Merge branch 'master' into debian
This commit is contained in:
commit
66be3f197f
|
@ -18,6 +18,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
## [2.12.0] - 2021-11-02
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
* btrfs depends on the btrfd-progs package instead of btrfs-tools
|
||||||
|
|
||||||
## [2.11.1] - 2021-06-30
|
## [2.11.1] - 2021-06-30
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
6
Vagrantfile
vendored
6
Vagrantfile
vendored
|
@ -24,7 +24,7 @@ mkdir -p /usr/lib/nagios/plugins/
|
||||||
SCRIPT
|
SCRIPT
|
||||||
|
|
||||||
$deps = <<SCRIPT
|
$deps = <<SCRIPT
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get -yq install openssh-server btrfs-tools rsync lsb-base coreutils sed dash mount openssh-sftp-server libc6 bash-completion duc-nox cryptsetup bats
|
DEBIAN_FRONTEND=noninteractive apt-get -yq install openssh-server btrfs-progs rsync lsb-base coreutils sed dash mount openssh-sftp-server libc6 bash-completion duc-nox cryptsetup bats
|
||||||
SCRIPT
|
SCRIPT
|
||||||
|
|
||||||
$pre_part = <<SCRIPT
|
$pre_part = <<SCRIPT
|
||||||
|
@ -47,7 +47,9 @@ SCRIPT
|
||||||
{ :version => "stretch", :fs => "btrfs" },
|
{ :version => "stretch", :fs => "btrfs" },
|
||||||
{ :version => "stretch", :fs => "ext4" },
|
{ :version => "stretch", :fs => "ext4" },
|
||||||
{ :version => "buster", :fs => "btrfs" },
|
{ :version => "buster", :fs => "btrfs" },
|
||||||
{ :version => "buster", :fs => "ext4" }
|
{ :version => "buster", :fs => "ext4" },
|
||||||
|
{ :version => "bullseye", :fs => "btrfs" },
|
||||||
|
{ :version => "bullseye", :fs => "ext4" }
|
||||||
]
|
]
|
||||||
|
|
||||||
nodes.each do |i|
|
nodes.each do |i|
|
||||||
|
|
|
@ -14,12 +14,17 @@ create_inc_btrfs() {
|
||||||
jail_path=$(jail_path "${jail_name}")
|
jail_path=$(jail_path "${jail_name}")
|
||||||
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
||||||
|
|
||||||
|
btrfs_bin=$(command -v btrfs)
|
||||||
|
if [ -z "${btrfs_bin}" ]; then
|
||||||
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
|
|
||||||
if dry_run; then
|
if dry_run; then
|
||||||
echo "[dry-run] btrfs subvolume snapshot of ${jail_path} to ${inc_path}"
|
echo "[dry-run] btrfs subvolume snapshot of ${jail_path} to ${inc_path}"
|
||||||
else
|
else
|
||||||
mkdir --parents "$(dirname "${inc_path}")"
|
mkdir --parents "$(dirname "${inc_path}")"
|
||||||
# create a btrfs readonly snapshot from the jail
|
# create a btrfs readonly snapshot from the jail
|
||||||
/bin/btrfs subvolume snapshot -r "${jail_path}" "${inc_path}" | debug
|
${btrfs_bin} subvolume snapshot -r "${jail_path}" "${inc_path}" | debug
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
create_inc_ext4() {
|
create_inc_ext4() {
|
||||||
|
@ -52,7 +57,7 @@ for jail_name in ${jails_list}; do
|
||||||
|
|
||||||
# If no incs policy is found, we don't create incs
|
# If no incs policy is found, we don't create incs
|
||||||
if [ -n "${incs_policy_file}" ]; then
|
if [ -n "${incs_policy_file}" ]; then
|
||||||
# If no incs directory is found, we don't create incs
|
# If inc directory is not present, we proceed with inc creation
|
||||||
if [ ! -d "${inc_path}" ]; then
|
if [ ! -d "${inc_path}" ]; then
|
||||||
info "Progress: jail ${jails_count} out of ${jails_total}"
|
info "Progress: jail ${jails_count} out of ${jails_total}"
|
||||||
notice "Create inc \`${inc_name}' for jail \`${jail_name}' : start"
|
notice "Create inc \`${inc_name}' for jail \`${jail_name}' : start"
|
||||||
|
|
|
@ -12,8 +12,12 @@ target_path="${2:?}"
|
||||||
|
|
||||||
lock_target() {
|
lock_target() {
|
||||||
target="${1:?}"
|
target="${1:?}"
|
||||||
|
btrfs_bin=$(command -v btrfs)
|
||||||
|
if [ -z ${btrfs_bin} ]; then
|
||||||
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
if is_btrfs "${target}"; then
|
if is_btrfs "${target}"; then
|
||||||
btrfs property set -ts "${target}" ro true
|
${btrfs_bin} property set -ts "${target}" ro true
|
||||||
info "Lock ${target}: done".
|
info "Lock ${target}: done".
|
||||||
else
|
else
|
||||||
info "Lock ${target}: not BTRFS, nothing done".
|
info "Lock ${target}: not BTRFS, nothing done".
|
||||||
|
@ -21,8 +25,12 @@ lock_target() {
|
||||||
}
|
}
|
||||||
unlock_target() {
|
unlock_target() {
|
||||||
target="${1:?}"
|
target="${1:?}"
|
||||||
|
btrfs_bin=$(command -v btrfs)
|
||||||
|
if [ -z ${btrfs_bin} ]; then
|
||||||
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
if is_btrfs "${target}"; then
|
if is_btrfs "${target}"; then
|
||||||
btrfs property set -ts "${target}" ro false
|
${btrfs_bin} property set -ts "${target}" ro false
|
||||||
info "Unlock ${target}: done."
|
info "Unlock ${target}: done."
|
||||||
else
|
else
|
||||||
info "Unlock ${target}: not BTRFS, nothing done."
|
info "Unlock ${target}: not BTRFS, nothing done."
|
||||||
|
|
|
@ -18,9 +18,13 @@ test -d "${jail_path}" && error "Skip jail \`${jail_name}' : it already exists"
|
||||||
# Create config and jails directory
|
# Create config and jails directory
|
||||||
mkdir --parents "${CONFDIR}" "${JAILDIR}"
|
mkdir --parents "${CONFDIR}" "${JAILDIR}"
|
||||||
|
|
||||||
|
btrfs_bin=$(command -v btrfs)
|
||||||
|
if [ -z ${btrfs_bin} ]; then
|
||||||
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
|
|
||||||
if is_btrfs "$(dirname "${JAILDIR}")" || is_btrfs "${JAILDIR}"; then
|
if is_btrfs "$(dirname "${JAILDIR}")" || is_btrfs "${JAILDIR}"; then
|
||||||
/bin/btrfs subvolume create "${jail_path}"
|
${btrfs_bin} subvolume create "${jail_path}"
|
||||||
else
|
else
|
||||||
mkdir --parents "${jail_path}"
|
mkdir --parents "${jail_path}"
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -52,9 +52,13 @@ fi
|
||||||
rm -f "${CONFDIR}/${jail_name}"
|
rm -f "${CONFDIR}/${jail_name}"
|
||||||
rm -rf "$(jail_config_dir "${jail_name}")"
|
rm -rf "$(jail_config_dir "${jail_name}")"
|
||||||
|
|
||||||
jail_inode=$(stat --format=%i "${jail_path}")
|
btrfs_bin=$(command -v btrfs)
|
||||||
if [ "${jail_inode}" -eq 256 ]; then
|
if [ -z ${btrfs_bin} ]; then
|
||||||
/bin/btrfs subvolume delete "${jail_path}" | debug
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
|
|
||||||
|
if is_btrfs "${jail_path}"; then
|
||||||
|
${btrfs_bin} subvolume delete "${jail_path}" | debug
|
||||||
else
|
else
|
||||||
rm -rf "${jail_path:?}" | debug
|
rm -rf "${jail_path:?}" | debug
|
||||||
fi
|
fi
|
||||||
|
@ -65,7 +69,7 @@ if [ -d "${incs_path}" ]; then
|
||||||
for inc in ${incs}; do
|
for inc in ${incs}; do
|
||||||
inc_inode=$(stat --format=%i "${incs_path}/${inc}")
|
inc_inode=$(stat --format=%i "${incs_path}/${inc}")
|
||||||
if [ "${inc_inode}" -eq 256 ]; then
|
if [ "${inc_inode}" -eq 256 ]; then
|
||||||
/bin/btrfs subvolume delete "${incs_path}/${inc}" | debug
|
${btrfs_bin} subvolume delete "${incs_path}/${inc}" | debug
|
||||||
else
|
else
|
||||||
warning "You need to purge \`${incs_path}/${inc}' manually"
|
warning "You need to purge \`${incs_path}/${inc}' manually"
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -61,11 +61,16 @@ delete_inc_btrfs() {
|
||||||
inc_name=$2
|
inc_name=$2
|
||||||
|
|
||||||
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
inc_path=$(inc_path "${jail_name}" "${inc_name}")
|
||||||
|
btrfs_bin=$(command -v btrfs)
|
||||||
|
|
||||||
|
if [ -z ${btrfs_bin} ]; then
|
||||||
|
error "btrfs not found. Please install brtfs-progs."
|
||||||
|
fi
|
||||||
|
|
||||||
if dry_run; then
|
if dry_run; then
|
||||||
echo "[dry-run] delete btrfs subvolume ${inc_path}"
|
echo "[dry-run] delete btrfs subvolume ${inc_path}"
|
||||||
else
|
else
|
||||||
/bin/btrfs subvolume delete "${inc_path}" | debug
|
${btrfs_bin} subvolume delete "${inc_path}" | debug
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
delete_inc_ext4() {
|
delete_inc_ext4() {
|
||||||
|
|
|
@ -162,12 +162,12 @@ if [ "${LOCAL_TASKS}" = "1" ]; then
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||||
# --opt --all-databases --force --events --hex-blob | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz
|
# --opt --all-databases --force --events --hex-blob | gzip --best > ${LOCAL_BACKUP_DIR}/mysql.bak.gz
|
||||||
|
|
||||||
## example with two dumps for each table (.sql/.txt) for all databases
|
## example with compressed SQL dump (with data) for each databases
|
||||||
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \
|
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
||||||
# do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \
|
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
||||||
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done
|
# done
|
||||||
|
|
||||||
## Dump all grants (requires 'percona-toolkit' package)
|
## Dump all grants (requires 'percona-toolkit' package)
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
|
@ -180,19 +180,19 @@ if [ "${LOCAL_TASKS}" = "1" ]; then
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --no-data --databases $i > ${LOCAL_BACKUP_DIR}/mysql/${i}.schema.sql
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --no-data --databases $i > ${LOCAL_BACKUP_DIR}/mysql/${i}.schema.sql
|
||||||
# done
|
# done
|
||||||
|
|
||||||
## example with compressed SQL dump (with data) for each databases
|
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/
|
|
||||||
# for i in $(mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 -e 'show databases' -s --skip-column-names \
|
|
||||||
# | egrep -v "^(Database|information_schema|performance_schema|sys)"); do
|
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 --events --hex-blob $i | gzip --best > ${LOCAL_BACKUP_DIR}/mysql/${i}.sql.gz
|
|
||||||
# done
|
|
||||||
|
|
||||||
## example with *one* uncompressed SQL dump for *one* database (MYBASE)
|
## example with *one* uncompressed SQL dump for *one* database (MYBASE)
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/MYBASE
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysql/MYBASE
|
||||||
# chown -RL mysql ${LOCAL_BACKUP_DIR}/mysql/
|
# chown -RL mysql ${LOCAL_BACKUP_DIR}/mysql/
|
||||||
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -Q \
|
||||||
# --opt --events --hex-blob --skip-comments -T ${LOCAL_BACKUP_DIR}/mysql/MYBASE MYBASE
|
# --opt --events --hex-blob --skip-comments -T ${LOCAL_BACKUP_DIR}/mysql/MYBASE MYBASE
|
||||||
|
|
||||||
|
## example with two dumps for each table (.sql/.txt) for all databases
|
||||||
|
# for i in $(echo SHOW DATABASES | mysql --defaults-extra-file=/etc/mysql/debian.cnf -P 3306 \
|
||||||
|
# | egrep -v "^(Database|information_schema|performance_schema|sys)" ); \
|
||||||
|
# do mkdir -p -m 700 /home/mysqldump/$i ; chown -RL mysql /home/mysqldump ; \
|
||||||
|
# mysqldump --defaults-extra-file=/etc/mysql/debian.cnf --force -P 3306 -Q --opt --events --hex-blob --skip-comments \
|
||||||
|
# --fields-enclosed-by='\"' --fields-terminated-by=',' -T /home/mysqldump/$i $i; done
|
||||||
|
|
||||||
## example with mysqlhotcopy
|
## example with mysqlhotcopy
|
||||||
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
# mkdir -p -m 700 ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
||||||
# mysqlhotcopy MYBASE ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
# mysqlhotcopy MYBASE ${LOCAL_BACKUP_DIR}/mysqlhotcopy/
|
||||||
|
|
Loading…
Reference in a new issue