Puppet Class: postgresql::backup::pg_dump

Defined in:
manifests/backup/pg_dump.pp

Summary

"Provider" for pg_dump backup

Overview

Parameters:

  • compress (Boolean) (defaults to: true)

    Whether or not to compress the backup. Support for compression also depends on other backup parameters.

  • databases (Array) (defaults to: [])

    Databases to backup. By default ‘[]` will back up all databases.

  • db_user (Optional[String[1]]) (defaults to: undef)

    PostgreSQL user to create with superuser privileges.

  • db_password (Optional[Variant[String, Sensitive[String]]]) (defaults to: undef)

    Password to create for ‘$db_user`.

  • dir (String[1])

    Directory to store backup.

  • dir_mode (String[1]) (defaults to: '0700')

    Permissions applied to the backup directory. This parameter is passed directly to the file resource.

  • dir_owner (String[1]) (defaults to: 'root')

    Owner for the backup directory. This parameter is passed directly to the file resource.

  • dir_group (String[1]) (defaults to: '0')

    Group owner for the backup directory. This parameter is passed directly to the file resource.

  • format (Enum['plain','custom','directory','tar']) (defaults to: 'plain')

    Backup format to use, must be supported by pg_dump or pg_dumpall. The choice will affect other options, i.e. compression.

  • install_cron (Boolean) (defaults to: true)

    Manage installation of cron package.

  • manage_user (Boolean) (defaults to: false)

    Manage creation of the backup user.

  • optional_args (Array) (defaults to: [])

    Specifies an array of optional arguments which should be passed through to the backup tool. These options are not validated, unsupported options may break the backup.

  • post_script (Optional[String[1]]) (defaults to: undef)

    One or more scripts that are executed when the backup is finished. This could be used to sync the backup to a central store.

  • pre_script (Optional[String[1]]) (defaults to: undef)

    One or more scripts that are executed before the backup begins.

  • rotate (Integer) (defaults to: 30)

    Backup rotation interval in 24 hour periods.

  • success_file_path (Stdlib::Absolutepath) (defaults to: '/tmp/pgbackup_success')

    Specify a path where upon successful backup a file should be created for checking purposes.

  • time (Array) (defaults to: ['23', '5'])

    An array of two elements to set the backup time. Allows ‘[’23’, ‘5’]‘ (i.e., 23:05) or `[’3’, ‘45’]‘ (i.e., 03:45) for HH:MM times.

  • weekday (String[1]) (defaults to: '*')

    Weekdays on which the backup job should run. Defaults to ‘*`. This parameter is passed directly to the cron resource.

  • ensure (Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]) (defaults to: 'present')
  • delete_before_dump (Boolean) (defaults to: false)
  • pgpass_path (Stdlib::Absolutepath) (defaults to: '/root/.pgpass')
  • script_path (Stdlib::Absolutepath) (defaults to: '/usr/local/sbin/pg_dump.sh')
  • template (String[1]) (defaults to: 'postgresql/pg_dump.sh.epp')
  • package_name (Optional[String[1]]) (defaults to: undef) 


43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# File 'manifests/backup/pg_dump.pp', line 43

class postgresql::backup::pg_dump (
  String[1]                                    $dir,
  Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]] $ensure = 'present',
  Boolean                                      $compress           = true,
  Array                                        $databases          = [],
  Boolean                                      $delete_before_dump = false,
  String[1]                                    $dir_group          = '0',
  String[1]                                    $dir_mode           = '0700',
  String[1]                                    $dir_owner          = 'root',
  Enum['plain','custom','directory','tar']     $format             = 'plain',
  Boolean                                      $install_cron       = true,
  Boolean                                      $manage_user        = false,
  Array                                        $optional_args      = [],
  Stdlib::Absolutepath                         $pgpass_path        = '/root/.pgpass',
  Integer                                      $rotate             = 30,
  Stdlib::Absolutepath                         $script_path        = '/usr/local/sbin/pg_dump.sh',
  Stdlib::Absolutepath                         $success_file_path  = '/tmp/pgbackup_success',
  String[1]                                    $template           = 'postgresql/pg_dump.sh.epp',
  Array                                        $time               = ['23', '5'],
  String[1]                                    $weekday            = '*',
  Optional[Variant[String, Sensitive[String]]] $db_password        = undef,
  Optional[String[1]]                          $db_user            = undef,
  Optional[String[1]]                          $package_name       = undef,
  Optional[String[1]]                          $post_script        = undef,
  Optional[String[1]]                          $pre_script         = undef,
) {
  # Install required packages
  if $package_name {
    ensure_packages($package_name)
  }
  if $install_cron {
    if $facts['os']['family'] == 'RedHat' {
      ensure_packages('cronie')
    } elsif $facts['os']['family'] != 'FreeBSD' {
      ensure_packages('cron')
    }
  }

  # Setup db user with required permissions
  if $manage_user and $db_user and $db_password {
    # Create user with superuser privileges
    postgresql::server::role { $db_user:
      ensure        => $ensure,
      password_hash => postgresql::postgresql_password($db_user, $db_password, true, pick($postgresql::server::password_encryption, 'md5')),
      superuser     => true,
    }

    # Allow authentication from localhost
    postgresql::server::pg_hba_rule { 'local access as backup user':
      type        => 'local',
      database    => 'all',
      user        => $db_user,
      auth_method => pick($postgresql::server::password_encryption, 'md5'),
      order       => 1,
    }
  }

  # Create backup directory
  file { $dir:
    ensure => 'directory',
    mode   => $dir_mode,
    owner  => $dir_owner,
    group  => $dir_group,
  }

  # Create backup script
  file { $script_path:
    ensure  => $ensure,
    mode    => '0700',
    owner   => 'root',
    group   => '0', # Use GID for compat with Linux and BSD.
    content => epp($template, {
        compress           => $compress,
        databases          => $databases,
        db_user            => $db_user,
        delete_before_dump => $delete_before_dump,
        dir                => $dir,
        format             => $format,
        optional_args      => $optional_args,
        post_script        => $post_script,
        pre_script         => $pre_script,
        rotate             => $rotate,
        success_file_path  => $success_file_path,
      }
    ),
  }

  # Create password file for pg_dump
  file { $pgpass_path:
    ensure    => $ensure,
    mode      => '0600',
    owner     => 'root',
    group     => '0', # Use GID for compat with Linux and BSD.
    content   => inline_epp ( '*:*:*:<%= $db_user %>:<%= $db_password %>', {
        db_password => $db_password,
        db_user     => $db_user,
      }
    ),
    show_diff => false,
  }

  # Create cron job
  cron { 'pg_dump backup job':
    ensure  => $ensure,
    command => $script_path,
    user    => 'root',
    hour    => $time[0],
    minute  => $time[1],
    weekday => $weekday,
  }
}