wip

2021-06-26 19:59:50 +02:00 · 2021-06-26 16:51:12 +02:00
14 changed files with 114 additions and 24 deletions
--- a/bundles/backup-server/metadata.py
+++ b/bundles/backup-server/metadata.py
@ -43,19 +43,23 @@ def zfs(metadata):
@metadata_reactor.provides(
-    'dns'
+    'dns',
 )
 def dns(metadata):
    records = {}
    if metadata.get('network/ipv4', None):
        records['A'] = [str(ip_interface(metadata.get('network/ipv4')).ip)]
    if metadata.get('network/ipv6', None):
        records['AAAA'] = [str(ip_interface(metadata.get('network/ipv6')).ip)]
    return {
        'dns': {
-            metadata.get('backup-server/hostname'): records,
+            metadata.get('backup-server/hostname'): {
                'A': [
                    str(ip_interface(network['ipv4']).ip)
                        for network in metadata.get('network').values()
                        if 'ipv4' in network
                ],
                'AAAA': [
                    str(ip_interface(network['ipv6']).ip)
                        for network in metadata.get('network').values()
                        if 'ipv6' in network
                ],
            },
        },
    }
--- a/bundles/backup/files/backup_path_via_zfs
+++ b/bundles/backup/files/backup_path_via_zfs
@ -11,7 +11,13 @@ ssh="ssh -o StrictHostKeyChecking=no backup-receiver@$server"
 source_dataset=$(zfs list -H -o mountpoint,name | grep -P "^$path\t" | cut -d $'\t' -f 2)
 target_dataset="tank/$uuid/$source_dataset"
 target_dataset_parent=$(echo $target_dataset | rev | cut -d / -f 2- | rev)
-new_bookmark="auto-backup_$(date +"%Y-%m-%d_%H:%M:%S")"
+bookmark_prefix="auto-backup_"
 new_bookmark="$bookmark_prefix$(date +"%Y-%m-%d_%H:%M:%S")"
 for var in path uuid server ssh source_dataset target_dataset target_dataset_parent new_bookmark
 do
  [[ -z "${!var}" ]] && echo "ERROR - $var is empty" && exit 97
 done
 echo "BACKUP ZFS DATASET - PATH: $path, SERVER: $server, UUID: $uuid, SOURCE_DATASET: $source_dataset, TARGET_DATASET: $TARGET_DATASET"
@ -21,16 +27,17 @@ then
  $ssh sudo zfs create -p -o mountpoint=none "$target_dataset_parent"
 fi
-zfs snap $source_dataset@$new_bookmark
+zfs snap "$source_dataset@$new_bookmark"
-if zfs list -t bookmark -H -o name | grep '#auto-backup' | wc -l | grep -q "^0$"
+if zfs list -t bookmark -H -o name | grep "#$bookmark_prefix" | wc -l | grep -q "^0$"
 then
  echo "INITIAL BACKUP"
-  zfs send -v "$source_dataset@$new_bookmark" | $ssh sudo zfs recv -F $target_dataset
+  zfs send -v "$source_dataset@$new_bookmark" | $ssh sudo zfs recv -F "$target_dataset"
 else
  echo "INCREMENTAL BACKUP"
-  last_bookmark=$(zfs list -t bookmark -H -o name | sort | tail -1 | cut -d '#' -f 2)
+  last_bookmark=$(zfs list -t bookmark -H -o name | grep "#$bookmark_prefix" | sort | tail -1 | cut -d '#' -f 2)
-  zfs send -v -i "#$last_bookmark" "$source_dataset@$new_bookmark" | $ssh sudo zfs recv $target_dataset
+  [[ -z "$last_bookmark" ]] && echo "ERROR - last_bookmark is empty" && exit 98
  zfs send -v -i "#$last_bookmark" "$source_dataset@$new_bookmark" | $ssh sudo zfs recv "$target_dataset"
 fi
 if [[ "$?" == "0" ]]
--- a/bundles/dovecot/files/dovecot.conf
+++ b/bundles/dovecot/files/dovecot.conf
@ -101,7 +101,7 @@ plugin {
    fts_decoder = decode2text
 }
 service indexer-worker {
-    vsz_limit = 1G
+    vsz_limit = ${indexer_ram}
 }
 service decode2text {
    executable = script /usr/local/libexec/dovecot/decode2text.sh
--- a/bundles/dovecot/items.py
+++ b/bundles/dovecot/items.py
@ -31,6 +31,7 @@ files = {
        'content_type': 'mako',
        'context': {
            'admin_email': node.metadata.get('mailserver/admin_email'),
            'indexer_ram': node.metadata.get('dovecot/indexer_ram'),
        },
        'needs': {
            'pkg_apt:'
--- a/bundles/dovecot/metadata.py
+++ b/bundles/dovecot/metadata.py
@ -25,3 +25,13 @@ defaults = {
        },
    },
 }
@metadata_reactor.provides(
    'dovecot/indexer_ram',
 )
 def indexer_ram(metadata):
    return {
        'dovecot': {
            'indexer_ram': str(metadata.get('vm/ram')//2)+ 'M',
        },
    }
--- a/bundles/php/items.py
+++ b/bundles/php/items.py
@ -1,7 +1,7 @@
 version = node.metadata.get('php/version')
 php_ini_context = {
-    'num_cpus': node.metadata.get('vm/cpu'),
+    'num_cpus': node.metadata.get('vm/cores'),
    'post_max_size': node.metadata.get('php/post_max_size', 10),
 }
--- a/bundles/wireguard/metadata.py
+++ b/bundles/wireguard/metadata.py
@ -7,7 +7,12 @@ from bundlewrap.metadata import atomic
 defaults = {
    'apt': {
        'packages': {
-            'wireguard': {},
+            'wireguard': {
                'backports': True,
                'triggers': [
                    'svc_systemd:systemd-networkd:restart',
                ],
            },
        },
    },
    'wireguard': {
--- a/data/network.py
+++ b/data/network.py
@ -0,0 +1,19 @@
 {
    'networks': [
        '10.0.0.0/24',
        '10.0.2.0/24',
        '10.0.9.0/24',
        '10.0.10.0/24',
    ],
    'routers': {
        '10.0.0.1': {
            '10.0.0.0/24': None,
            '10.0.0.2/24': None,
            '10.0.0.9/24': None,
        },
        '10.0.0.2': {
            '10.0.0.0/24': 'internal',
            '10.0.10.0/24': 'wg0',
        },
    },
 }
--- a/groups/all.py
+++ b/groups/all.py
@ -1,12 +1,8 @@
 {
    'bundles': [
        'backup',
        'users',
    ],
    'metadata': {
        'backup': {
            'server': 'home.backups',
        },
        'dns': {},
        'nameservers': [
            '10.0.10.2',
--- a/groups/applications/backup.py
+++ b/groups/applications/backup.py
@ -0,0 +1,10 @@
 {
    'bundles': [
        'backup',
    ],
    'metadata': {
        'backup': {
            'server': 'home.backups',
        },
    }
 }
--- a/nodes/home.server.py
+++ b/nodes/home.server.py
@ -2,6 +2,7 @@
    'hostname': '10.0.0.2',
    'groups': [
        'archive',
        'backup',
        'debian-10',
 #        'nextcloud',
    ],
@ -29,7 +30,6 @@
            },
        },
        'wireguard': {
            # iptables -t nat -A POSTROUTING -o enp1s0f0 -j MASQUERADE
            'my_ip': '172.19.136.1/22',
            'peers': {
                'htz.mails': {
--- a/nodes/htz.games.py
+++ b/nodes/htz.games.py
@ -1,6 +1,7 @@
 {
    'dummy': True,
    'groups': [
        'backup',
        'debian-10',
    ],
    'bundles': [
--- a/nodes/htz.mails.py
+++ b/nodes/htz.mails.py
@ -2,6 +2,7 @@
    'hostname': '162.55.188.157',
    'groups': [
        'archive',
        'backup',
        'hetzner-cloud',
        'debian-10',
        'mailserver',
@ -94,7 +95,8 @@
            'installer': True,
        },
        'vm': {
-            'cpu': 2,
+            'cores': 2,
            'ram': 8096,
        },
        'wireguard': {
            # ip r add 10.0.0.0/24 via 172.19.136.2 dev wg0
@ -107,6 +109,7 @@
                        '10.0.9.0/24',
                    ]
                },
                'netcup.secondary': {},
            },
        },
        'zfs': {
--- a/nodes/netcup.secondary.py
+++ b/nodes/netcup.secondary.py
@ -0,0 +1,34 @@
 {
    'hostname': '46.38.240.85',
    'groups': [
        'debian-10',
    ],
    'bundles': [
        'wireguard',
    ],
    'metadata': {
        'id': '890848b2-a900-4f74-ad5b-b811fbb4f0bc',
        'network': {
            'external': {
                'interface': 'eth0',
                'ipv4': '46.38.240.85/22',
                'gateway4': '46.38.240.1',
                'ipv6': '2a03:4000:7:534::2/64',
                'gateway6': 'fe80::1',
            }
        },
        'wireguard': {
            'my_ip': '172.19.136.3/22',
            'peers': {
                'htz.mails': {
                    'route': [
                        '10.0.0.0/24',
                        '10.0.2.0/24',
                        '10.0.9.0/24',
                        '10.0.10.0/24',
                    ],
                },
            },
        },
    },
 }
Author	SHA1	Message	Date
mwiegand	2f5af670f4	wip	2021-06-26 19:59:50 +02:00
mwiegand	394a7a3b3f	wip	2021-06-26 16:51:12 +02:00