
[rdiff-backup]: https://rdiff-backup.net/
[rsync]: https://rsync.samba.org/
|
