Merge branch 'master' into debian
This commit is contained in:
commit
66be3f197f
|
@ -18,6 +18,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||
|
||||
### Security
|
||||
|
||||
## [2.12.0] - 2021-11-02
|
||||
|
||||
### Changed
|
||||
|
||||
* btrfs depends on the btrfd-progs package instead of btrfs-tools
|
||||
|
||||
## [2.11.1] - 2021-06-30
|
||||
|
||||
### Changed
|
||||
|
|
6
Vagrantfile
vendored
6
Vagrantfile
vendored
|
@ -24,7 +24,7 @@ mkdir -p /usr/lib/nagios/plugins/
|
|||
SCRIPT
|
||||
|
||||
$deps = <<SCRIPT
|
||||
DEBIAN_FRONTEND=noninteractive apt-get -yq install openssh-server btrfs-tools rsync lsb-base coreutils sed dash mount openssh-sftp-server libc6 bash-completion duc-nox cryptsetup bats
|
||||
DEBIAN_FRONTEND=noninteractive apt-get -yq install openssh-server btrfs-progs rsync lsb-base coreutils sed dash mount openssh-sftp-server libc6 bash-completion duc-nox cryptsetup bats
|
||||
SCRIPT
|
||||
|
||||
$pre_part = <<SCRIPT
|
||||
|
@ -47,7 +47,9 @@ SCRIPT
|
|||
{ :version => "stretch", :fs => "btrfs" },
|
||||
{ :version => "stretch", :fs => "ext4" },
|
||||
{ :version => "buster", :fs => "btrfs" },
|
||||
{ :version => "buster", :fs => "ext4" }
|
||||
{ :version => "buster", :fs => "ext4" },
|
||||
{ :version => "bullseye", :fs => "btrfs" },
|
||||
{ :version => "bullseye", :fs => "ext4" }
|
||||
]
|
||||
|
||||
nodes.each do |i|
|
||||
|
|
|
@ -14,12 +14,17 @@ create_inc_btrfs() {
|
|||
jail_path=$(jail_path "${jail_name}")
|
||||
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
||||
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
if [ -z "${btrfs_bin}" ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
|
||||
if dry_run; then
|
||||
echo "[dry-run] btrfs subvolume snapshot of ${jail_path} to ${inc_path}"
|
||||
else
|
||||
mkdir --parents "$(dirname "${inc_path}")"
|
||||
# create a btrfs readonly snapshot from the jail
|
||||
/bin/btrfs subvolume snapshot -r "${jail_path}" "${inc_path}" | debug
|
||||
${btrfs_bin} subvolume snapshot -r "${jail_path}" "${inc_path}" | debug
|
||||
fi
|
||||
}
|
||||
create_inc_ext4() {
|
||||
|
@ -52,7 +57,7 @@ for jail_name in ${jails_list}; do
|
|||
|
||||
# If no incs policy is found, we don't create incs
|
||||
if [ -n "${incs_policy_file}" ]; then
|
||||
# If no incs directory is found, we don't create incs
|
||||
# If inc directory is not present, we proceed with inc creation
|
||||
if [ ! -d "${inc_path}" ]; then
|
||||
info "Progress: jail ${jails_count} out of ${jails_total}"
|
||||
notice "Create inc \`${inc_name}' for jail \`${jail_name}' : start"
|
||||
|
|
|
@ -12,8 +12,12 @@ target_path="${2:?}"
|
|||
|
||||
lock_target() {
|
||||
target="${1:?}"
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
if [ -z ${btrfs_bin} ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
if is_btrfs "${target}"; then
|
||||
btrfs property set -ts "${target}" ro true
|
||||
${btrfs_bin} property set -ts "${target}" ro true
|
||||
info "Lock ${target}: done".
|
||||
else
|
||||
info "Lock ${target}: not BTRFS, nothing done".
|
||||
|
@ -21,8 +25,12 @@ lock_target() {
|
|||
}
|
||||
unlock_target() {
|
||||
target="${1:?}"
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
if [ -z ${btrfs_bin} ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
if is_btrfs "${target}"; then
|
||||
btrfs property set -ts "${target}" ro false
|
||||
${btrfs_bin} property set -ts "${target}" ro false
|
||||
info "Unlock ${target}: done."
|
||||
else
|
||||
info "Unlock ${target}: not BTRFS, nothing done."
|
||||
|
|
|
@ -18,9 +18,13 @@ test -d "${jail_path}" && error "Skip jail \`${jail_name}' : it already exists"
|
|||
# Create config and jails directory
|
||||
mkdir --parents "${CONFDIR}" "${JAILDIR}"
|
||||
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
if [ -z ${btrfs_bin} ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
|
||||
if is_btrfs "$(dirname "${JAILDIR}")" || is_btrfs "${JAILDIR}"; then
|
||||
/bin/btrfs subvolume create "${jail_path}"
|
||||
${btrfs_bin} subvolume create "${jail_path}"
|
||||
else
|
||||
mkdir --parents "${jail_path}"
|
||||
fi
|
||||
|
|
|
@ -52,9 +52,13 @@ fi
|
|||
rm -f "${CONFDIR}/${jail_name}"
|
||||
rm -rf "$(jail_config_dir "${jail_name}")"
|
||||
|
||||
jail_inode=$(stat --format=%i "${jail_path}")
|
||||
if [ "${jail_inode}" -eq 256 ]; then
|
||||
/bin/btrfs subvolume delete "${jail_path}" | debug
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
if [ -z ${btrfs_bin} ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
|
||||
if is_btrfs "${jail_path}"; then
|
||||
${btrfs_bin} subvolume delete "${jail_path}" | debug
|
||||
else
|
||||
rm -rf "${jail_path:?}" | debug
|
||||
fi
|
||||
|
@ -65,7 +69,7 @@ if [ -d "${incs_path}" ]; then
|
|||
for inc in ${incs}; do
|
||||
inc_inode=$(stat --format=%i "${incs_path}/${inc}")
|
||||
if [ "${inc_inode}" -eq 256 ]; then
|
||||
/bin/btrfs subvolume delete "${incs_path}/${inc}" | debug
|
||||
${btrfs_bin} subvolume delete "${incs_path}/${inc}" | debug
|
||||
else
|
||||
warning "You need to purge \`${incs_path}/${inc}' manually"
|
||||
fi
|
||||
|
|
|
@ -61,11 +61,16 @@ delete_inc_btrfs() {
|
|||
inc_name=$2
|
||||
|
||||
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
||||
btrfs_bin=$(command -v btrfs)
|
||||
|
||||
if [ -z ${btrfs_bin} ]; then
|
||||
error "btrfs not found. Please install brtfs-progs."
|
||||
fi
|
||||
|
||||
if dry_run; then
|
||||
echo "[dry-run] delete btrfs subvolume ${inc_path}"
|
||||
else
|
||||
/bin/btrfs subvolume delete "${inc_path}" | debug
|
||||
${btrfs_bin} subvolume delete "${inc_path}" | debug
|
||||
fi
|
||||
}
|
||||
delete_inc_ext4() {
|
||||
|
|
|
@ -162,12 +162,12 @@ if [ "${LOCAL_TASKS}" = "1" ]; then
|
|||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||
# --opt --all-databases --force --events --hex-blob | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz
|
||||
|
||||
## example with two dumps for each table (.sql/.txt) for all databases
|
||||
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \
|
||||
# do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \
|
||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
||||
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done
|
||||
## example with compressed SQL dump (with data) for each databases
|
||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
||||
# done
|
||||
|
||||
## Dump all grants (requires 'percona-toolkit' package)
|
||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||
|
@ -180,19 +180,19 @@ if [ "${LOCAL_TASKS}" = "1" ]; then
|
|||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --no-data --databases $i > ${LOCAL_BACKUP_DIR}/mysql/${i}.schema.sql
|
||||
# done
|
||||
|
||||
## example with compressed SQL dump (with data) for each databases
|
||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
||||
# done
|
||||
|
||||
## example with *one* uncompressed SQL dump for *one* database (MYBASE)
|
||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/MYBASE
|
||||
# chown -RL mysql ${LOCAL_BACKUP_DIR}/mysql/
|
||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \
|
||||
# --opt --events --hex-blob --skip-comments -T ${LOCAL_BACKUP_DIR}/mysql/MYBASE MYBASE
|
||||
|
||||
## example with two dumps for each table (.sql/.txt) for all databases
|
||||
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \
|
||||
# do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \
|
||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
||||
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done
|
||||
|
||||
## example with mysqlhotcopy
|
||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
||||
# mysqlhotcopy MYBASE ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
||||
|
|
Loading…
Reference in a new issue