Subversion Repositories sysadmin_scripts

#! /usr/bin/env perl

use strict;

use warnings;

BEGIN {

   use FindBin;

   use File::Spec;

   # use libraries from the directory this script is in

   use Cwd 'abs_path';

   use File::Basename;

   use lib dirname( abs_path( __FILE__ ) );

}

use YAML::Tiny; # pkg install p5-YAML-Tiny-1.74

use Data::Dumper;

use Email::Simple; # cpan install Email::Simple

my $cwd = $FindBin::RealBin;

my $configFileName = $cwd . '/sync.yaml';

my $replicateScript = $cwd . '/replicate';

my $configuration;

# load Configuration File

# read the config file and return it

sub readConfig {

   my $filename = shift;

   die "Config file $filename not found: $!" unless -f $filename;

   my $yaml = YAML::Tiny->new( {} );

   if ( -f $filename ) {

      $yaml = YAML::Tiny->read( $filename );

   }

   return $yaml->[0];

}

# this calls gshred which will overwrite the file 3 times, then

# remove it.

# NOTE: this will not work on ZFS, since ZFS is CopyOnWrite (COW)

# so assuming /tmp is a ramdisk

sub shredFile {

   my $filename = shift;

   `/usr/local/bin/gshred -u -f -s 32 $filename`;

}

# runs a command, redirecting stderr to stdout (which it ignores)

# then returns 0 on success.

# if error, returns string describing error

sub runCommand {

   my $command = shift;

   my $output = qx/$command 2>&1/;

   if ($? == -1) {

      return (-1, "failed to execute: $!" );

   } elsif ($? & 127) {

      return (-1,sprintf "child died with signal %d, %s coredump",

        ($? & 127),  ($? & 128) ? 'with' : 'without');

   } else {

      return ( $?>>8, sprintf "child exited with value %d", $? >> 8 ) if $? >> 8;

   }

   return (0, $output);

}

# grabs the encryption key from the remote server, and uses it to unlock the 

# datasets, then mount the drives.

# a return of '' is success, anything else is an error

sub mountDrives {

   my $configuration = shift;

   return (0, 'No encrypted target found' ) unless defined( $configuration->{'target'}->{'encryptionKeyPath'} ) && $configuration->{'target'}->{'encryptionKeyPath'};

   # try to grab the file from the remote machine

   &runCommand( "scp $configuration->{remoteMachine}->{ip}:$configuration->{remoteMachine}->{encryptionKeyPath} $configuration->{localMachine}->{encryptionKeyPath}" );

   # If we do not have the encryption key, we need to abort

   return "Could not copy file $configuration->{remoteMachine}->{ip}:$configuration->{remoteMachine}->{encryptionKeyPath}, aborting" 

      unless -f $configuration->{'target'}->{'encryptionKeyPath'};

   my $error = '';

   my $output = '';

   # load the key into zfs and unlock all volumes

   ($error,$output) = &runCommand( "zfs load-key -a" );

   # finally, remount all of the zfs shares which need the key

   ($error,$output) = &runCommand( "zfs mount -a" ) unless $error;

   # if we succeeded, we want to shred the keyfile

   &shredFile( $configuration->{localMachine}->{encryptionKeyPath} ) if -f $configuration->{localMachine}->{encryptionKeyPath};

   return $error;

}

# a very simple mailer, using Email::Simple to just get status messages out

sub sendMail {

   my ($message, $configuration, $subject ) = @_;

   $configuration->{'email'}->{'notify'} = 'root' unless $configuration->{'email'}->{'notify'};

   die "No message in outgoing message\n" unless $message;

   my $email = Email::Simple->create(

      header => [

         To     => $configuration->{'email'}->{'notify'},

         Subject=> $configuration->{'email'}->{'subject'} . ( $subject ? " - $subject" : '' ),

         From   => $configuration->{'email'}->{'from'}

      ],

      body => $message

   );

   $message = $email->as_string;

   if ( $configuration->{'testing'} > 1 ) {

      print "$message\n";

   } else {

      `echo '$message' | sendmail $configuration->{'email'}->{'notify'}`;

   }

}

# checks to see if we should be in maintenance mode

# if $remoteMachine->{'maintenanceMode'} exists, set mode

# otherwise, wait localMachine->{'waittime'} minutes, then check

# $localMachine->{'maintenanceMode'}.

# if neither exists, begin sync

sub checkMaintenance {

   my $configuration = shift;

   return 0 unless # exit if maintenanceFlag has not been set at all

     ( defined( $configuration->{'target'}->{'maintenanceFlag'} ) && $configuration->{'target'}->{'maintenanceFlag'} ) ||

     ( defined( $configuration->{'source'}->{'maintenanceFlag'} ) && $configuration->{'source'}->{'maintenanceFlag'} );

   # see if maintenance is set on remote. If so, simply return the message

   if ( $configuration->{'source'}->{'up'} ) {

      my ($error, $output) = &runCommand( "ssh $configuration->{remoteMachine}->{ip} 'ls $configuration->{remoteMachine}->{maintenanceFlag}'" );

      if ( ! $error ) {

         # remove the file from the remote server

         &runCommand( "ssh $configuration->{remoteMachine}->{ip} 'rm $configuration->{remoteMachine}->{maintenanceFlag}'" );

         # create a valid return, which will exit the program

         return "Maintenance Flag found on remote machine";

      }

   }

   # not on remote machine, so give them waitTime seconds to put it here

   # we'll loop, checking every $sleepTime seconds until our wait time

   # ($configuration->{'target'}->{'waitTime'}) has expired

   my $sleepTime = 60;

   for ( my $i = $configuration->{'target'}->{'waitTime'}; $i > 0; $i -= $sleepTime ) {

      sleep $sleepTime;

      # then look for the maintenance flag file on the local machine

      return "Maintenance Flag found on local machine" if -f $configuration->{'target'}->{'maintenanceFlag'};

   }

   # no maintenance flags found, so return false

   return 0;

}

sub shutdownMachine {

   my $configuration = shift;

   my $subject = shift;

   push @_, "Shutting down" if $configuration->{'shutdown'};

   &sendMail( join( "\n", @_), $configuration, $subject );

   # do not actually shut down the server unless we are told to

   exit unless $configuration->{'shutdown'};

   &runCommand( "poweroff" ) unless $configuration->{'testing'};

   die "Shutting down machine now\n";

}

# returns the current time as a string

sub currentTime {

   my $format = shift;

   # default to YY-MM-DD HH-MM-SS

   $format = '%Y-%m-%d %H-%M-%S' unless $format;

   use POSIX;

   return POSIX::strftime( $format, localtime() );

}

sub checkRemoteUp {

   my $configuration = shift;

   my $ip;

   if ( defined( $configuration->{'target'}->{'server'} ) && $configuration->{'target'}->{'server'} ) {

      $ip = $configuration->{'target'}->{'server'};

   } else {

      $ip = $configuration->{'source'}->{'server'};

   }

   my ($error, $message ) =  $ip ? &runCommand( "ping -c 1 -t 5 $ip" ) : (0,'No address defined for either target or server' );

   $message = "Checking IP $ip\n"  . $message;

   #die "error is $error, message is $message for $ip\n";

   return ($error, $message);

}

my @status;   

my $error = 0;

my $output = '';

$configuration = &readConfig($configFileName);

# die Dumper( $configuration ) . "\n";

my $servername = `hostname`;

chomp $servername;

&sendMail( "Replication on $servername has been started, " . &currentTime(), $configuration, "Replication on $servername started" );

# see if remote machine is up by sending one ping. Expect response in 5 seconds

( $error,$output) = &checkRemoteUp( $configuration );

$configuration->{'up'} = ! $error;

push @status, "remote machine is " . ( $configuration->{'up'} ? 'Up' : 'Down' ) . "\n";

# we can not connect to the remote server, so just shut down

&shutdownMachine( $configuration, "No connection to remote machine", @status ) unless $configuration->{'up'};

# check for maintenance flags, exit if we should go into mainteance mode

if ( my $result = &checkMaintenance( $configuration ) ) {

   push @status,$result;

   &sendMail( join( "\n", @status), $configuration, "Maintenance Mode" );

   die;

}

# try to mount the datasets if they are encrypted

($error,$output) = &mountDrives( $configuration );

if ( $error ) { # could not mount datasets

   push @status, $error;

   &shutdownMachine( $configuration, "Mount Drive Error: [$output]", @status );

}

&sendMail( "Backup has been started at " . &currentTime(), $configuration, "Backup Starting" );

push @status, "Backup started at: " . &currentTime();

$configuration->{'source'}->{'server'} = $configuration->{'source'}->{'server'} ? $configuration->{'source'}->{'server'} . ':' : '';

$configuration->{'target'}->{'server'} = $configuration->{'target'}->{'server'} ? $configuration->{'target'}->{'server'} . ':' : '';

# For each dataset, let's find the snapshots we need

foreach my $sourceDir ( keys %{$configuration->{'source'}->{'dataset'}} ) {

   print "Looking for $sourceDir\n";

   print "syncing to $configuration->{target}->{targetDataset}\n";

   my $command = $replicateScript . ' ' .

                 $configuration->{'source'}->{'server'} . 

                 $configuration->{'source'}->{'dataset'}->{$sourceDir} . '/' . $sourceDir . ' ' .

                 $configuration->{'target'}->{'server'} . 

                 $configuration->{'target'}->{'targetDataset'} . '/' . $sourceDir;

   push @status, "=== Running $command at " . &currentTime();

   ($error, $output) = &runCommand( $command ) unless $configuration->{'testing'};

   push @status, $output;

   push @status, "=== Completed $command with status $error at " . &currentTime();

}

push @status, "==== Backup finished at: " . &currentTime();

if ($configuration->{'testing'}) {

   print join( "\n", @status ) . "\n";

} else {

   &shutdownMachine( $configuration, "Backup Complete", @status );

}

1;