From 2f5af670f45042b078ef9ef1c4b657c245c6a3ba Mon Sep 17 00:00:00 2001 From: mwiegand Date: Sat, 26 Jun 2021 19:59:50 +0200 Subject: [PATCH] wip --- bundles/backup/files/backup_path_via_zfs | 19 ++++++++----- bundles/wireguard/metadata.py | 7 ++++- data/network.py | 19 +++++++++++++ groups/all.py | 4 --- groups/applications/backup.py | 10 +++++++ nodes/home.server.py | 2 +- nodes/htz.games.py | 1 + nodes/htz.mails.py | 2 ++ nodes/netcup.secondary.py | 34 ++++++++++++++++++++++++ 9 files changed, 86 insertions(+), 12 deletions(-) create mode 100644 data/network.py create mode 100644 groups/applications/backup.py create mode 100644 nodes/netcup.secondary.py diff --git a/bundles/backup/files/backup_path_via_zfs b/bundles/backup/files/backup_path_via_zfs index c2b4d85..db05d74 100644 --- a/bundles/backup/files/backup_path_via_zfs +++ b/bundles/backup/files/backup_path_via_zfs @@ -11,7 +11,13 @@ ssh="ssh -o StrictHostKeyChecking=no backup-receiver@$server" source_dataset=$(zfs list -H -o mountpoint,name | grep -P "^$path\t" | cut -d $'\t' -f 2) target_dataset="tank/$uuid/$source_dataset" target_dataset_parent=$(echo $target_dataset | rev | cut -d / -f 2- | rev) -new_bookmark="auto-backup_$(date +"%Y-%m-%d_%H:%M:%S")" +bookmark_prefix="auto-backup_" +new_bookmark="$bookmark_prefix$(date +"%Y-%m-%d_%H:%M:%S")" + +for var in path uuid server ssh source_dataset target_dataset target_dataset_parent new_bookmark +do + [[ -z "${!var}" ]] && echo "ERROR - $var is empty" && exit 97 +done echo "BACKUP ZFS DATASET - PATH: $path, SERVER: $server, UUID: $uuid, SOURCE_DATASET: $source_dataset, TARGET_DATASET: $TARGET_DATASET" @@ -21,16 +27,17 @@ then $ssh sudo zfs create -p -o mountpoint=none "$target_dataset_parent" fi -zfs snap $source_dataset@$new_bookmark +zfs snap "$source_dataset@$new_bookmark" -if zfs list -t bookmark -H -o name | grep '#auto-backup' | wc -l | grep -q "^0$" +if zfs list -t bookmark -H -o name | grep "#$bookmark_prefix" | wc -l | grep -q "^0$" then echo "INITIAL BACKUP" - zfs send -v "$source_dataset@$new_bookmark" | $ssh sudo zfs recv -F $target_dataset + zfs send -v "$source_dataset@$new_bookmark" | $ssh sudo zfs recv -F "$target_dataset" else echo "INCREMENTAL BACKUP" - last_bookmark=$(zfs list -t bookmark -H -o name | sort | tail -1 | cut -d '#' -f 2) - zfs send -v -i "#$last_bookmark" "$source_dataset@$new_bookmark" | $ssh sudo zfs recv $target_dataset + last_bookmark=$(zfs list -t bookmark -H -o name | grep "#$bookmark_prefix" | sort | tail -1 | cut -d '#' -f 2) + [[ -z "$last_bookmark" ]] && echo "ERROR - last_bookmark is empty" && exit 98 + zfs send -v -i "#$last_bookmark" "$source_dataset@$new_bookmark" | $ssh sudo zfs recv "$target_dataset" fi if [[ "$?" == "0" ]] diff --git a/bundles/wireguard/metadata.py b/bundles/wireguard/metadata.py index 51fac8e..dc01adb 100644 --- a/bundles/wireguard/metadata.py +++ b/bundles/wireguard/metadata.py @@ -7,7 +7,12 @@ from bundlewrap.metadata import atomic defaults = { 'apt': { 'packages': { - 'wireguard': {}, + 'wireguard': { + 'backports': True, + 'triggers': [ + 'svc_systemd:systemd-networkd:restart', + ], + }, }, }, 'wireguard': { diff --git a/data/network.py b/data/network.py new file mode 100644 index 0000000..2e3a6e8 --- /dev/null +++ b/data/network.py @@ -0,0 +1,19 @@ +{ + 'networks': [ + '10.0.0.0/24', + '10.0.2.0/24', + '10.0.9.0/24', + '10.0.10.0/24', + ], + 'routers': { + '10.0.0.1': { + '10.0.0.0/24': None, + '10.0.0.2/24': None, + '10.0.0.9/24': None, + }, + '10.0.0.2': { + '10.0.0.0/24': 'internal', + '10.0.10.0/24': 'wg0', + }, + }, +} diff --git a/groups/all.py b/groups/all.py index 6cf2026..84da83a 100644 --- a/groups/all.py +++ b/groups/all.py @@ -1,12 +1,8 @@ { 'bundles': [ - 'backup', 'users', ], 'metadata': { - 'backup': { - 'server': 'home.backups', - }, 'dns': {}, 'nameservers': [ '10.0.10.2', diff --git a/groups/applications/backup.py b/groups/applications/backup.py new file mode 100644 index 0000000..369925e --- /dev/null +++ b/groups/applications/backup.py @@ -0,0 +1,10 @@ +{ + 'bundles': [ + 'backup', + ], + 'metadata': { + 'backup': { + 'server': 'home.backups', + }, + } +} diff --git a/nodes/home.server.py b/nodes/home.server.py index de28a26..2daa055 100644 --- a/nodes/home.server.py +++ b/nodes/home.server.py @@ -2,6 +2,7 @@ 'hostname': '10.0.0.2', 'groups': [ 'archive', + 'backup', 'debian-10', # 'nextcloud', ], @@ -29,7 +30,6 @@ }, }, 'wireguard': { - # iptables -t nat -A POSTROUTING -o enp1s0f0 -j MASQUERADE 'my_ip': '172.19.136.1/22', 'peers': { 'htz.mails': { diff --git a/nodes/htz.games.py b/nodes/htz.games.py index 564cd59..ad7c720 100644 --- a/nodes/htz.games.py +++ b/nodes/htz.games.py @@ -1,6 +1,7 @@ { 'dummy': True, 'groups': [ + 'backup', 'debian-10', ], 'bundles': [ diff --git a/nodes/htz.mails.py b/nodes/htz.mails.py index d24805c..f7129a9 100644 --- a/nodes/htz.mails.py +++ b/nodes/htz.mails.py @@ -2,6 +2,7 @@ 'hostname': '162.55.188.157', 'groups': [ 'archive', + 'backup', 'hetzner-cloud', 'debian-10', 'mailserver', @@ -108,6 +109,7 @@ '10.0.9.0/24', ] }, + 'netcup.secondary': {}, }, }, 'zfs': { diff --git a/nodes/netcup.secondary.py b/nodes/netcup.secondary.py new file mode 100644 index 0000000..fc43291 --- /dev/null +++ b/nodes/netcup.secondary.py @@ -0,0 +1,34 @@ +{ + 'hostname': '46.38.240.85', + 'groups': [ + 'debian-10', + ], + 'bundles': [ + 'wireguard', + ], + 'metadata': { + 'id': '890848b2-a900-4f74-ad5b-b811fbb4f0bc', + 'network': { + 'external': { + 'interface': 'eth0', + 'ipv4': '46.38.240.85/22', + 'gateway4': '46.38.240.1', + 'ipv6': '2a03:4000:7:534::2/64', + 'gateway6': 'fe80::1', + } + }, + 'wireguard': { + 'my_ip': '172.19.136.3/22', + 'peers': { + 'htz.mails': { + 'route': [ + '10.0.0.0/24', + '10.0.2.0/24', + '10.0.9.0/24', + '10.0.10.0/24', + ], + }, + }, + }, + }, +}