From 95de6096ea7fb334bec23a30328ee937770cc443 Mon Sep 17 00:00:00 2001
From: Sebastian Berm <sebastian@sebsoft.nl>
Date: Wed, 22 Sep 2021 10:20:47 +0200
Subject: [PATCH] Added support for jumphosts

With this commit, it's possible to configure jumphosts to be used. Use this when your backup target isn't reachable directly.
---
 REFERENCE.md        |  8 ++++++++
 manifests/config.pp | 36 ++++++++++++++++++++++++++----------
 manifests/init.pp   |  4 ++++
 3 files changed, 38 insertions(+), 10 deletions(-)

diff --git a/REFERENCE.md b/REFERENCE.md
index 93062d3..b815e15 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -306,3 +306,11 @@ Configure the name of each backupjob and the time of that job.
 
 Default value: `{ 'default' => '18:30:00' }`
 
+##### <a name="ssh_proxyjump"></a>`ssh_proxyjump`
+
+Data type: `Optional[String[1]]`
+
+Configure possible bastionhosts for the connection.
+
+Default value: ``undef``
+
diff --git a/manifests/config.pp b/manifests/config.pp
index e8d9da1..6d971a0 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -51,16 +51,32 @@
   }
 
   # /root/.ssh/config entry for the backup server
-  ssh::client::config::user { 'root':
-    ensure        => present,
-    user_home_dir => '/root',
-    options       => {
-      'Host backup' => {
-        'User'         => $borg::username,
-        'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
-        'Hostname'     => $borg::backupserver,
-        'Port'         => $borg::ssh_port,
+  if $borg::ssh_proxyjump {
+    ssh::client::config::user { 'root':
+      ensure        => present,
+      user_home_dir => '/root',
+      options       => {
+        'Host backup' => {
+          'User'         => $borg::username,
+          'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
+          'Hostname'     => $borg::backupserver,
+          'Port'         => $borg::ssh_port,
+          'ProxyJump'    => $borg::ssh_proxyjump,
+        },
       },
-    },
+    }
+  } else {
+    ssh::client::config::user { 'root':
+      ensure        => present,
+      user_home_dir => '/root',
+      options       => {
+        'Host backup' => {
+          'User'         => $borg::username,
+          'IdentityFile' => "~/.ssh/id_${borg::ssh_key_type}_borg",
+          'Hostname'     => $borg::backupserver,
+          'Port'         => $borg::ssh_port,
+        },
+      },
+    }
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 34e18ae..15c0991 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -96,6 +96,9 @@
 # @param backuptime
 #   Configure the name of each backupjob and the time of that job.
 #
+# @param ssh_proxyjump
+#   Configure possible bastionhosts for the connection.
+#
 # @see https://metacpan.org/pod/App::BorgRestore
 #
 class borg (
@@ -131,6 +134,7 @@
   Boolean $manage_package                                  = true,
   Enum['rsa', 'ed25519'] $ssh_key_type                     = 'ed25519',
   Hash[String[1],String[1]] $backuptime                    = { 'default' => '18:30:00' },
+  Optional[String[1]] $ssh_proxyjump                       = undef,
 ) {
   contain borg::install
   contain borg::config