Merge pull request #128 from sebastianberm/feature/bastionhost

Add support for jumphosts
voxpupuli · Oct 14, 2021 · 760f57d · 760f57d
2 parents e207393 + 95de609
commit 760f57d
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 10 deletions.
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -306,3 +306,11 @@ Configure the name of each backupjob and the time of that job.
 
 Default value: `{ 'default' => '18:30:00' }`
 
+##### <a name="ssh_proxyjump"></a>`ssh_proxyjump`
+
+Data type: `Optional[String[1]]`
+
+Configure possible bastionhosts for the connection.
+
+Default value: ``undef``
+
diff --git a/manifests/config.pp b/manifests/config.pp
@@ -51,16 +51,32 @@
   }
 
   # /root/.ssh/config entry for the backup server
-  ssh::client::config::user { 'root':
-    ensure        => present,
-    user_home_dir => '/root',
-    options       => {
-      'Host backup' => {
-        'User'         => $borg::username,
-        'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
-        'Hostname'     => $borg::backupserver,
-        'Port'         => $borg::ssh_port,
+  if $borg::ssh_proxyjump {
+    ssh::client::config::user { 'root':
+      ensure        => present,
+      user_home_dir => '/root',
+      options       => {
+        'Host backup' => {
+          'User'         => $borg::username,
+          'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
+          'Hostname'     => $borg::backupserver,
+          'Port'         => $borg::ssh_port,
+          'ProxyJump'    => $borg::ssh_proxyjump,
+        },
       },
-    },
+    }
+  } else {
+    ssh::client::config::user { 'root':
+      ensure        => present,
+      user_home_dir => '/root',
+      options       => {
+        'Host backup' => {
+          'User'         => $borg::username,
+          'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
+          'Hostname'     => $borg::backupserver,
+          'Port'         => $borg::ssh_port,
+        },
+      },
+    }
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -96,6 +96,9 @@
 # @param backuptime
 #   Configure the name of each backupjob and the time of that job.
 #
+# @param ssh_proxyjump
+#   Configure possible bastionhosts for the connection.
+#
 # @see https://metacpan.org/pod/App::BorgRestore
 #
 class borg (
@@ -131,6 +134,7 @@
   Boolean $manage_package                                  = true,
   Enum['rsa', 'ed25519'] $ssh_key_type                     = 'ed25519',
   Hash[String[1],String[1]] $backuptime                    = { 'default' => '18:30:00' },
+  Optional[String[1]] $ssh_proxyjump                       = undef,
 ) {
   contain borg::install
   contain borg::config