Author: aardvark

puppet filebucket

~ aardvark ~ Leave a comment
Photo by Steve Johnson on Unsplash

From the manpage: If the file type’s backup attribute is set to the name of a filebucket, Puppet will back up the old content whenever it rewrites a file.

Ok that is good. But it can also backup files on the command line which is curious.

So to backup to a local filebucket:

puppet filebucket -l backup /etc/shadow
/etc/shadow: 0e92eab47959b208c7e68922392b1d9e

And to list local files:

# puppet filebucket -l list |grep shadow
0e92eab47959b208c7e68922392b1d9e 2024-07-03 10:49:37 /etc/shadow

Restore it to a new file:

puppet filebucket -l restore /tmp/oldshadow 0e92eab47959b208c7e68922392b1d9e

There is a facility to diff it with existing files:

puppet filebucket -l diff 0e92eab47959b208c7e68922392b1d9e /etc/shadow

If there are lots of files, you can list from a certain date:

puppet filebucket -l list  -f 2024-07-03
0e92eab47959b208c7e68922392b1d9e 2024-07-03 10:49:37 /etc/shadow

OK now its even more curious that you can backup to the puppet master. We have been using the local filebucket on a client. But you can pop them back over to the master.

For this you need a local site.pp file on the client to set the default attribute of backup.

#/etc/puppetlabs/puppet/manifests/site.pp
filebucket { 'main':
  path   => false,                # This is required for remote filebuckets.
}

File { backup => main, }

Then that’s it by default, as the master. At that point don’t specify -l or –local anymore:

puppet filebackup   backup socket.py
socket.py: 10ffcd06cce7e739a822bfd58ef2fe56

That file will now be on the master filebucket.

puppet filebucket -b $(puppet config print bucketdir --section master)   list|grep socket
10ffcd06cce7e739a822bfd58ef2fe56 2024-07-03 10:25:47 root/socket.p

This is a different filebucket to the masters own local bucket by-the-way.

There is not easy way of finding out which client those centralised backed up files came from but, hey-ho, its still interesting.

The default backup bucket is called puppet seen with

puppet config print bucketdir
/opt/puppetlabs/puppet/cache/bucket

But you can put it to a different place, say /tmp/ :

puppet filebucket backup -b /tmp/my-bucket /etc/shadow
/etc/shadow: 0a77a706eac011dad8fde6b4c1d00016

And access it similarly:

puppet filebucket list -b /tmp/my-bucket/
0a77a706eac011dad8fde6b4c1d00016 2024-07-03 15:56:47 /etc/shadow