From 1e4317cc0b05e0b0e48d1bb2c00d8f0c8cb15ac4 Mon Sep 17 00:00:00 2001 From: Rafe Colton Date: Wed, 12 Nov 2014 17:01:20 -0800 Subject: [PATCH 1/2] Adding barman ssh config to make sure it doesn't get prompted for a host key --- defaults/main.yml | 11 +++++++ tasks/main.yml | 71 +++++++++++++++++++++++++--------------- templates/barman.conf.j2 | 1 + templates/ssh_config.j2 | 14 ++++++++ 4 files changed, 70 insertions(+), 27 deletions(-) create mode 100644 templates/ssh_config.j2 diff --git a/defaults/main.yml b/defaults/main.yml index e4c252e..2652235 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -15,6 +15,17 @@ barman_maintenance_schedule: '*/30 * * * *' # How often to run `barman cron` barman_maintenance_log_file: /var/log/barman/cron.log barman_backup_schedule: '0 1 * * *' # How often to run `barman backup all` barman_backup_log_file: /var/log/barman/backup.log +barman_configuration_directory: /etc/barman.d +barman_ssh_known_hosts_additional: [] +barman_ssh_known_hosts_default: +- 192.168.* +- 10.1.* +- 10.3.* +- 10.4.* +- 10.5.* +- 10.6.* +- 127.0.0.1 +- 172.17.* # List of servers to maintain backups for. # diff --git a/tasks/main.yml b/tasks/main.yml index 35b2cde..32daed0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,54 +1,71 @@ --- - name: "create barman user" user: - name='{{barman_user}}' - groups='{{barman_groups}}' + name={{ barman_user }} + groups={{ barman_groups }} state=present register: barman_create_barman_user + - name: "create ssh directory" file: - path='{{barman_create_barman_user.home}}/.ssh' + path={{ barman_create_barman_user.home }}/.ssh state=directory - owner='{{barman_user}}' - group='{{barman_user}}' + owner={{ barman_user }} + group={{ barman_user }} + +- name: add ssh config + template: + dest={{ barman_create_barman_user.home }}/.ssh/config + src=ssh_config.j2 + owner={{ barman_user }} + group={{ barman_user }} + mode=0600 + - name: "add ssh key" copy: - src='{{barman_ssh_key_file}}' - dest='{{barman_create_barman_user.home}}/.ssh/id_rsa' + src={{ barman_ssh_key_file }} + dest={{ barman_create_barman_user.home }}/.ssh/id_rsa + - name: "add authorized ssh key" authorized_key: - key='{{barman_archive_pub_key}}' - user="{{barman_user}}" + key="{{ barman_archive_pub_key }}" + user={{ barman_user }} state=present + - name: "write barman.conf" - template: src=barman.conf.j2 dest=/etc/barman.conf owner='{{barman_user}}' + template: src=barman.conf.j2 dest=/etc/barman.conf owner={{ barman_user }} + - name: "create home directory" file: - path='{{barman_home}}' + path={{ barman_home }} state=directory - owner='{{barman_user}}' - group='{{barman_user}}' + recurse=yes + owner={{ barman_user }} + group={{ barman_user }} + - name: "install barman" pip: name=barman state=present + - name: "add maintenance job" cron: name="barman maintenance job" - minute={{barman_maintenance_schedule.split()[0]}} - hour={{barman_maintenance_schedule.split()[1]}} - day={{barman_maintenance_schedule.split()[2]}} - month={{barman_maintenance_schedule.split()[3]}} - weekday={{barman_maintenance_schedule.split()[4]}} - job="date >> {{barman_maintenance_log_file}} && barman cron >> {{barman_maintenance_log_file}} 2>&1" - user="{{barman_user}}" + minute={{ barman_maintenance_schedule.split()[0] }} + hour={{ barman_maintenance_schedule.split()[1] }} + day={{ barman_maintenance_schedule.split()[2] }} + month={{ barman_maintenance_schedule.split()[3] }} + weekday={{ barman_maintenance_schedule.split()[4] }} + job="date >> {{ barman_maintenance_log_file }} && barman cron >> {{ barman_maintenance_log_file }} 2>&1" + user="{{ barman_user }}" state=present + - name: "add backup job" cron: name="barman backup job" - minute={{barman_backup_schedule.split()[0]}} - hour={{barman_backup_schedule.split()[1]}} - day={{barman_backup_schedule.split()[2]}} - month={{barman_backup_schedule.split()[3]}} - weekday={{barman_backup_schedule.split()[4]}} - job="date >> {{barman_backup_log_file}} && barman backup all >> {{barman_backup_log_file}} 2>&1" - user="{{barman_user}}" + minute={{ barman_backup_schedule.split()[0] }} + hour={{ barman_backup_schedule.split()[1] }} + day={{ barman_backup_schedule.split()[2] }} + month={{ barman_backup_schedule.split()[3] }} + weekday={{ barman_backup_schedule.split()[4] }} + job="date >> {{ barman_backup_log_file }} && barman backup all >> {{ barman_backup_log_file }} 2>&1" + user="{{ barman_user }}" state=present diff --git a/templates/barman.conf.j2 b/templates/barman.conf.j2 index 2488c66..40c7deb 100644 --- a/templates/barman.conf.j2 +++ b/templates/barman.conf.j2 @@ -6,6 +6,7 @@ barman_user = {{barman_user}} log_file = {{barman_log_file}} log_level = {{barman_log_level}} compression = {{barman_compression}} +configuration_files_directory = {{barman_configuration_directory}} {% for server in barman_upstreams %} [{{server.name}}] diff --git a/templates/ssh_config.j2 b/templates/ssh_config.j2 new file mode 100644 index 0000000..9ea4bd7 --- /dev/null +++ b/templates/ssh_config.j2 @@ -0,0 +1,14 @@ +# {{ ansible_managed }} +# vim:ft=jinja + +{% for host in barman_ssh_known_hosts_default %} +Host {{ host }} + StrictHostKeyChecking no + UserKnownHostsFile /dev/null +{% endfor %} + +{% for host in barman_ssh_known_hosts_additional %} +Host {{ host }} + StrictHostKeyChecking no + UserKnownHostsFile /dev/null +{% endfor %} From b955f4f36cfe22159b48a80c6ac677d6a9970041 Mon Sep 17 00:00:00 2001 From: Rafe Colton Date: Wed, 12 Nov 2014 17:10:39 -0800 Subject: [PATCH 2/2] Add `wal_retention_policy` to archive wal logs along with base backups --- templates/barman.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/barman.conf.j2 b/templates/barman.conf.j2 index 40c7deb..368bd7f 100644 --- a/templates/barman.conf.j2 +++ b/templates/barman.conf.j2 @@ -15,6 +15,7 @@ ssh_command = ssh {{server.ssh_user | default('postgres')}}@{{server.hostname}} conninfo = "user={{server.postgres_user | default('postgres')}} host={{server.hostname}} password={{server.postgres_password | default('postgres')}}" retention_policy_mode = "auto" retention_policy = "{{server.retention_policy | default('recovery window of 1 day')}}" +wal_retention_policy = "main" {% endfor %} ; vim:filetype=dosini