Initial commit
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
new file mode 100644
index 0000000..82f6bff
--- /dev/null
+++ b/CHANGELOG.rst
@@ -0,0 +1,9 @@
+
+===================
+backupninja-formula
+===================
+
+0.0.1
+-----
+
+- Initial commit to Community form
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..cc41a65
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,15 @@
+
+ Copyright (c) 2013 Salt Stack Formulas
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..fd38c2b
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,49 @@
+
+===========
+Backupninja
+===========
+
+Backupninja allows you to coordinate system backup by dropping a few simple configuration files into /etc/backup.d/. Most programs you might use for making backups don't have their own configuration file format.
+
+Backupninja provides a centralized way to configure and schedule many different backup utilities. It allows for secure, remote, incremental filesytem backup (via rdiff-backup), compressed incremental data, backup system and hardware info, encrypted remote backups (via duplicity), safe backup of MySQL/PostgreSQL databases, subversion or trac repositories, burn CD/DVDs or create ISOs, incremental rsync with hardlinking.
+
+Sample pillars
+==============
+
+Backup client with ssh/rsync remote target
+
+ backupninja:
+ client:
+ enabled: true
+ target:
+ engine: rsync
+ host: 10.10.10.208
+ user: backupninja
+
+Backup client with s3 remote target
+
+ backupninja:
+ client:
+ enabled: true
+ target:
+ engine: s3
+ host: s3.domain.com
+ bucket: bucketname
+
+Backup server rsync/rdiff
+
+ backupninja:
+ server:
+ enabled: true
+ rdiff: true
+ keys:
+ - client1.domain.com
+
+Read more
+=========
+
+* https://labs.riseup.net/code/projects/backupninja/wiki/Configuration
+* http://www.debian-administration.org/articles/351
+* http://duncanlock.net/blog/2013/08/27/comprehensive-linux-backups-with-etckeeper-backupninja/
+* https://github.com/riseuplabs/puppet-backupninja
+* http://www.ushills.co.uk/2008/02/backup-with-backupninja.html
diff --git a/VERSION b/VERSION
new file mode 100644
index 0000000..3b04cfb
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+0.2
diff --git a/backupninja/client.sls b/backupninja/client.sls
new file mode 100644
index 0000000..0cc1cb3
--- /dev/null
+++ b/backupninja/client.sls
@@ -0,0 +1,104 @@
+{%- from "backupninja/map.jinja" import client with context %}
+{%- if client.enabled %}
+
+{%- if pillar.postgresql is defined or pillar.mysql is defined %}
+include:
+{%- if pillar.postgresql is defined %}
+- postgresql
+{%- endif %}
+{%- if pillar.mysql is defined %}
+- mysql
+{%- endif %}
+{%- endif %}
+
+backupninja_packages:
+ pkg.installed:
+ - names: {{ client.pkgs }}
+
+{%- if pillar.postgresql is defined %}
+
+backupninja_postgresql_handler:
+ file.managed:
+ - name: /etc/backup.d/100.pgsql
+ - source: salt://backupninja/files/handler/pgsql.conf
+ - template: jinja
+ - mode: 600
+ - require_in:
+ - file: backupninja_remote_handler
+ - require:
+ - pkg: backupninja_packages
+ - service: postgresql_service
+
+{%- endif %}
+
+{%- if pillar.mysql is defined %}
+
+backupninja_mysql_handler:
+ file.managed:
+ - name: /etc/backup.d/101.mysql
+ - source: salt://backupninja/files/handler/mysql.conf
+ - template: jinja
+ - mode: 600
+ - require_in:
+ - file: backupninja_remote_handler
+ - require:
+ - pkg: backupninja_packages
+ - service: mysql_service
+
+{%- endif %}
+
+{%- if client.target is defined %}
+
+{%- if client.target.engine in ["s3",] %}
+
+backupninja_duplicity_packages:
+ pkg.installed:
+ - names:
+ - duplicity
+
+{%- endif %}
+
+{%- if client.target.engine in ["rdiff",] %}
+
+backupninja_duplicity_packages:
+ pkg.installed:
+ - names:
+ - rdiff-backup
+
+{%- endif %}
+
+backupninja_remote_handler:
+ file.absent:
+ - name: /etc/backup.d/200.{{ client.target.engine }}
+ - require:
+ - pkg: backupninja_packages
+
+{%- for service in client.supported_services %}
+{%- if service in grains.get('roles', []) %}
+
+{%- for service_group in service.split('.') %}
+{%- if loop.first %}
+
+backupninja_remote_handler_{{ service|replace('.', '_') }}:
+ file.managed:
+ - name: /etc/backup.d/20{{ loop.index }}.{{ service_group }}.{{ client.target.engine }}
+ - source: salt://backupninja/files/{{ client.target.engine }}.conf
+ - template: jinja
+ - mode: 600
+ - defaults:
+ service_config: {{ service_group }}/files/backupninja.conf
+ {%- if client.config_monkeypatch is defined and client.config_monkeypatch %}
+ service_config_monkeypatch: {{ service_group }}/files/backupninja_monkeypatch.conf
+ {%- endif %}
+ - require:
+ - pkg: backupninja_packages
+
+{%- endif %}
+{%- endfor %}
+
+{%- endif %}
+{%- endfor %}
+
+{%- endif %}
+
+{%- endif %}
\ No newline at end of file
diff --git a/backupninja/files/backupninja.conf b/backupninja/files/backupninja.conf
new file mode 100644
index 0000000..0a8b72b
--- /dev/null
+++ b/backupninja/files/backupninja.conf
@@ -0,0 +1,42 @@
+{%- from "backupninja/map.jinja" import client with context %}
+# |\_
+# B A C K U P N I N J A /()/
+# `\|
+# main configuration file
+#
+
+# how verbose to make the logs
+# 5 -- Debugging messages (and below)
+# 4 -- Informational messages (and below)
+# 3 -- Warnings (and below)
+# 2 -- Errors (and below)
+# 1 -- Fatal errors (only)
+loglevel = 4
+
+# send a summary of the backup status to
+# this email address:
+reportemail = {{ client.report_email }}
+
+# if set to 'yes', a report email will be generated
+# even if all modules reported success. (default = yes)
+reportsuccess = no
+
+# if set to 'yes', a report email will be generated
+# even if there was no error. (default = yes)
+reportwarning = yes
+
+#######################################################
+# for most installations, the defaults below are good #
+#######################################################
+
+# where to log:
+logfile = /var/log/backupninja.log
+
+# directory where all the backup configuration files live
+configdirectory = /etc/backup.d
+
+# where backupninja handler scripts are found
+scriptdirectory = /usr/share/backupninja
+
+# use colors in the log file
+usecolors = yes
\ No newline at end of file
diff --git a/backupninja/files/dup.conf b/backupninja/files/dup.conf
new file mode 100644
index 0000000..0a8d0bb
--- /dev/null
+++ b/backupninja/files/dup.conf
@@ -0,0 +1,263 @@
+{%- from "backupninja/map.jinja" import client with context %}
+{%- from "linux/map.jinja" import system with context %}
+## This is an example duplicity configuration file.
+##
+## Here you can find all the possible duplicity options, details of
+## what the options provide and possible settings. The defaults are set
+## as the commented out option, uncomment and change when
+## necessary. Options which are uncommented in this example do not have
+## defaults, and the settings provided are recommended.
+
+## passed directly to duplicity, e.g. to increase verbosity set this to:
+## options = --verbosity 8
+## when using the Amazon S3 backend to create buckets in Europe:
+## options = --s3-european-buckets --s3-use-new-style
+##
+## Default:
+# options =
+
+## default is 0, but set to something like 19 if you want to lower the priority.
+##
+## Default:
+# nicelevel = 0
+
+## test the connection? set to no to skip the test if the remote host is alive.
+## if 'desturl' is set below, 'testconnect' must be set to 'no' for now.
+##
+## Default:
+# testconnect = yes
+
+## temporary directory used by duplicity, set to some other location if your /tmp is small
+## default is either /tmp or /usr/tmp, depending on the system
+##
+## Default:
+# tmpdir = /tmp
+
+######################################################
+## gpg section
+## (how to encrypt and optionally sign the backups)
+##
+## WARNING: old (pre-0.9.4) example.dup used to give wrong information about
+## the way the following options are used. Please read the following
+## carefully.
+##
+## If the encryptkey variable is set:
+## - data is encrypted with the GnuPG public key specified by the encryptkey
+## variable
+## - if signing is enabled, data is signed with the GnuPG private
+## key specified by the signkey variable
+## - the password variable is used to unlock the GnuPG key(s) used
+## for encryption and (optionnal) signing
+##
+## If the encryptkey option is not set:
+## - data signing is not possible
+## - the password variable is used to encrypt the data with symmetric
+## encryption: no GnuPG key pair is needed
+
+[gpg]
+
+## when set to yes, encryptkey variable must be set below; if you want to use
+## two different keys for encryption and signing, you must also set the signkey
+## variable below.
+## default is set to no, for backwards compatibility with backupninja <= 0.5.
+##
+## Default:
+# sign = no
+
+## ID of the GnuPG public key used for data encryption.
+## if not set, symmetric encryption is used, and data signing is not possible.
+## an example setting would be:
+## encryptkey = 04D9EA79
+##
+## Default:
+# encryptkey =
+
+## ID of the GnuPG private key used for data signing.
+## if not set, encryptkey will be used, an example setting would be:
+## signkey = 04D9EA79
+##
+## Default:
+# signkey =
+
+## password
+## NB: neither quote this, nor should it contain any quotes,
+## an example setting would be:
+## password = a_very_complicated_passphrase
+##
+## Default:
+# password =
+
+######################################################
+## source section
+## (where the files to be backed up are coming from)
+
+[source]
+
+## A few notes about includes and excludes:
+## 1. include, exclude and vsinclude statements support globbing with '*'
+## 2. Symlinks are not dereferenced. Moreover, an include line whose path
+## contains, at any level, a symlink to a directory, will only have the
+## symlink backed-up, not the target directory's content. Yes, you have to
+## dereference yourself the symlinks, or to use 'mount --bind' instead.
+## Example: let's say /home is a symlink to /mnt/crypt/home ; the following
+## line will only backup a "/home" symlink ; neither /home/user nor
+## /home/user/Mail will be backed-up :
+## include = /home/user/Mail
+## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to
+## write :
+## include = /mnt/crypt/home/user/Mail
+## 3. All the excludes come after all the includes. The order is not otherwise
+## taken into account.
+
+## files to include in the backup
+include = /var/spool/cron/crontabs
+include = /var/backups
+include = /etc
+include = /root
+include = /home
+include = /usr/local/bin
+include = /usr/local/sbin
+include = /var/lib/dpkg/status
+include = /var/lib/dpkg/status-old
+
+## If vservers = yes in /etc/backupninja.conf then the following variables can
+## be used:
+## vsnames = all | <vserver1> <vserver2> ... (default = all)
+## vsinclude = <path>
+## vsinclude = <path>
+## ...
+## Any path specified in vsinclude is added to the include list for each vserver
+## listed in vsnames (or all if vsnames = all, which is the default).
+##
+## For example, vsinclude = /home will backup the /home directory in every
+## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
+## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
+## and /vservers/baz/home.
+## Vservers paths are derived from $VROOTDIR.
+
+# files to exclude from the backup
+exclude = /home/*/.gnupg
+exclude = /var/cache/backupninja/duplicity
+
+######################################################
+## destination section
+## (where the files are copied to)
+
+[dest]
+
+## perform an incremental backup? (default = yes)
+## if incremental = no, perform a full backup in order to start a new backup set
+##
+## Default:
+# incremental = yes
+
+## how many days of incremental backups before doing a full backup again ;
+## default is 30 days (one can also use the time format of duplicity).
+## if increments = keep, never automatically perform a new full backup ;
+## only perform incremental backups.
+##
+## Default:
+# increments = 30
+
+## how many days of data to keep ; default is 60 days.
+## (you can also use the time format of duplicity)
+## 'keep = yes' means : do not delete old data, the remote host will take care of this
+##
+## Default:
+# keep = 60
+
+# for how many full backups do we keep their later increments ;
+# default is all (keep all increments).
+# increments for older full backups will be deleted : only the more
+# recent ones (count provided) will be kept
+#
+## Default:
+# keepincroffulls = all
+
+## full destination URL, in duplicity format; if set, desturl overrides
+## sshoptions, destdir, desthost and destuser; it also disables testconnect and
+## bandwithlimit. For details, see duplicity manpage, section "URL FORMAT", some
+## examples include:
+## desturl = file:///usr/local/backup
+## desturl = rsync://user@other.host//var/backup/bla
+## desturl = s3+http://
+## desturl = ftp://myftpuser@ftp.example.org/remote/ftp/path
+## the default value of this configuration option is not set:
+##
+## Default:
+# desturl =
+
+## Amazon Web Services Access Key ID and Secret Access Key, needed for backups
+## to S3 buckets.
+## awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID
+## awssecretaccesskey = YOUR_AWS_SECRET_KEY
+##
+## Default:
+# awsaccesskeyid =
+# awssecretaccesskey =
+
+## RackSpace's CloudFiles username, API key, and authentication URL.
+## cfusername = YOUR_CF_USERNAME
+## cfapikey = YOUR_CF_API_KEY
+## cfauthurl = YOUR_CF_AUTH_URL
+##
+## Default:
+# cfusername =
+# cfapikey =
+# cfauthurl =
+
+## FTP password, needed for backups using desturl = ftp://...
+##
+## Default:
+# ftp_password =
+
+## bandwith limit, in Kbit/s ; default is 0, i.e. no limit
+## if using 'desturl' above, 'bandwidthlimit' must not be set
+## an example setting of 128 Kbit/s would be:
+## bandwidthlimit = 128
+##
+## Default:
+# bandwidthlimit = 0
+
+## duplicity < 0.6.17
+## ------------------
+## passed directly to ssh, scp (and sftp in duplicity >=0.4.2)
+## warning: sftp does not support all scp options, especially -i; as
+## a workaround, you can use "-o <SSHOPTION>"
+## an example setting would be:
+## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
+##
+## duplicity >= 0.6.17
+## ------------------
+## supports only "-o IdentityFile=..."
+##
+## Default:
+# sshoptions =
+
+## put the backups under this destination directory
+## if using 'desturl' above, this must not be set
+## in all other cases, this must be set!
+## an example setting would be:
+## destdir = /backups
+##
+## Default:
+# destdir =
+
+## the machine which will receive the backups
+## if using 'desturl' above, this must not be set
+## in all other cases, this must be set!
+## an example setting would be:
+## desthost = backuphost
+##
+## Default:
+# desthost =
+
+## make the files owned by this user
+## if using 'desturl' above, this must not be set
+## note: if using an SSH based transport and 'type' is set to 'remote', you must
+## be able to 'ssh backupuser@backuphost' without specifying a password.
+## an example setting would be:
+## destuser = backupuser
+##
+## Default:
+# destuser =
diff --git a/backupninja/files/handler/dup.conf b/backupninja/files/handler/dup.conf
new file mode 100644
index 0000000..55ac565
--- /dev/null
+++ b/backupninja/files/handler/dup.conf
@@ -0,0 +1,261 @@
+## This is an example duplicity configuration file.
+##
+## Here you can find all the possible duplicity options, details of
+## what the options provide and possible settings. The defaults are set
+## as the commented out option, uncomment and change when
+## necessary. Options which are uncommented in this example do not have
+## defaults, and the settings provided are recommended.
+
+## passed directly to duplicity, e.g. to increase verbosity set this to:
+## options = --verbosity 8
+## when using the Amazon S3 backend to create buckets in Europe:
+## options = --s3-european-buckets --s3-use-new-style
+##
+## Default:
+# options =
+
+## default is 0, but set to something like 19 if you want to lower the priority.
+##
+## Default:
+# nicelevel = 0
+
+## test the connection? set to no to skip the test if the remote host is alive.
+## if 'desturl' is set below, 'testconnect' must be set to 'no' for now.
+##
+## Default:
+# testconnect = yes
+
+## temporary directory used by duplicity, set to some other location if your /tmp is small
+## default is either /tmp or /usr/tmp, depending on the system
+##
+## Default:
+# tmpdir = /tmp
+
+######################################################
+## gpg section
+## (how to encrypt and optionally sign the backups)
+##
+## WARNING: old (pre-0.9.4) example.dup used to give wrong information about
+## the way the following options are used. Please read the following
+## carefully.
+##
+## If the encryptkey variable is set:
+## - data is encrypted with the GnuPG public key specified by the encryptkey
+## variable
+## - if signing is enabled, data is signed with the GnuPG private
+## key specified by the signkey variable
+## - the password variable is used to unlock the GnuPG key(s) used
+## for encryption and (optionnal) signing
+##
+## If the encryptkey option is not set:
+## - data signing is not possible
+## - the password variable is used to encrypt the data with symmetric
+## encryption: no GnuPG key pair is needed
+
+[gpg]
+
+## when set to yes, encryptkey variable must be set below; if you want to use
+## two different keys for encryption and signing, you must also set the signkey
+## variable below.
+## default is set to no, for backwards compatibility with backupninja <= 0.5.
+##
+## Default:
+# sign = no
+
+## ID of the GnuPG public key used for data encryption.
+## if not set, symmetric encryption is used, and data signing is not possible.
+## an example setting would be:
+## encryptkey = 04D9EA79
+##
+## Default:
+# encryptkey =
+
+## ID of the GnuPG private key used for data signing.
+## if not set, encryptkey will be used, an example setting would be:
+## signkey = 04D9EA79
+##
+## Default:
+# signkey =
+
+## password
+## NB: neither quote this, nor should it contain any quotes,
+## an example setting would be:
+## password = a_very_complicated_passphrase
+##
+## Default:
+# password =
+
+######################################################
+## source section
+## (where the files to be backed up are coming from)
+
+[source]
+
+## A few notes about includes and excludes:
+## 1. include, exclude and vsinclude statements support globbing with '*'
+## 2. Symlinks are not dereferenced. Moreover, an include line whose path
+## contains, at any level, a symlink to a directory, will only have the
+## symlink backed-up, not the target directory's content. Yes, you have to
+## dereference yourself the symlinks, or to use 'mount --bind' instead.
+## Example: let's say /home is a symlink to /mnt/crypt/home ; the following
+## line will only backup a "/home" symlink ; neither /home/user nor
+## /home/user/Mail will be backed-up :
+## include = /home/user/Mail
+## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to
+## write :
+## include = /mnt/crypt/home/user/Mail
+## 3. All the excludes come after all the includes. The order is not otherwise
+## taken into account.
+
+## files to include in the backup
+include = /var/spool/cron/crontabs
+include = /var/backups
+include = /etc
+include = /root
+include = /home
+include = /usr/local/bin
+include = /usr/local/sbin
+include = /var/lib/dpkg/status
+include = /var/lib/dpkg/status-old
+
+## If vservers = yes in /etc/backupninja.conf then the following variables can
+## be used:
+## vsnames = all | <vserver1> <vserver2> ... (default = all)
+## vsinclude = <path>
+## vsinclude = <path>
+## ...
+## Any path specified in vsinclude is added to the include list for each vserver
+## listed in vsnames (or all if vsnames = all, which is the default).
+##
+## For example, vsinclude = /home will backup the /home directory in every
+## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
+## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
+## and /vservers/baz/home.
+## Vservers paths are derived from $VROOTDIR.
+
+# files to exclude from the backup
+exclude = /home/*/.gnupg
+exclude = /var/cache/backupninja/duplicity
+
+######################################################
+## destination section
+## (where the files are copied to)
+
+[dest]
+
+## perform an incremental backup? (default = yes)
+## if incremental = no, perform a full backup in order to start a new backup set
+##
+## Default:
+# incremental = yes
+
+## how many days of incremental backups before doing a full backup again ;
+## default is 30 days (one can also use the time format of duplicity).
+## if increments = keep, never automatically perform a new full backup ;
+## only perform incremental backups.
+##
+## Default:
+# increments = 30
+
+## how many days of data to keep ; default is 60 days.
+## (you can also use the time format of duplicity)
+## 'keep = yes' means : do not delete old data, the remote host will take care of this
+##
+## Default:
+# keep = 60
+
+# for how many full backups do we keep their later increments ;
+# default is all (keep all increments).
+# increments for older full backups will be deleted : only the more
+# recent ones (count provided) will be kept
+#
+## Default:
+# keepincroffulls = all
+
+## full destination URL, in duplicity format; if set, desturl overrides
+## sshoptions, destdir, desthost and destuser; it also disables testconnect and
+## bandwithlimit. For details, see duplicity manpage, section "URL FORMAT", some
+## examples include:
+## desturl = file:///usr/local/backup
+## desturl = rsync://user@other.host//var/backup/bla
+## desturl = s3+http://
+## desturl = ftp://myftpuser@ftp.example.org/remote/ftp/path
+## the default value of this configuration option is not set:
+##
+## Default:
+# desturl =
+
+## Amazon Web Services Access Key ID and Secret Access Key, needed for backups
+## to S3 buckets.
+## awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID
+## awssecretaccesskey = YOUR_AWS_SECRET_KEY
+##
+## Default:
+# awsaccesskeyid =
+# awssecretaccesskey =
+
+## RackSpace's CloudFiles username, API key, and authentication URL.
+## cfusername = YOUR_CF_USERNAME
+## cfapikey = YOUR_CF_API_KEY
+## cfauthurl = YOUR_CF_AUTH_URL
+##
+## Default:
+# cfusername =
+# cfapikey =
+# cfauthurl =
+
+## FTP password, needed for backups using desturl = ftp://...
+##
+## Default:
+# ftp_password =
+
+## bandwith limit, in Kbit/s ; default is 0, i.e. no limit
+## if using 'desturl' above, 'bandwidthlimit' must not be set
+## an example setting of 128 Kbit/s would be:
+## bandwidthlimit = 128
+##
+## Default:
+# bandwidthlimit = 0
+
+## duplicity < 0.6.17
+## ------------------
+## passed directly to ssh, scp (and sftp in duplicity >=0.4.2)
+## warning: sftp does not support all scp options, especially -i; as
+## a workaround, you can use "-o <SSHOPTION>"
+## an example setting would be:
+## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
+##
+## duplicity >= 0.6.17
+## ------------------
+## supports only "-o IdentityFile=..."
+##
+## Default:
+# sshoptions =
+
+## put the backups under this destination directory
+## if using 'desturl' above, this must not be set
+## in all other cases, this must be set!
+## an example setting would be:
+## destdir = /backups
+##
+## Default:
+# destdir =
+
+## the machine which will receive the backups
+## if using 'desturl' above, this must not be set
+## in all other cases, this must be set!
+## an example setting would be:
+## desthost = backuphost
+##
+## Default:
+# desthost =
+
+## make the files owned by this user
+## if using 'desturl' above, this must not be set
+## note: if using an SSH based transport and 'type' is set to 'remote', you must
+## be able to 'ssh backupuser@backuphost' without specifying a password.
+## an example setting would be:
+## destuser = backupuser
+##
+## Default:
+# destuser =
diff --git a/backupninja/files/handler/maildir.conf b/backupninja/files/handler/maildir.conf
new file mode 100644
index 0000000..eba5429
--- /dev/null
+++ b/backupninja/files/handler/maildir.conf
@@ -0,0 +1,68 @@
+##
+## This is an example maildir configuration file.
+##
+## The maildir handler slowly creates a backup of each user's
+## maildir to a remote server. It is designed to be run with
+## low overhead in terms of CPU and bandwidth, so it runs pretty
+## slow. Hardlinking is used to save storage space. The actual
+## maildir is stored within each snapshot directory.
+##
+## The basic algorithm is to rsync each maildir individually,
+## and to use hard links for retaining historical data.
+##
+## We handle each maildir individually because it becomes very
+## unweldy to hardlink and rsync many hundreds of thousands
+## of files at once. It is much faster to take on smaller
+## chunks at a time.
+##
+## Any maildir which is deleted from the source will be moved to
+## "deleted" directory in the destination. It is up to you to
+## periodically remove this directory or old maildirs in it.
+##
+## Note: This handler assumes that the remote shell is set to bash
+##
+## The defaults are useful in most cases, just make sure
+## to configure the source and destination information
+
+when = everyday at 21:00
+
+## each users maildir will contain these files:
+## daily.1, daily.2, daily.3, daily.4, daily.5, weekly.1, weekly.2,
+## weekly.3, monthly.1
+## if keepdaily is 5, keepweekly is 3, and keepmonthly is 1
+keepdaily = 5
+keepweekly = 3
+keepmonthly = 1
+
+# directory which contains all the maildirs
+srcdir = /maildir/riseup.net
+
+# the srcdir is expected to contain the following subdirectories. Each
+# of these will contain the user's Maildirs which start with these
+# letters
+srcsubdirs = 0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z
+
+# put the backups under this directory
+destdir = /crypta/maildir/riseup.net
+desthost = kakapo-pn
+
+# For the backup rotation to work, destuser must be able to run
+# arbitrary bash commands on the desthost.
+destuser = backer
+
+# For alternate ports from the default 22, specify here
+destport = 4444
+
+# If you need to specify an alternate ssh public key authentication file
+# do that here. Default: /root/.ssh/id_rsa
+destid_file = /home/backupkeys/.ssh/maildirbackup_id_rsa
+
+# If you need to specify other ssh configuration options, do that here
+sshoptions = "-C -6"
+
+# remove any maildirs from backup which might have been deleted
+remove = yes
+
+# use a ssh-mux to reuse connections, see the following article
+# http://www.debian-administration.org/articles/290 for an example
+multiconnection = notset
diff --git a/backupninja/files/handler/mysql.conf b/backupninja/files/handler/mysql.conf
new file mode 100644
index 0000000..f9e2ff5
--- /dev/null
+++ b/backupninja/files/handler/mysql.conf
@@ -0,0 +1,48 @@
+### backupninja mysql config file ###
+
+databases = {% for db in pillar.mysql.server.databases %} {{ db.name }}{% endfor %}
+backupdir = /var/backups/mysql
+hotcopy = no
+sqldump = yes
+compress = yes
+
+### authentication ###
+
+# three authentication methods:
+#
+# 1. setting the user, so that /home/user/.my.cnf is used.
+# user = some-unix-user
+#
+# 2. specifying the mysql dbuser and dbpassword,
+# which generates a temporary .my.cnf in /root/.my.cnf
+# dbusername = <some-mysql-user>
+# dbpassword = <password>
+#
+# 3. specify which config file to use with configfile
+# (this option does not work with hotcopy)
+configfile = /etc/mysql/debian.cnf
+#
+# if user and dbusername are not specified, the default is to use
+# /etc/mysql/debian.cnf for configfile.
+
+# hotcopy = < yes | no > (default = no)
+# make a backup of the actual database binary files using mysqlhotcopy.
+#
+# sqldump = < yes | no > (default = no)
+# make a backup using mysqldump. this creates text files with sql commands
+# sufficient to recontruct the database.
+#
+# sqldumpoptions = <options>
+# (default = --lock-tables --complete-insert --add-drop-table --quick --quote-names)
+# arguments to pass to mysqldump
+#
+# compress = < yes | no > (default = yes)
+# if yes, compress the sqldump output.
+#
+# vsname = <vserver> (no default)
+# what vserver to operate on (only used if vserver = yes
+# in /etc/backupninja.conf), if you do not specify a vsname the
+# host will be operated on
+#
+# NB: databases = all doesn't seem to work with hotcopy = yes
+# when vsname is specified, I would like to know how to fix this.
diff --git a/backupninja/files/handler/pgsql.conf b/backupninja/files/handler/pgsql.conf
new file mode 100644
index 0000000..f934695
--- /dev/null
+++ b/backupninja/files/handler/pgsql.conf
@@ -0,0 +1,37 @@
+### backupninja PostgreSQL config file ###
+
+# vsname = <vserver> (no default)
+# what vserver to operate on, only used if vserver = yes in /etc/backupninja.conf
+# if you do not specify a vsname the host will be operated on
+# Note: if operating on a vserver, $VROOTDIR will be prepended to backupdir.
+
+backupdir = /var/backups/postgresql
+# where to dump the backups
+
+databases = {% for db in pillar.postgresql.server.get('databases', []) %} {{ db.name }}{% endfor %} {% for db_name, db in pillar.postgresql.server.get('database', {}).iteritems() %} {{ db_name }}{% endfor %}
+# which databases to backup. should either be the word 'all' or a
+# space separated list of database names.
+# Note: when using 'all', pg_dumpall is used instead of pg_dump, which means
+# that cluster-wide data (such as users and groups) are saved.
+
+# compress = < yes | no > (default = yes)
+# if yes, compress the pg_dump/pg_dumpall output.
+
+format = custom
+# format = < plain | tar | custom > (default = plain)
+# plain - Output a plain-text SQL script file with the extension .sql.
+# When dumping all databases, a single file is created via pg_dumpall.
+# tar - Output a tar archive suitable for input into pg_restore. More
+# flexible than plain and can be manipulated by standard Unix tools
+# such as tar. Creates a globals.sql file and an archive per database.
+# custom - Output a custom PostgreSQL pg_restore archive. This is the most
+# flexible format allowing selective import and reordering of database
+# objects at the time the database is restored via pg_restore. This
+# option creates a globals.sql file containing the cluster role and
+# other information dumped by pg_dumpall -g and a pg_restore file
+# per selected database. See the pg_dump and pg_restore man pages.
+
+### You can also set the following variables in /etc/backupninja.conf:
+# PGSQLDUMP: pg_dump path (default: /usr/bin/pg_dump)
+# PGSQLDUMPALL: pg_dumpall path (default: /usr/bin/pg_dumpall)
+# PGSQLUSER: user running PostgreSQL (default: postgres)
diff --git a/backupninja/files/handler/rdiff.conf b/backupninja/files/handler/rdiff.conf
new file mode 100644
index 0000000..e8ce542
--- /dev/null
+++ b/backupninja/files/handler/rdiff.conf
@@ -0,0 +1,169 @@
+##
+## This is an example rdiff-backup configuration file.
+##
+## Here you can find all the possible rdiff-backup options, details of
+## what the options provide and possible settings. The defaults are set
+## as the commented out option, uncomment and change when
+## necessary. Options which are uncommented in this example do not have
+## defaults, and the settings provided are recommended.
+##
+## The defaults are useful in most cases, just make sure to configure the
+## destination host and user.
+##
+
+## passed directly to rdiff-backup
+## an example setting would be:
+## options = --force
+##
+## Default:
+# options =
+
+## default is 0, but set to 19 if you want to lower the priority.
+## an example setting would be:
+## nicelevel = 19
+##
+## Default
+# nicelevel = 0
+
+## default is yes. set to no to skip the test if the remote host is alive
+##
+## Default:
+# testconnect = no
+
+## default is not to limit bandwidth.
+## set to a number in bytes/second to limit bandwidth usage. Use a negative
+## number to set a limit that will never be exceeded, or a positive number
+## to set a target average bandwidth use. cstream is required. See cstream's
+## -t option for more information. 62500 bytes = 500 Kb (.5 Mb)
+## an example setting would be:
+## bwlimit = 62500
+##
+## Default:
+# bwlimit = 0
+
+## should backupninja ignore the version differences between source and remote
+## rdiff-backup? (default: no)
+## This could be useful if the version differences between rdiff-backup instances
+## on remote and local side are different, and you are certain there are no
+## problems in using mis-matched versions and want to get beyond this check.
+## An example usage could be the remote side has its authorized_keys configured
+## with command="rdiff-backup --server" to allow for restricted yet automated
+## password-less backups
+##
+## Default:
+# ignore_version = no
+
+######################################################
+## source section
+## (where the files to be backed up are coming from)
+
+[source]
+
+## an optional subdirectory below 'directory' (see [dest])
+label = thishostname
+
+## type can be "local" or "remote"
+type = local
+
+## only use if '[source] type = remote'
+# host = srchost
+# user = srcuser
+
+## how many days of data to keep
+## (you can also use the time format of rdiff-backup, e.g. 6D5h)
+## (to keep everything, set this to yes)
+## an example setting would be:
+##keep = yes
+##
+## Default:
+# keep = 60
+
+## A few notes about includes and excludes:
+## 1. include, exclude and vsinclude statements support globbing with '*'
+## 2. Symlinks are not dereferenced. Moreover, an include line whose path
+## contains, at any level, a symlink to a directory, will only have the
+## symlink backed-up, not the target directory's content. Yes, you have to
+## dereference yourself the symlinks, or to use 'mount --bind' instead.
+## Example: let's say /home is a symlink to /mnt/crypt/home ; the following
+## line will only backup a "/home" symlink ; neither /home/user nor
+## /home/user/Mail will be backed-up :
+## include = /home/user/Mail
+## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to
+## write :
+## include = /mnt/crypt/home/user/Mail
+## 3. All the excludes come after all the includes. The order is not otherwise
+## taken into account.
+
+## files to include in the backup
+include = /var/spool/cron/crontabs
+include = /var/backups
+include = /etc
+include = /root
+include = /home
+include = /usr/local/bin
+include = /usr/local/sbin
+include = /var/lib/dpkg/status
+include = /var/lib/dpkg/status-old
+
+## If vservers = yes in /etc/backupninja.conf then the following variables can
+## be used:
+## vsnames = all | <vserver1> <vserver2> ... (default = all)
+## vsinclude = <path>
+## vsinclude = <path>
+## ...
+## Any path specified in vsinclude is added to the include list for each vserver
+## listed in vsnames (or all if vsnames = all, which is the default).
+##
+## For example, vsinclude = /home will backup the /home directory in every
+## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
+## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
+## and /vservers/baz/home.
+## Vservers paths are derived from $VROOTDIR.
+
+## files to exclude from the backup
+exclude = /home/*/.gnupg
+exclude = /var/cache/backupninja/duplicity
+
+######################################################
+## destination section
+## (where the files are copied to)
+
+[dest]
+
+## type can be "local" or "remote", this must be set!
+## an example configuration would be:
+## type = remote
+##
+## Default:
+# type =
+
+## put the backups under this directory, this must be set!
+## an example setting would be:
+## directory = /backups
+##
+## Default:
+# directory =
+
+## the machine which will receive the backups.
+## only use if "[dest] type = remote"
+## an example setting would be:
+## host = backuphost
+##
+## Default
+# host =
+
+## make the files owned by this user. you must be able to
+## `su -c "ssh backupuser@backhost"` without specifying a password.
+## only use if "[dest] type = remote"
+## an example setting would be:
+## user = backupuser
+##
+## Default:
+# user =
+
+## passed directly to ssh
+## an example setting would be:
+## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
+##
+## Default:
+# sshoptions =
diff --git a/backupninja/files/handler/rsync.conf b/backupninja/files/handler/rsync.conf
new file mode 100755
index 0000000..7d43ff1
--- /dev/null
+++ b/backupninja/files/handler/rsync.conf
@@ -0,0 +1,233 @@
+#
+# rsync handler example file
+#
+# Mandatory options are uncommented with sugested values
+# Other options are commented out with their default values
+#
+# Note: You dont need to manually specify vservers using "include = /vservers".
+# They're automatically backuped if vserver is set to "yes" on you backupninja.conf.
+
+[general]
+
+# rsync log file
+#log = /var/log/backup/rsync.log
+
+# partition device where the backup lives
+# just use this option if your data is backed up in a separate partition and
+# you want backupninja to fsck it; this option will just be used if fscheck
+# (see below) is set to 'yes'
+#partition =
+
+# set to 1 if fsck should run on partition after the backup is made
+#fscheck =
+
+# set to 1 if partition is mounted read-only
+#read_only =
+
+# backup partition mountpoint or backup main folder
+# this doesn't need to be a real partition, but should be at least the
+# main folder where the backup is being stored
+mountpoint = /srv/backupninja
+
+# folder relative do mountpoint where the backup should be stored
+backupdir = {{ pillar.linux.system.name }}.{{ pillar.linux.system.domain }}
+
+# temp folder
+#tmp = /tmp
+
+# specify backup storage format: short, long or mirror (i.e, no rotations)
+#
+# In the short format, incremental backups are rotated every day the handler
+# runs an by a finite number of times (backup.0, backup.1, backup.1, etc), so
+# if you want to have incremental backups for longer periods (like months) you
+# have to configure rotations for 30 or more using the "days" parameter at the
+# [general] section in the handler config.
+#
+# The short format is better described here:
+# http://www.mikerubel.org/computers/rsync_snapshots/#Incremental
+#
+# The long format is inspired by the maildir handler and allows keeping backups
+# of longer periods (weeks and months) using less rotations as it stores
+# the increments in folders like daily.1, weekly.1, monthly.1 and has three
+# rotation parameters:
+#
+# keepdaily = number of daily backup increments
+# keepweekly = number of weekly backup increments
+# keepmonthly = number of monthly backup increments
+#
+format = short
+
+# for short storage format, specify the number of backup increments (min = 2, set to 1 or less to disable)
+#
+# Note that setting days = 0 is almost the same as using format = mirror except
+# that with the days config your backup gets a .0 suffix at the destination
+# folder, making it easier to turn it later to an incremental backup.
+#
+days = 7
+
+# for long storage format, specify the number of daily backup increments
+#keepdaily = 7
+
+# for long storage format, specify the number of weekly backup increments
+#keepweekly = 3
+
+# for long storage format, specify the number of monthly backup increments
+#keepmonthly = 1
+
+# rsync command nice level
+#nicelevel = 0
+
+# set to "yes" if your system isnt handling timestamps correctly
+#enable_mv_timestamp_bug = no
+
+# temp folder
+#tmp = /tmp
+
+# set to "yes" if you want to use multiconnection ssh support
+#multiconnection = no
+
+[source]
+
+# where the data to be backed up is (local or remote)
+from = local
+
+# if remote source, specify the hostname or IP
+#host =
+
+# remote port number (remote source only)
+#port = 22
+
+# remote user name (remote source only)
+#user =
+
+# when "yes", test the connection for a remote source before backup
+#testconnect = no
+
+{% include service_config %}
+
+# exlude some vserver from backup
+# this is used only if vservers = yes on backupninja.conf
+exclude_vserver = excluded_vserver1
+exclude_vserver = excluded_vserver2
+
+# ssh command line (remote only)
+#ssh = ssh
+
+# ssh or rsync (remote source only)
+#protocol = ssh
+
+# rsync program
+# it defaults to $RSYNC value from backupninja.conf
+#rsync = $RSYNC
+
+# rsync command options
+#rsync_options = "-av --delete --recursive"
+
+# when set to 1, use numeric ids instead of user/group mappings on rsync
+#numericids =
+
+# if set to 1, compress data on rsync (remote source only)
+#compress = 0
+
+# set a bandwidth limit in KB/s (remote source only)
+#bandwidthlimit =
+
+# remote rsync program (remote source only)
+#remote_rsync = rsync
+
+# ssh key file (remote source only)
+#id_file = /root/.ssh/id_dsa
+
+# set to "yes" to rsync use a batch file as source
+#batch = no
+
+# folder where the batch file is located
+#batchbase =
+
+# set yes if you want rsync to use a file list source
+#filelist = no
+
+# folder where the file list is placed
+#filelistbase =
+
+[dest]
+
+# backup destination type (local or remote)
+dest = remote
+
+# when "yes", test the connection for a remote source before backup
+testconnect = yes
+
+# ssh command line (remote dest only)
+#ssh = ssh
+
+# ssh or rsync (remote dest only)
+#protocol = ssh
+
+# when set to 1, use numeric ids instead of user/group mappings on rsync
+#numericids =
+
+# if set to 1, compress data on rsync (remote source only)
+#compress = 0
+
+# destination host name (remote destination only)
+host = {{ pillar.backupninja.client.target.host }}
+
+# remote port number (remote destination only)
+{% if pillar.backupninja.client.target.port is defined %}
+port = {{ pillar.backupninja.client.target.port }}
+{% else %}
+port = 22
+{% endif %}
+
+# remote user name (remote destination only)
+user = {{ pillar.backupninja.client.target.user }}
+
+# ssh key file (remote destination only)
+id_file = /root/.ssh/id_rsa
+
+# set a bandwidth limit in KB/s (remote destination only)
+#bandwidthlimit =
+
+# remote rsync program (remote dest only)
+#remote_rsync = rsync
+
+# set to "yes" to rsync write a batch file from the changes
+#batch = no
+
+# folder where the batch file should be written
+#batchbase = /var/backups/rsync/batches
+
+# set to yes so rsync use the --fake-super flag (remote destination only)
+#fakesuper = yes
+
+# This section is used to stop and start services that should be turned of
+# during the backup procedure.
+#
+#[services]
+#
+# absolute path where scripts are located
+#initscripts = /etc/init.d
+#
+# script name to be stoped at the begining of the backup and started at its end
+#service =
+
+# You can also specify some system comands if you don't want the default system values
+# by enabling the section below.
+#
+#[system]
+#
+# rm command
+#rm = rm
+#
+# cp command
+#cp = cp
+#
+# touch command
+#touch = touch
+#
+# mv command
+#mv = mv
+#
+# fsck command
+#fsck = fsck
diff --git a/backupninja/files/handler/sh.conf b/backupninja/files/handler/sh.conf
new file mode 100644
index 0000000..75b0162
--- /dev/null
+++ b/backupninja/files/handler/sh.conf
@@ -0,0 +1,4 @@
+# Note: the spaces around the equal sign ('=') are optional.
+when = saturdays at 05:30
+
+dpkg --get-selections > /var/backups/dpkg-selections.txt
diff --git a/backupninja/files/handler/svn.conf b/backupninja/files/handler/svn.conf
new file mode 100644
index 0000000..ea43601
--- /dev/null
+++ b/backupninja/files/handler/svn.conf
@@ -0,0 +1,26 @@
+##
+## Perform a hot backup of subversion repositories.
+##
+## REQUIRES: apt-get install subversion-tools
+##
+## This file can be empty, the defaults are usually good.
+##
+
+## where subversion data lives
+# src = /var/lib/svn
+
+## where to save the backups to
+# dest = /var/backups/svn
+
+## where to save temporary backups
+## (if successful, $tmp is moved to $dest)
+# tmp = /var/backups/svn.tmp
+
+## the hotbackup program to use.
+## svnadmin hotcopy now exists, the following script is located
+## in /usr/share/doc/subversion/examples now if you wish to use
+## it instead
+# HOTBACKUP = /usr/lib/subversion/hot-backup.py
+
+## the name of the vserver containing svn, if using vservers
+# vsname =
diff --git a/backupninja/files/handler/sys.conf b/backupninja/files/handler/sys.conf
new file mode 100644
index 0000000..fe34646
--- /dev/null
+++ b/backupninja/files/handler/sys.conf
@@ -0,0 +1,70 @@
+#
+# this config file will save various reports of vital system information.
+# by default, all the reports are saved in /var/backups.
+#
+# requires dpkg, debconf-utils, sfdisk, and hwinfo
+#
+# (1) a capture of the debconf package selection states. This file
+# can be used to restore the answers to debconf questions for
+# packages that you will be installing through (2) below. To
+# do this, run: "debconf-set-selections < debconfsel.txt"
+#
+# (2) a list of all the packages installed and removed.
+# this file can be used to restore the state of installed packages
+# by running "dpkg --set-selections < dpkg-selections.txt and
+# then run "apt-get -u dselect-upgrade". If you have the
+# debconf-set-selections file from (1), you should restore those first.
+#
+# (3) the partition table of all disks.
+# this partition table can be used to format another disk of
+# the same size. this can be handy if using software raid and
+# you have a disk go bad. just replace the disk and partition it
+# by running "sfdisk /dev/sdb < partitions.sdb.txt"
+# (MAKE SURE YOU PARTITION THE CORRECT DISK!!!)
+#
+# (4) hardware information.
+# detailed information on most important aspects of the hardware.
+#
+# (5) the Luks header of every Luks block device, if option luksheaders
+# is enabled.
+# in case you (have to) scramble such a Luks header (for some time),
+# and restore it later by running "dd if=luksheader.sda2.bin of=/dev/sda2"
+# (MAKE SURE YOU PASS THE CORRECT DEVICE AS of= !!!)
+#
+# (6) LVM metadata for every detected volume group, if "lvm = yes"
+#
+
+# here are the defaults, commented out:
+
+# The output from the sys handler will be placed in $parentdir
+# parentdir = /var/backups
+# packages = yes
+# packagesfile = /var/backups/dpkg-selections.txt
+# selectionsfile = /var/backups/debconfsel.txt
+
+# partitions = yes
+# NOTE: the __star__ below will be replaced by the disks found on the
+# system (e.g. partitions.sda.txt, partitions.sdb.txt). If you change
+# the partitionsfile default below, be sure to include the __star__
+# replacement in the filename, or you will get one file for only one disk,
+# the others being written to the same file, and then overwritten by the next.
+# partitionsfile = /var/backups/partitions.__star__.txt
+# dosfdisk = yes
+
+# hardware = yes
+# hardwarefile = /var/backups/hardware.txt
+# dohwinfo = yes
+
+# luksheaders = no
+# NOTE: the __star__ below will be replaced by the Luks partitions found on the
+# system (e.g. luksheader.sda2.bin, luksheader.sdb3.bin). If you change
+# the luksheadersfile default below, be sure to include the __star__
+# replacement in the filename, or you will get one file for only one partition,
+# the others being written to the same file, and then overwritten by the next.
+# luksheadersfile = /var/backups/luksheader.__star__.bin
+
+# lvm = no
+
+# If vservers = yes in /etc/backupninja.conf then the following variables can
+# be used:
+# vsnames = all | <vserver1> <vserver2> ... (default = all)
diff --git a/backupninja/files/rdiff.conf b/backupninja/files/rdiff.conf
new file mode 100644
index 0000000..1f41861
--- /dev/null
+++ b/backupninja/files/rdiff.conf
@@ -0,0 +1,171 @@
+{%- from "backupninja/map.jinja" import client with context %}
+{%- from "linux/map.jinja" import system with context %}
+##
+## This is an example rdiff-backup configuration file.
+##
+## Here you can find all the possible rdiff-backup options, details of
+## what the options provide and possible settings. The defaults are set
+## as the commented out option, uncomment and change when
+## necessary. Options which are uncommented in this example do not have
+## defaults, and the settings provided are recommended.
+##
+## The defaults are useful in most cases, just make sure to configure the
+## destination host and user.
+##
+
+## passed directly to rdiff-backup
+## an example setting would be:
+## options = --force
+##
+## Default:
+# options =
+
+## default is 0, but set to 19 if you want to lower the priority.
+## an example setting would be:
+## nicelevel = 19
+##
+## Default
+# nicelevel = 0
+
+## default is yes. set to no to skip the test if the remote host is alive
+##
+## Default:
+# testconnect = no
+
+## default is not to limit bandwidth.
+## set to a number in bytes/second to limit bandwidth usage. Use a negative
+## number to set a limit that will never be exceeded, or a positive number
+## to set a target average bandwidth use. cstream is required. See cstream's
+## -t option for more information. 62500 bytes = 500 Kb (.5 Mb)
+## an example setting would be:
+## bwlimit = 62500
+##
+## Default:
+# bwlimit = 0
+
+## should backupninja ignore the version differences between source and remote
+## rdiff-backup? (default: no)
+## This could be useful if the version differences between rdiff-backup instances
+## on remote and local side are different, and you are certain there are no
+## problems in using mis-matched versions and want to get beyond this check.
+## An example usage could be the remote side has its authorized_keys configured
+## with command="rdiff-backup --server" to allow for restricted yet automated
+## password-less backups
+##
+## Default:
+# ignore_version = no
+
+######################################################
+## source section
+## (where the files to be backed up are coming from)
+
+[source]
+
+## an optional subdirectory below 'directory' (see [dest])
+label = thishostname
+
+## type can be "local" or "remote"
+type = local
+
+## only use if '[source] type = remote'
+# host = srchost
+# user = srcuser
+
+## how many days of data to keep
+## (you can also use the time format of rdiff-backup, e.g. 6D5h)
+## (to keep everything, set this to yes)
+## an example setting would be:
+##keep = yes
+##
+## Default:
+# keep = 60
+
+## A few notes about includes and excludes:
+## 1. include, exclude and vsinclude statements support globbing with '*'
+## 2. Symlinks are not dereferenced. Moreover, an include line whose path
+## contains, at any level, a symlink to a directory, will only have the
+## symlink backed-up, not the target directory's content. Yes, you have to
+## dereference yourself the symlinks, or to use 'mount --bind' instead.
+## Example: let's say /home is a symlink to /mnt/crypt/home ; the following
+## line will only backup a "/home" symlink ; neither /home/user nor
+## /home/user/Mail will be backed-up :
+## include = /home/user/Mail
+## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to
+## write :
+## include = /mnt/crypt/home/user/Mail
+## 3. All the excludes come after all the includes. The order is not otherwise
+## taken into account.
+
+## files to include in the backup
+include = /var/spool/cron/crontabs
+include = /var/backups
+include = /etc
+include = /root
+include = /home
+include = /usr/local/bin
+include = /usr/local/sbin
+include = /var/lib/dpkg/status
+include = /var/lib/dpkg/status-old
+
+## If vservers = yes in /etc/backupninja.conf then the following variables can
+## be used:
+## vsnames = all | <vserver1> <vserver2> ... (default = all)
+## vsinclude = <path>
+## vsinclude = <path>
+## ...
+## Any path specified in vsinclude is added to the include list for each vserver
+## listed in vsnames (or all if vsnames = all, which is the default).
+##
+## For example, vsinclude = /home will backup the /home directory in every
+## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
+## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
+## and /vservers/baz/home.
+## Vservers paths are derived from $VROOTDIR.
+
+## files to exclude from the backup
+exclude = /home/*/.gnupg
+exclude = /var/cache/backupninja/duplicity
+
+######################################################
+## destination section
+## (where the files are copied to)
+
+[dest]
+
+## type can be "local" or "remote", this must be set!
+## an example configuration would be:
+## type = remote
+##
+## Default:
+# type =
+
+## put the backups under this directory, this must be set!
+## an example setting would be:
+## directory = /backups
+##
+## Default:
+# directory =
+
+## the machine which will receive the backups.
+## only use if "[dest] type = remote"
+## an example setting would be:
+## host = backuphost
+##
+## Default
+# host =
+
+## make the files owned by this user. you must be able to
+## `su -c "ssh backupuser@backhost"` without specifying a password.
+## only use if "[dest] type = remote"
+## an example setting would be:
+## user = backupuser
+##
+## Default:
+# user =
+
+## passed directly to ssh
+## an example setting would be:
+## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity
+##
+## Default:
+# sshoptions =
diff --git a/backupninja/files/rsync.conf b/backupninja/files/rsync.conf
new file mode 100644
index 0000000..f3ae9d0
--- /dev/null
+++ b/backupninja/files/rsync.conf
@@ -0,0 +1,234 @@
+{%- from "backupninja/map.jinja" import client with context %}
+{%- from "linux/map.jinja" import system with context %}
+#
+# rsync handler file
+#
+
+[general]
+
+# rsync log file
+#log = /var/log/backup/rsync.log
+
+# partition device where the backup lives
+# just use this option if your data is backed up in a separate partition and
+# you want backupninja to fsck it; this option will just be used if fscheck
+# (see below) is set to 'yes'
+#partition =
+
+# set to 1 if fsck should run on partition after the backup is made
+#fscheck =
+
+# set to 1 if partition is mounted read-only
+#read_only =
+
+# backup partition mountpoint or backup main folder
+# this doesn't need to be a real partition, but should be at least the
+# main folder where the backup is being stored
+mountpoint = /srv/backupninja
+
+# folder relative do mountpoint where the backup should be stored
+backupdir = {{ system.name }}.{{ system.domain }}
+
+# temp folder
+#tmp = /tmp
+
+# specify backup storage format: short, long or mirror (i.e, no rotations)
+#
+# In the short format, incremental backups are rotated every day the handler
+# runs an by a finite number of times (backup.0, backup.1, backup.1, etc), so
+# if you want to have incremental backups for longer periods (like months) you
+# have to configure rotations for 30 or more using the "days" parameter at the
+# [general] section in the handler config.
+#
+# The short format is better described here:
+# http://www.mikerubel.org/computers/rsync_snapshots/#Incremental
+#
+# The long format is inspired by the maildir handler and allows keeping backups
+# of longer periods (weeks and months) using less rotations as it stores
+# the increments in folders like daily.1, weekly.1, monthly.1 and has three
+# rotation parameters:
+#
+# keepdaily = number of daily backup increments
+# keepweekly = number of weekly backup increments
+# keepmonthly = number of monthly backup increments
+#
+format = short
+
+# for short storage format, specify the number of backup increments (min = 2, set to 1 or less to disable)
+#
+# Note that setting days = 0 is almost the same as using format = mirror except
+# that with the days config your backup gets a .0 suffix at the destination
+# folder, making it easier to turn it later to an incremental backup.
+#
+days = 7
+
+# for long storage format, specify the number of daily backup increments
+#keepdaily = 7
+
+# for long storage format, specify the number of weekly backup increments
+#keepweekly = 3
+
+# for long storage format, specify the number of monthly backup increments
+#keepmonthly = 1
+
+# rsync command nice level
+#nicelevel = 0
+
+# set to "yes" if your system isnt handling timestamps correctly
+#enable_mv_timestamp_bug = no
+
+# temp folder
+#tmp = /tmp
+
+# set to "yes" if you want to use multiconnection ssh support
+#multiconnection = no
+
+[source]
+
+# where the data to be backed up is (local or remote)
+from = local
+
+# if remote source, specify the hostname or IP
+#host =
+
+# remote port number (remote source only)
+#port = 22
+
+# remote user name (remote source only)
+#user =
+
+# when "yes", test the connection for a remote source before backup
+#testconnect = no
+
+{% include service_config %}
+
+# exlude some vserver from backup
+# this is used only if vservers = yes on backupninja.conf
+#exclude_vserver = excluded_vserver1
+#exclude_vserver = excluded_vserver2
+
+# ssh command line (remote only)
+#ssh = ssh
+
+# ssh or rsync (remote source only)
+#protocol = ssh
+
+# rsync program
+# it defaults to $RSYNC value from backupninja.conf
+#rsync = $RSYNC
+
+# rsync command options
+#rsync_options = "-av --delete --recursive"
+
+# when set to 1, use numeric ids instead of user/group mappings on rsync
+#numericids =
+
+# if set to 1, compress data on rsync (remote source only)
+#compress = 0
+
+# set a bandwidth limit in KB/s (remote source only)
+#bandwidthlimit =
+
+# remote rsync program (remote source only)
+#remote_rsync = rsync
+
+# ssh key file (remote source only)
+#id_file = /root/.ssh/id_dsa
+
+# set to "yes" to rsync use a batch file as source
+#batch = no
+
+# folder where the batch file is located
+#batchbase =
+
+# set yes if you want rsync to use a file list source
+#filelist = no
+
+# folder where the file list is placed
+#filelistbase =
+
+[dest]
+
+# backup destination type (local or remote)
+dest = remote
+
+# when "yes", test the connection for a remote source before backup
+testconnect = no
+
+# ssh command line (remote dest only)
+#ssh = ssh
+
+# ssh or rsync (remote dest only)
+#protocol = ssh
+
+# when set to 1, use numeric ids instead of user/group mappings on rsync
+#numericids =
+
+# if set to 1, compress data on rsync (remote source only)
+#compress = 0
+
+# destination host name (remote destination only)
+host = {{ client.target.host }}
+
+# remote port number (remote destination only)
+{% if client.target.port is defined %}
+port = {{ client.target.port }}
+{% else %}
+port = 22
+{% endif %}
+
+# remote user name (remote destination only)
+user = {{ client.target.user }}
+
+# ssh key file (remote destination only)
+id_file = /root/.ssh/id_rsa
+
+# set a bandwidth limit in KB/s (remote destination only)
+#bandwidthlimit =
+
+# remote rsync program (remote dest only)
+#remote_rsync = rsync
+
+# set to "yes" to rsync write a batch file from the changes
+#batch = no
+
+# folder where the batch file should be written
+#batchbase = /var/backups/rsync/batches
+
+# set to yes so rsync use the --fake-super flag (remote destination only)
+#fakesuper = yes
+
+# This section is used to stop and start services that should be turned of
+# during the backup procedure.
+#
+#[services]
+#
+# absolute path where scripts are located
+#initscripts = /etc/init.d
+#
+# script name to be stoped at the begining of the backup and started at its end
+#service =
+
+# You can also specify some system comands if you don't want the default system values
+# by enabling the section below.
+#
+#[system]
+#
+# rm command
+#rm = rm
+#
+# cp command
+#cp = cp
+#
+# touch command
+#touch = touch
+#
+# mv command
+#mv = mv
+#
+# fsck command
+#fsck = fsck
+
+{%- if client.config_monkeypatch is defined and client.config_monkeypatch %}
+{% include service_config_monkeypatch %}
+{%- endif %}
\ No newline at end of file
diff --git a/backupninja/init.sls b/backupninja/init.sls
new file mode 100644
index 0000000..a2f94d7
--- /dev/null
+++ b/backupninja/init.sls
@@ -0,0 +1,10 @@
+
+{%- if pillar.backupninja is defined %}
+include:
+{%- if pillar.backupninja.client is defined %}
+- backupninja.client
+{%- endif %}
+{%- if pillar.backupninja.server is defined %}
+- backupninja.server
+{%- endif %}
+{%- endif %}
diff --git a/backupninja/map.jinja b/backupninja/map.jinja
new file mode 100644
index 0000000..efc358a
--- /dev/null
+++ b/backupninja/map.jinja
@@ -0,0 +1,47 @@
+{% set services = [
+ 'csb.server',
+ 'gitlab.server',
+ 'leonardo.server',
+ 'moodle.server',
+ 'mysql.server',
+ 'postgresql.server',
+ 'redmine.server',
+ 'taiga.server',
+ 'webcms.server',
+] %}
+{%- if grains.osrelease >= '14.04' %}
+{% set config_monkeypatch = True %}
+{%- else %}
+{% set config_monkeypatch = False %}
+{%- endif %}
+
+{% set client = salt['grains.filter_by']({
+ 'Debian': {
+ 'pkgs': ['backupninja', 'debconf-utils'],
+ 'service': 'backupninja',
+ 'report_email': 'root',
+ 'config': '/etc/default/backupninja',
+ 'supported_services': services,
+ 'config_monkeypatch': '{{ config_monkeypatch }}'
+ },
+ 'RedHat': {
+ 'pkgs': ['backupninja'],
+ 'service': 'backupninja',
+ 'report_email': 'root',
+ 'config': '/etc/sysconfig/backupninja',
+ 'supported_services': services
+ },
+}, merge=salt['pillar.get']('backupninja:client')) %}
+
+{% set server = salt['grains.filter_by']({
+ 'Debian': {
+ 'pkgs': ['rsync'],
+ 'home_dir': '/srv/backupninja',
+ 'keys': [],
+ },
+ 'RedHat': {
+ 'pkgs': ['rsync'],
+ 'home_dir': '/srv/backupninja',
+ 'keys': [],
+ },
+}, merge=salt['pillar.get']('backupninja:server')) %}
\ No newline at end of file
diff --git a/backupninja/server.sls b/backupninja/server.sls
new file mode 100644
index 0000000..ee48694
--- /dev/null
+++ b/backupninja/server.sls
@@ -0,0 +1,35 @@
+{%- from "backupninja/map.jinja" import server with context %}
+{%- if server.enabled %}
+
+backupninja_server_packages:
+ pkg.installed:
+ - names: {{ server.pkgs }}
+
+backupninja_user:
+ user.present:
+ - name: backupninja
+ - system: true
+ - home: /srv/backupninja
+
+/srv/backupninja:
+ file.directory:
+ - mode: 700
+ - user: backupninja
+ - group: backupninja
+ - makedirs: true
+ - require:
+ - user: backupninja_user
+ - pkg: backupninja_server_packages
+
+{%- for key in server.keys %}
+
+backupninja_key_{{ key.key }}:
+ ssh_auth.present:
+ - user: backupninja
+ - name: {{ key.key }}
+ - require:
+ - file: /srv/backupninja
+
+{%- endfor %}
+
+{%- endif %}
\ No newline at end of file
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..b5b3ae8
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,11 @@
+salt-formula-backupninja (0.2) trusty; urgency=medium
+
+ * First public release
+
+ -- Filip Pytloun <filip.pytloun@tcpcloud.eu> Tue, 06 Oct 2015 16:38:36 +0200
+
+salt-formula-backupninja (0.1) trusty; urgency=medium
+
+ * Initial release
+
+ -- Ales Komarek <ales.komarek@tcpcloud.eu> Thu, 13 Aug 2015 23:23:41 +0200
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..ea09b09
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,15 @@
+Source: salt-formula-backupninja
+Maintainer: Ales Komarek <ales.komarek@tcpcloud.eu>
+Section: admin
+Priority: optional
+Build-Depends: debhelper (>= 9)
+Standards-Version: 3.9.6
+Homepage: http://www.tcpcloud.eu
+Vcs-Browser: https://github.com/tcpcloud/salt-formula-backupninja
+Vcs-Git: https://github.com/tcpcloud/salt-formula-backupninja.git
+
+Package: salt-formula-backupninja
+Architecture: all
+Depends: ${misc:Depends}, salt-master, reclass
+Description: Backupninja salt formula
+ Install and configure Backupninja backup system.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..ea751db
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,15 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: salt-formula-backupninja
+Upstream-Contact: Ales Komarek <ales.komarek@tcpcloud.eu>
+Source: https://github.com/tcpcloud/salt-formula-backupninja
+
+Files: *
+Copyright: 2014-2015 tcp cloud a.s.
+License: Apache-2.0
+ Copyright (C) 2014-2015 tcp cloud a.s.
+ .
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ .
+ On a Debian system you can find a copy of this license in
+ /usr/share/common-licenses/Apache-2.0.
diff --git a/debian/docs b/debian/docs
new file mode 100644
index 0000000..d585829
--- /dev/null
+++ b/debian/docs
@@ -0,0 +1,3 @@
+README.rst
+CHANGELOG.rst
+VERSION
diff --git a/debian/install b/debian/install
new file mode 100644
index 0000000..dfe244c
--- /dev/null
+++ b/debian/install
@@ -0,0 +1,2 @@
+backupninja/* /usr/share/salt-formulas/env/backupninja/
+metadata/service/* /usr/share/salt-formulas/reclass/service/backupninja/
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..abde6ef
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,5 @@
+#!/usr/bin/make -f
+
+%:
+ dh $@
+
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..89ae9db
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (native)
diff --git a/metadata/service/client/init.yml b/metadata/service/client/init.yml
new file mode 100644
index 0000000..37c3106
--- /dev/null
+++ b/metadata/service/client/init.yml
@@ -0,0 +1,12 @@
+applications:
+- backupninja
+parameters:
+ _param:
+ backupninja_target_host: 127.0.0.1
+ backupninja:
+ client:
+ enabled: true
+ target:
+ engine: rsync
+ host: ${_param:backupninja_target_host}
+ user: backupninja
\ No newline at end of file
diff --git a/metadata/service/server/single.yml b/metadata/service/server/single.yml
new file mode 100644
index 0000000..5d7ab75
--- /dev/null
+++ b/metadata/service/server/single.yml
@@ -0,0 +1,7 @@
+applications:
+- backupninja
+parameters:
+ backupninja:
+ server:
+ enabled: true
+ rdiff: true
\ No newline at end of file