Merge "Fix modelschema.schema_list()"
diff --git a/README.rst b/README.rst
index d3a64b0..c4a41f8 100644
--- a/README.rst
+++ b/README.rst
@@ -186,6 +186,19 @@
".*":
- x509.sign_remote_certificate
+
+Salt master backup configuration
+
+.. code-block:: yaml
+
+ salt:
+ master:
+ backup: true
+ initial_data:
+ engine: backupninja
+ source: backup-node-host
+ host: original-salt-master-id
+
Configure verbosity of state output (used for `salt` command)
.. code-block:: yaml
diff --git a/_modules/seedng.py b/_modules/seedng.py
index 7d77a03..1d93c5d 100644
--- a/_modules/seedng.py
+++ b/_modules/seedng.py
@@ -256,8 +256,10 @@
boot_, tmppath = (prep_bootstrap(mpt)
or salt.syspaths.BOOTSTRAP)
# Exec the chroot command
+ arg = 'stable {0}'.format('.'.join(salt.version.__version__.split('.')[:2]))
cmd = 'if type salt-minion; then exit 0; '
- cmd += 'else sh {0} -c /tmp; fi'.format(os.path.join(tmppath, 'bootstrap-salt.sh'))
+ cmd += 'else sh {0} -c /tmp {1}; fi'.format(
+ os.path.join(tmppath, 'bootstrap-salt.sh'), arg)
return not __salt__['cmd.run_chroot'](mpt, cmd, python_shell=True)['retcode']
diff --git a/salt/files/restore_master.sh b/salt/files/restore_master.sh
new file mode 100644
index 0000000..ef77ec2
--- /dev/null
+++ b/salt/files/restore_master.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+{%- from "salt/map.jinja" import master with context %}
+
+{%- if master.initial_data is defined %}
+mkdir -p /etc/salt/pki.bak
+mv /etc/salt/pki/* /etc/salt/pki.bak
+scp -r backupninja@{{ master.initial_data.source }}:/srv/backupninja/{{ master.initial_data.host }}/etc/salt/pki/pki.0/* /etc/salt/pki
+{%- if master.pillar.engine == 'reclass' or (master.pillar.engine == 'composite' and master.pillar.reclass is defined) %}
+scp -r backupninja@{{ master.initial_data.source }}:/srv/backupninja/{{ master.initial_data.host }}/srv/salt/reclass/nodes/_generated/_generated.0/* /srv/salt/reclass/nodes/_generated
+{%- endif %}
+{%- endif %}
diff --git a/salt/files/restore_minion.sh b/salt/files/restore_minion.sh
new file mode 100644
index 0000000..f8dc36b
--- /dev/null
+++ b/salt/files/restore_minion.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+{%- from "salt/map.jinja" import minion with context %}
+
+{%- if minion.ca is defined %}
+{%- if minion.initial_data is defined %}
+mkdir -p /etc/pki/pki_ca.bak
+mkdir -p /etc/pki/ca
+mv /etc/pki/ca/* /etc/pki/pki_ca.bak
+scp -r backupninja@{{ minion.initial_data.source }}:/srv/backupninja/{{ minion.initial_data.host }}/etc/pki/ca/ca.0/* /etc/pki/ca
+{%- endif %}
+{%- endif %}
\ No newline at end of file
diff --git a/salt/master/restore.sls b/salt/master/restore.sls
new file mode 100644
index 0000000..fe0ff3f
--- /dev/null
+++ b/salt/master/restore.sls
@@ -0,0 +1,29 @@
+{%- from "salt/map.jinja" import master with context %}
+{%- if master.enabled %}
+
+{%- if master.initial_data is defined %}
+
+/srv/salt/restore_master.sh:
+ file.managed:
+ - source: salt://salt/files/restore_master.sh
+ - mode: 700
+ - template: jinja
+
+salt_master_restore_state:
+ cmd.run:
+ - name: /srv/salt/restore_master.sh
+ - unless: "test -e /srv/salt/master-restored"
+ - cwd: /root
+ - require:
+ - file: /srv/salt/restore_master.sh
+
+salt_master_restore_completed:
+ file.managed:
+ - name: /srv/salt/master-restored
+ - source: {}
+ - require:
+ - cmd: salt_master_restore_state
+
+{%- endif %}
+
+{%- endif %}
diff --git a/salt/meta/backupninja.yml b/salt/meta/backupninja.yml
index ba2eea5..0a98f44 100644
--- a/salt/meta/backupninja.yml
+++ b/salt/meta/backupninja.yml
@@ -1,9 +1,23 @@
-{%- if pillar.salt.master is defined %}
- {%- from "salt/map.jinja" import master with context %}
+{%- if pillar.salt is defined %}
+{%- if pillar.salt.get('master', {}).get('enabled', False) or (pillar.salt.get('minion', {}).get('enabled', False) and pillar.salt.get('minion', {}).ca is defined) %}
+ {%- from "salt/map.jinja" import master, minion with context %}
backup:
salt:
+ {%- if master.get('backup', False) %}
fs_includes:
- - /srv/salt
- - /etc/salt
+ {%- if master.pillar.engine == 'reclass' or (master.pillar.engine == 'composite' and master.pillar.reclass is defined) %}
+ - /srv/salt/reclass/nodes/_generated
+ {%- endif %}
+ - /etc/salt/pki
+ {%- if minion.get('backup', False) %}
+ - /etc/pki/ca
+ {%- endif %}
+ {%- elif minion.get('backup', False) %}
+ fs_includes:
+ - /etc/pki/ca
+ {%- else %}
+ fs_includes: []
+ {%- endif %}
fs_excludes: []
{%- endif %}
+{%- endif %}
diff --git a/salt/minion/restore.sls b/salt/minion/restore.sls
new file mode 100644
index 0000000..3c42852
--- /dev/null
+++ b/salt/minion/restore.sls
@@ -0,0 +1,33 @@
+{%- from "salt/map.jinja" import minion with context %}
+{%- if minion.enabled %}
+
+{%- if minion.ca is defined %}
+
+{%- if minion.initial_data is defined %}
+
+/srv/salt/restore_minion.sh:
+ file.managed:
+ - source: salt://salt/files/restore_minion.sh
+ - mode: 700
+ - template: jinja
+
+salt_minion_restore_state:
+ cmd.run:
+ - name: /srv/salt/restore_minion.sh
+ - unless: "test -e /srv/salt/minion-restored"
+ - cwd: /root
+ - require:
+ - file: /srv/salt/restore_minion.sh
+
+salt_minion_restore_completed:
+ file.managed:
+ - name: /srv/salt/minion-restored
+ - source: {}
+ - require:
+ - cmd: salt_minion_restore_state
+
+{%- endif %}
+
+{%- endif %}
+
+{%- endif %}
diff --git a/tests/pillar/master_backup.sls b/tests/pillar/master_backup.sls
new file mode 100644
index 0000000..cee3d72
--- /dev/null
+++ b/tests/pillar/master_backup.sls
@@ -0,0 +1,22 @@
+git:
+ client:
+ enabled: true
+linux:
+ system:
+ enabled: true
+salt:
+ master:
+ enabled: true
+ source:
+ engine: pkg
+ pillar:
+ engine: salt
+ source:
+ engine: local
+ environment:
+ prd:
+ formula: {}
+ initial_data:
+ engine: backupninja
+ source: backup-node-host
+ host: original-salt-master-id
\ No newline at end of file
diff --git a/tests/pillar/minion_backup.sls b/tests/pillar/minion_backup.sls
new file mode 100644
index 0000000..419fd0f
--- /dev/null
+++ b/tests/pillar/minion_backup.sls
@@ -0,0 +1,8 @@
+salt:
+ minion:
+ enabled: true
+ backup: true
+ initial_data:
+ engine: backupninja
+ source: backup-node-host
+ host: original-salt-master-id