backup2s3.rb
2.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#
# Author:: Earth U (<sysadmin @ chromedia.com>)
# Cookbook Name:: cfe-mongodb
# Recipe:: backup2s3
#
# Copyright (C) 2017, Chromedia Far East, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package 'gzip'
package 'logrotate'
include_recipe 'openssl::upgrade'
include_recipe 'awscli'
pub_key = "#{node[cookbook_name]['install']['priv_dir']}/pub.key"
bscript = "#{node[cookbook_name]['install']['priv_dir']}/mongodb_backup2s3"
ip = (node['mongodb3']['config']['mongod']['net']['bindIp'].split(','))[-1]
directory(node[cookbook_name]['install']['bak_log_dir']) { recursive true }
is_any_enc = node[cookbook_name]['db']['map'].any? do |x|
if x.is_a?(Array)
x = x[1]
end
do_backup = x.has_key?(:backup) ? x[:backup] : true
do_backup ? x[:bak_encrypted] : false
end
if !node[cookbook_name]['encrypt']['pub_key'] && is_any_enc
Chef::Application.fatal!('No encryption public key contents supplied')
end
file pub_key do
content node[cookbook_name]['encrypt']['pub_key']
mode 0600
owner 'root'
group 'root'
sensitive true
only_if { is_any_enc }
end
template bscript do
mode 0700
owner 'root'
group 'root'
sensitive true
variables(
:bin_aws => node[cookbook_name]['bin']['aws'],
:bin_mongo => node[cookbook_name]['bin']['mongo'],
:bin_mongodump => node[cookbook_name]['bin']['mongodump'],
:bin_openssl => node[cookbook_name]['bin']['openssl'],
:db_host => ip,
:db_port => node['mongodb3']['config']['mongod']['net']['port'],
:db_map => node[cookbook_name]['db']['map'],
:backup_user => 'backup',
:backup_pass => node[cookbook_name]['db']['pass_backup'],
:backup_auth => 'admin',
:s3_region => node[cookbook_name]['s3_region'],
:s3_bucket => node[cookbook_name]['s3_bucket'],
:pub_key => pub_key
)
end
sched = node[cookbook_name]['install']['bak_sched'].split(' ')
cron_d 'mongodb_backup2s3' do
command "bash #{bscript} >> #{node[cookbook_name]['install']['bak_log_dir']}"\
'/mongodb_backup2s3.log 2>&1'
minute sched[0]
hour sched[1]
day sched[2]
month sched[3]
weekday sched[4]
mailto "''"
path '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
end
template "#{node[cookbook_name]['logrotate']['conf_dir']}/mongodb_backup2s3" do
source 'logrotate.erb'
variables(
:log_dir => node[cookbook_name]['install']['bak_log_dir'],
:opts => node[cookbook_name]['logrotate']['options']
)
end