Merge pull request 'Fix backup email notifications' (#366) from bugfix/358-backups into master
Reviewed-on: #366
This commit is contained in:
commit
91905e0490
|
@ -12,4 +12,10 @@ The S3 credentials as well as the backup password are stored in the
|
|||
|
||||
To decrypt a backup archive, use the following command:
|
||||
|
||||
openssl aes-256-cbc -d -base64 -pbkdf2 -in my_backup.tar.enc -out my_backup.tar
|
||||
|
||||
If you get an error message along the lines of "bad decrypt", the archive was
|
||||
likely encrypted before we switched the key derivation scheme. Try without
|
||||
`-pbkdf2` in this case:
|
||||
|
||||
openssl aes-256-cbc -d -base64 -in my_backup.tar.enc -out my_backup.tar
|
||||
|
|
|
@ -32,6 +32,8 @@ gem_package 'backup' do
|
|||
version '5.0.0.beta.2'
|
||||
end
|
||||
|
||||
smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp')
|
||||
|
||||
backup_data = Chef::EncryptedDataBagItem.load('credentials', 'backup')
|
||||
backup_dir = node["backup"]["dir"]
|
||||
directory backup_dir
|
||||
|
@ -46,8 +48,12 @@ template "#{backup_dir}/config.rb" do
|
|||
s3_secret_access_key: backup_data["s3_secret_access_key"],
|
||||
s3_region: backup_data["s3_region"],
|
||||
encryption_password: backup_data["encryption_password"],
|
||||
mail_from: "backups@kosmos.org",
|
||||
mail_to: "ops@5apps.com",
|
||||
mail_from: "backups@kosmos.org"
|
||||
mail_address: 'smtp.mailgun.org',
|
||||
mail_domain: 'kosmos.org',
|
||||
mail_user_name: smtp_credentials["user_name"],
|
||||
mail_password: smtp_credentials["password"]
|
||||
end
|
||||
|
||||
template "#{backup_dir}/models/default.rb" do
|
||||
|
|
|
@ -6,6 +6,18 @@
|
|||
# Documentation: http://backup.github.io/backup
|
||||
# Issue Tracker: https://github.com/backup/backup/issues
|
||||
|
||||
#
|
||||
# Monkey patch to not use deprecated key derivation scheme
|
||||
# https://github.com/backup/backup/issues/949#issuecomment-589883577
|
||||
#
|
||||
module OpenSSLFixDeprecatedKeyDerivation
|
||||
def options
|
||||
super + ' -pbkdf2'
|
||||
end
|
||||
end
|
||||
require 'backup/encryptor/open_ssl'
|
||||
Backup::Encryptor::OpenSSL.prepend(OpenSSLFixDeprecatedKeyDerivation)
|
||||
|
||||
Storage::S3.defaults do |s3|
|
||||
s3.access_key_id = "<%= @s3_access_key_id %>"
|
||||
s3.secret_access_key = "<%= @s3_secret_access_key %>"
|
||||
|
@ -22,7 +34,13 @@ end
|
|||
Notifier::Mail.defaults do |mail|
|
||||
mail.from = "<%= node.name %> <<%= @mail_from %>>"
|
||||
mail.to = "<%= @mail_to %>"
|
||||
mail.delivery_method = :sendmail
|
||||
mail.address = "<%= @mail_address %>"
|
||||
mail.domain = "<%= @mail_domain %>"
|
||||
mail.user_name = "<%= @mail_user_name %>"
|
||||
mail.password = "<%= @mail_password %>"
|
||||
mail.port = <%= @mail_port || 587 %>
|
||||
mail.authentication = "<%= @mail_authentication || 'plain' %>"
|
||||
mail.encryption = <%= @mail_encryption || ':starttls' %>
|
||||
end
|
||||
|
||||
<%- if node["backup"]["mongodb"] -%>
|
||||
|
@ -75,7 +93,7 @@ preconfigure 'KosmosBackup' do
|
|||
encrypt_with OpenSSL
|
||||
notify_by Mail do |mail|
|
||||
mail.on_success = false
|
||||
mail.on_warning = false
|
||||
mail.on_warning = true
|
||||
mail.on_failure = true
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue