chef/site-cookbooks/kosmos_kvm/recipes/backup.rb

#
# Cookbook:: kosmos_kvm
# Recipe:: backup
#

apt_package "borgbackup"

borg_credentials = data_bag_item("credentials", "borg")

file "/root/.ssh/borg_rsa" do
  content borg_credentials["ssh_key"]
  mode '0600'
end

file "/root/.borg_credentials.env" do
  content <<-EOF
BORG_RSH='ssh -i /root/.ssh/borg_rsa'
BORG_PASSPHRASE=#{borg_credentials["passphrase"]}
BORG_REPO='#{borg_credentials["repository"]}'
  EOF
end

bash "Load borg credentials in console sessions" do
  code <<-EOF
          cat >>/root/.bashrc <<EOL

# GENERATED BY CHEF
set -o allexport
source ~/.borg_credentials.env
set +o allexport
  EOF
  not_if "grep -q borg_credentials /root/.bashrc"
end

directory "/root/backups" do
  mode "0750"
end

directory "/root/backups/vm_meta" do
  mode "0750"
end

cookbook_file "/root/backups/backup_vm.sh" do
  source "backup_vm.sh"
  mode "0750"
end

# Search all guests and filter by presence on current host
vm_domains = search(:node, "role:kvm_guest").map{|n| n["hostname"] } \
             & `virsh list --name`.strip.chomp.split("\n")

template "/root/backups/backup_all_vms.sh" do
  source "backup_all_vms.sh.erb"
  mode '0750'
  variables vm_domains: vm_domains
end

systemd_unit "backup-libvirt-guests.service" do
  content({
    Unit: {
      Description: "Back up libvirt guest images and metadata",
      Wants: "network.target"
    },
    Service: {
      Type: "oneshot",
      EnvironmentFile: "/root/.borg_credentials.env",
      ExecStart: "/root/backups/backup_all_vms.sh",
      SyslogIdentifier: "backup-libvirt-guests",
      Restart: "no"
    }
  })
  verify false
  triggers_reload true
  action [:create]
end

systemd_unit "backup-libvirt-guests.timer" do
  content({
    Unit: {
      Description: "Back up libvirt guest images and metadata",
    },
    Timer: {
      OnCalendar: node["kosmos_kvm"]["backup"]["schedule"]
    },
    Install: {
      WantedBy: "timers.target"
    }
  })
  verify false
  triggers_reload true
  action [:create, :enable, :start]
end