ldap: Added ldap::server::backup class to create daily backups of databases.

2014-02-13 17:48:30 +02:00 · 2014-02-13 17:48:30 +02:00 · 72ce69c47d
commit 72ce69c47d
parent 9b214f3959
2 changed files with 77 additions and 0 deletions
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@ -682,6 +682,54 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "", $rid
 }
 # Install LDAP daily backup job
 #
 # === Parameters
 #
 #   $datadir:
 #       Directory where LDAP backups are stored. Defaults to /srv/ldap-backup
 #
 #   $maxage:
 #       How long to keep LDAP backups. Defaults to 168 hours (7 days).
 #
 class ldap::server::backup($datadir="/srv/ldap-backup", $maxage="168") {
    if $datadir != "/srv/ldap-backup" {
        file { "/srv/ldap-backup":
            ensure  => link,
            target  => $datadir,
            owner   => "root",
            group   => "root",
            require => File[$datadir],
        }
    }
    file { $datadir:
        ensure => directory,
        mode   => "0700",
        owner  => $ldap::server::user,
        group  => $ldap::server::group,
    }
    file { "/usr/local/sbin/ldap-backup.cron":
        ensure  => present,
        content => template("ldap/ldap-backup.cron.erb"),
        mode    => "0755",
        owner   => "root",
        group   => "root",
        require => File["/srv/ldap-backup"],
    }
    cron { "ldap-backup":
        ensure  => present,
        command => "/usr/local/sbin/ldap-backup.cron",
        user    => $ldap::server::user,
        hour    => "0",
        minute  => "10",
        require => File["/usr/local/sbin/ldap-backup.cron"],
    }
 }
 # Install custom schema to OpenLDAP.
 #
 # === Parameters
--- a/ldap/templates/ldap-backup.cron.erb
+++ b/ldap/templates/ldap-backup.cron.erb
@ -0,0 +1,29 @@
 #!/bin/sh
 umask 077
 PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
 if [ `whoami` != <%= scope.lookupvar('ldap::server::user') %> ]; then
    echo "ERR: Script needs to be run as <%= scope.lookupvar('ldap::server::user') %> user" 1>&2
    exit 1
 fi
 BACKUPDIR="/srv/ldap-backup"
 BACKUPAGE="<%= @maxage %>"
 DATE=`date "+%Y-%m-%d"`
 ldapsearch -LLL -x -H ldapi:// -s base -b 'cn=Databases,cn=Monitor' \
    '(objectClass=*)' namingContexts | \
    sed -n 's/^namingContexts: \(.*\)/\1/p' | while read db ; do
        [ "${db}" = "cn=config" ] && continue
        slapcat -f /etc/openldap/slapd.conf -b "${db}" 2> /dev/null | gzip > \
            "${BACKUPDIR}/${db}.${DATE}.gz"
        if [ $? -ne 0 ]; then
            echo "ERR: Failed to backup database ${db}" 1>&2
            continue
        fi
 done
 tmpwatch -m -f ${BACKUPAGE} ${BACKUPDIR}