Add backupninja meta for dogtag formula
Related: PROD-32863
Change-Id: I47c740a38455b469d8dc4c641998a1a55b03f5a6
diff --git a/dogtag/meta/backupninja.yml b/dogtag/meta/backupninja.yml
new file mode 100644
index 0000000..c894906
--- /dev/null
+++ b/dogtag/meta/backupninja.yml
@@ -0,0 +1,26 @@
+backup:
+ dogtag-prepare:
+ handler: sh
+ actions:
+ - cmd: |
+ grep internal= /var/lib/pki/pki-tomcat/conf/password.conf | awk -F= '{print $2}' > /etc/dogtag/internal.txt
+ grep internaldb= /var/lib/pki/pki-tomcat/conf/password.conf | awk -F= '{print $2}' > /etc/dogtag/pass.txt
+ PKCS12Export -debug -d /var/lib/pki/pki-tomcat/alias -p /etc/dogtag/internal.txt -o /etc/dogtag/ca-certs.p12 -w /etc/dogtag/pass.txt
+ echo '-----BEGIN NEW CERTIFICATE REQUEST-----' > /etc/dogtag/ca_signing.csr
+ sed -n '/^ca.signing.certreq=/ s/^[^=]*=// p' < /var/lib/pki/pki-tomcat/ca/conf/CS.cfg >> /etc/dogtag/ca_signing.csr
+ echo '-----END NEW CERTIFICATE REQUEST-----' >> /etc/dogtag/ca_signing.csr
+ /usr/sbin/db2bak-online -Z pki-tomcat -j /etc/dogtag/pass.txt -A /var/lib/dirsrv/slapd-pki-tomcat/bak
+ rm -f /etc/dogtag/internal.txt /etc/dogtag/pass.txt
+ dogtag:
+ fs_includes:
+ - /etc/pki/pki-tomcat
+ - /etc/sysconfig/pki-tomcat
+ - /etc/sysconfig/pki/tomcat/pki-tomcat
+ - /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@$pki-tomcat.service
+ - /var/lib/pki/pki-tomcat
+ - /var/log/pki/pki-tomcat
+ - /usr/share/pki/server/conf/database.conf
+ - /usr/share/pki/server/conf/schema.conf
+ - /etc/dogtag/ca-certs.p12
+ - /var/lib/dirsrv/slapd-pki-tomcat/bak
+ fs_excludes: []
diff --git a/metadata/support.yml b/metadata/support.yml
new file mode 100644
index 0000000..7ff1b7d
--- /dev/null
+++ b/metadata/support.yml
@@ -0,0 +1,5 @@
+parameters:
+ dogtag:
+ _support:
+ backupninja:
+ enabled: true
\ No newline at end of file