Difference between revisions of "stoney backup: OpenLDAP directory data organisation"
[unchecked revision] | [unchecked revision] |
(→Backup accounts - S3 bucket based backup account example) |
(→Backup accounts - S3 bucket based backup account example) |
||
(15 intermediate revisions by the same user not shown) | |||
Line 1,659: | Line 1,659: | ||
Each (Online) Backup service account has it's own change root (chroot, jail) directory. The following example shows the OpenLDAP directory entry for the (online) backup account with the uid number 4000907: | Each (Online) Backup service account has it's own change root (chroot, jail) directory. The following example shows the OpenLDAP directory entry for the (online) backup account with the uid number 4000907: | ||
<source lang="ldif"> | <source lang="ldif"> | ||
− | dn: uid=4000907,ou=accounts,ou=backup,ou=services, | + | dn: uid=4000907,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org |
objectclass: top | objectclass: top | ||
objectclass: sstS3Bucket | objectclass: sstS3Bucket | ||
Line 1,666: | Line 1,666: | ||
uid: 4000907 | uid: 4000907 | ||
sstDisplayName: Support stepping stone AG | sstDisplayName: Support stepping stone AG | ||
− | description: The leaf for the S3 bucket based backup account belonging to the user 'Support stepping stone AG'. | + | description: The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the user 'Support stepping stone AG'. |
sstBackupWarningDays: 1 | sstBackupWarningDays: 1 | ||
sstBackupWarningNumbers: 0 | sstBackupWarningNumbers: 0 | ||
Line 1,698: | Line 1,698: | ||
uid: 4000907 | uid: 4000907 | ||
sstDisplayName: Support stepping stone AG | sstDisplayName: Support stepping stone AG | ||
− | description: The leaf for the S3 bucket based backup account belonging to the user 'Support stepping stone AG'. | + | description: The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the user 'Support stepping stone AG'. |
sstBackupWarningDays: 1 | sstBackupWarningDays: 1 | ||
sstBackupWarningNumbers: 0 | sstBackupWarningNumbers: 0 | ||
sstBackupWarningOn: TRUE | sstBackupWarningOn: TRUE | ||
sstNotificationWarningMedium: mail | sstNotificationWarningMedium: mail | ||
− | |||
sstIsActive: TRUE | sstIsActive: TRUE | ||
sstBillable: FALSE | sstBillable: FALSE | ||
Line 1,745: | Line 1,744: | ||
| <!-- Description --> style="text-align: left;" | The human readable display name. Either the human readable server name the S3 bucket belongs to or the persons full name the S3 bucket belongs to. | | <!-- Description --> style="text-align: left;" | The human readable display name. Either the human readable server name the S3 bucket belongs to or the persons full name the S3 bucket belongs to. | ||
− | For example: | + | For example: <code>sst-int-001: stepping stone AG: AlmaLinux 9 (LBaaS 1 Active))</code> or <code>Support stepping stone AG</code>. |
|- | |- | ||
Line 1,754: | Line 1,753: | ||
| <!-- Description --> style="text-align: left;" | The description of the leaf. | | <!-- Description --> style="text-align: left;" | The description of the leaf. | ||
− | For example: The leaf for the S3 bucket based backup account belonging to the user 'Support stepping stone AG'. | + | For example: <code>The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the user 'Support stepping stone AG'.</code> |
+ | |||
+ | Or: <code>The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the server 'sst-int-001: stepping stone AG: AlmaLinux 9 (LBaaS 1 Active)'.</code> | ||
|- | |- | ||
Line 1,761: | Line 1,762: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | If the attribute <code>sstBackupWarningOn</code> ist true, a non-successful backup notification warning is sent after X days of non-successful backups (where X is an integer number larger than zero). X is an integer number larger than 1. 0 means, the warning is turned off. The default is '''1''' and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
|- | |- | ||
Line 1,768: | Line 1,769: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | If the attribute <code>sstBackupWarningOn</code> ist true, a non-successful backup notification warning is sent after X non-successful backups. X is an integer number larger than 1. 0 means, the warning is turned off. The default is '''0''' and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
|- | |- | ||
Line 1,775: | Line 1,776: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | Is the non-successful backup notification warning turned on or not? Either <code>true</code> (yes) or <code>false</code> (no). Default is true (yes) and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
+ | |- | ||
+ | |||
+ | | <!-- Attribute --> style="text-align: left;" | sstNotificationWarningLevel | ||
+ | | <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | ||
+ | | <!-- Existance --> style="text-align: center;" | MUST | ||
+ | | <!-- Mandatory --> style="text-align: center;" | x | ||
+ | | <!-- Description --> style="text-align: left;" | The quota notification level in percent, when the owner of the backup needs to warned. A value between 0 and 100. The default is 85 percent and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. | ||
|- | |- | ||
Line 1,782: | Line 1,790: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The notification medium, either sms (points to the multi-valued attribute <code>mobileTelephoneNumber</code>) or mail (points to the multi-valued attribute <code>mail</code>). Currently, only mail is supported. This is the default is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
|- | |- | ||
Line 1,789: | Line 1,797: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The S3 bucket quota in bytes. The value must be a multiple of 1073741824 bytes. |
+ | |||
+ | For example: '''10737418240''' (10 Gibibyte or 10 GiB). | ||
|- | |- | ||
Line 1,796: | Line 1,806: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | How long the modified items are kept in the S3 version history. Possible values are between 1 and 99. Default is 1. |
+ | |||
+ | For example: '''3''' (three days). | ||
|- | |- | ||
Line 1,803: | Line 1,815: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | How long the S3 version history is delete protected (compliance mode). Possible values are between 1 and 99. Default is 1. |
+ | |||
+ | For example: '''3''' (three days). | ||
|- | |- | ||
Line 1,810: | Line 1,824: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | S3 object lock provides two retention modes that apply different levels of protection to your objects. COMPLIANCE and GOVERNANCE. Default is COMPLIANCE. |
+ | |||
+ | For example: '''COMPLIANCE'''. | ||
|- | |- | ||
Line 1,817: | Line 1,833: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | Defines if the given quota must automatically expand (TRUE) or not (FALSE). Default is FALSE. |
+ | |||
+ | Example: '''FALSE''' | ||
|- | |- | ||
Line 1,824: | Line 1,842: | ||
| <!-- Existance --> style="text-align: center;" | MUST | | <!-- Existance --> style="text-align: center;" | MUST | ||
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The level in percent from which an action must be carried out. |
− | + | ||
− | + | For example: '''90''' (ninety percent). | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
|- | |- | ||
Line 1,838: | Line 1,851: | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
| <!-- Mandatory --> style="text-align: center;" | | | <!-- Mandatory --> style="text-align: center;" | | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The date and time of the last successful backup in UTC, either 0 or in the form of hostname:[YYYY][MM][DD]T[hh][mm][ss]Z ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]). |
+ | |||
+ | For example: '''computer:20130923T063554Z''' or '''computer.example.com:20130923T063554Z'''. | ||
|- | |- | ||
Line 1,844: | Line 1,859: | ||
| <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | | <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
− | | <!-- Mandatory --> style="text-align: center;" | | + | | <!-- Mandatory --> style="text-align: center;" | x<sup>3</sup> |
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The notification language according to [http://www.ietf.org/rfc/rfc1766.txt RFC 1766] ([http://www.iso.org/iso/english_country_names_and_code_elements ISO 3166-1-alpha-2 code]-[http://www.loc.gov/standards/iso639-2/php/code_list.php ISO 639-1 Code]. |
+ | |||
+ | For example '''de-CH''' or '''en-GB'''. | ||
+ | |||
+ | The content of this value is taken from the person entry from the attribute <code>preferredLanguage</code>. If the backup account belongs to a service instead of a person, this attribute must be set. | ||
|- | |- | ||
Line 1,858: | Line 1,877: | ||
| <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | | <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
− | | <!-- Mandatory --> style="text-align: center;" | x | + | | <!-- Mandatory --> style="text-align: center;" | x<sup>1</sup> |
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | By how much must the quota be expanded in percent. Possible values are between 1 and 99. |
+ | |||
+ | For example: '''2''' (two percent). | ||
|- | |- | ||
Line 1,865: | Line 1,886: | ||
| <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | | <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
− | | <!-- Mandatory --> style="text-align: center;" | x | + | | <!-- Mandatory --> style="text-align: center;" | x<sup>1</sup> |
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | By how much must the quota be expanded in bytes. The value must be a multiple of 1073741824 bytes. |
− | + | ||
− | + | For example: '''1073741824''' (1 Gibibyte or 1 GiB). | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
|- | |- | ||
− | | <!-- Attribute --> style="text-align: left;" | | + | | <!-- Attribute --> style="text-align: left;" | host |
| <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | | <!-- Objectclass --> style="text-align: left;" | sstS3Bucket | ||
− | | <!-- Existance --> style="text-align: center;" | | + | | <!-- Existance --> style="text-align: center;" | MUST |
| <!-- Mandatory --> style="text-align: center;" | x | | <!-- Mandatory --> style="text-align: center;" | x | ||
− | | <!-- Description --> style="text-align: left;" | | + | | <!-- Description --> style="text-align: left;" | The host where the S3 bucket provisioning daemon runs. |
|- | |- | ||
Line 1,949: | Line 1,965: | ||
See the [[#Backup_Provisioning | backup provisioning]] section for details. | See the [[#Backup_Provisioning | backup provisioning]] section for details. | ||
+ | |- | ||
+ | |||
+ | | <!-- Attribute --> style="text-align: left;" | sstProvisioningReturnValue | ||
+ | | <!-- Objectclass --> style="text-align: left;" | sstProvisioning | ||
+ | | <!-- Existance --> style="text-align: center;" | MAY | ||
+ | | <!-- Mandatory --> style="text-align: center;" | x | ||
+ | | <!-- Description --> style="text-align: left;" | The provisioning return value written by the S3 bucket provisioning daemon. '''0''' means success, '''>0''' means failure. | ||
+ | |||
+ | For example: '''0'''. | ||
|- | |- | ||
Line 1,968: | Line 1,993: | ||
| <!-- Objectclass --> style="text-align: left;" | sstRelationship | | <!-- Objectclass --> style="text-align: left;" | sstRelationship | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
− | | <!-- Mandatory --> style="text-align: center;" | x | + | | <!-- Mandatory --> style="text-align: center;" | x<sup>2</sup> |
| <!-- Description --> style="text-align: left;" | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. <code>4000123</code>. | | <!-- Description --> style="text-align: left;" | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. <code>4000123</code>. | ||
|- | |- | ||
Line 1,975: | Line 2,000: | ||
| <!-- Objectclass --> style="text-align: left;" | sstRelationship | | <!-- Objectclass --> style="text-align: left;" | sstRelationship | ||
| <!-- Existance --> style="text-align: center;" | MAY | | <!-- Existance --> style="text-align: center;" | MAY | ||
− | | <!-- Mandatory --> style="text-align: center;" | x | + | | <!-- Mandatory --> style="text-align: center;" | x<sup>2</sup> |
| <!-- Description --> style="text-align: left;" | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. <code>4000123</code>. | | <!-- Description --> style="text-align: left;" | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. <code>4000123</code>. | ||
|- | |- | ||
|} | |} | ||
+ | |||
+ | Legend: | ||
+ | * '''x''': Mandatory in all cases. | ||
+ | * '''x<sup>1</sup>''': If <code>sstAutoGrow</code> is set to <code>TRUE</code>, either <code>sstAutoGrowStepPercentage</code> or <code>sstAutoGrowStepBytes</code> must be set. | ||
+ | * '''x<sup>2</sup>''': Either <code>sstBelongsToPersonUID</code> or <code>sstBelongsToServiceUID</code> must be set. | ||
+ | * '''x<sup>3</sup>''': See notes below! | ||
+ | |||
+ | Notes: | ||
+ | * sstInformPersonUID (sstRelationship): We should use <code>sstInformPersonUID</code>, if <code>sstBelongsToServiceUID</code> instead <code>sstBelongsToPersonUID</code> is set. The multi-valued attribute may be set on three levels: | ||
+ | ** <code>uid=<backup_uid>,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org</code> | ||
+ | ** <code>ou=settings,uid=<customer_uid>,ou=customers,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org</code> | ||
+ | ** <code>ou=settings,uid=<reseller_uid>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org</code> | ||
+ | * preferredLanguage (sstS3Bucket): The same applies here. | ||
== Backup groups == | == Backup groups == |
Latest revision as of 12:29, 20 August 2024
Contents
- 1 Abstract
- 2 Data Organisation
- 3 Backup
- 3.1 Backup Configuration
- 3.1.1 Backup rsnapshot Provisioning Daemon
- 3.1.2 Backup Reseller
- 3.1.2.1 Backup Reseller Billing
- 3.1.2.2 Backup Reseller Backup Account Defaults
- 3.1.2.3 Backup Reseller Backup Notification Settings
- 3.1.2.4 Backup Reseller Backup Account Settings
- 3.1.2.5 Backup Reseller Templates
- 3.2 Backup accounts
- 3.3 Backup groups
- 3.4 Backup Provisioning
- 3.1 Backup Configuration
- 4 Links
Abstract
This document describes the OpenLDAP directory data organisation for the stoney backup service.
Data Organisation
The following chapters explain the data organisation of the stoney cloud OpenLDAP directory, in this case we looking at the stoney backup service.
Backup
The following LDIF shows the backup entry of the whole OpenLDAP directory tree for the stoney cloud:
dn: ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: organizationalUnit objectclass: top ou: backup
Backup Configuration
The sub tree for the configuration of the (online) backup service:
dn: ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: configuration description: The sub tree for the configuration of the (online) backup service.
Backup rsnapshot Provisioning Daemon
The sub tree for the configuration of the prov-backup-rsnapshot daemon:
dn: ou=prov-backup-rsnapshot,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstServiceConfigurationObjectClass ou: prov-backup-rsnapshot description: The sub tree for the configuration of the prov-backup-rsnapshot daemon. sstIsActive: TRUE
The following table describes the different attributes:
Attribute | |
|
Description |
description | |
|
The description of the leaf. |
sstIsActive | |
|
Is the entry active? Either true (yes) or false (no). |
Legend:
- x: Mandatory in all cases.
Backup Reseller
The sub tree for the reseller specific (online) backup service settings:
dn: ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: reseller description: The sub tree for the reseller specific (online) backup service settings.
The sub tree for the specific (online) backup service settings for the reseller Reseller Ltd. with the uid 4000000.
dn: uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: sstReseller objectclass: sstServiceConfigurationObjectClass uid: 4000000 o: Reseller Ltd. description: The sub tree for the specific (online) backup service settings for the reseller Reseller Ltd. with the uid 4000000. sstIsActive: TRUE sstIsDefault: TRUE sstBelongsToResellerUID: 4000000
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
uid | |
|
|
|
A unique integer value with 7 digits or more. For example: 4000000. |
o | |
|
|
|
The company name, for example: stepping stone GmbH. |
description | |
|
|
|
The description of the leaf. |
sstIsActive | |
|
|
|
Is the entry active? Either TRUE (yes) or FALSE (no).
|
sstIsDefault | |
|
|
|
Contains the leaf a default entry? Either TRUE (yes) or FALSE (no). If sstIsDefault is set to TRUE , this entry acts as a fall back configuration. In other words: If a reseller doesn't have his own (online) backup service configuration, then this on will be used.
|
sstBelongsToResellerUID | |
|
|
|
Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000. |
Legend:
- x: Mandatory in all cases.
Backup Reseller Billing
The sub tree for the billing information of the (online) backup service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=billing,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: TBD ou: billing description: The sub tree for the billing information of the (online) backup service for the reseller Reseller Ltd. with the uid 4000000.
TBD: Der Aufbau sollte so sein, dass er hierarchische Informationen abbilden könnte. Oder wir machen den normalen Billing Tree, den wir ursprünglich vorgeshene haben.
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
The description of the leaf. |
Legend:
- x: Mandatory in all cases.
Backup Reseller Backup Account Defaults
The sub tree for the backup account defaults for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstBackup ou: defaults description: The sub tree for the default settings of the (online) backup service for the reseller Reseller Ltd. with the uid 4000000. loginShell: /bin/sh shadowMax: 99999 shadowWarning: 7 shadowFlag: 134539460 sstBackupWarningDays: 1 sstBackupWarningNumbers: 0 sstBackupWarningOn: FALSE sstNotificationWarningLevel: 85 sstNotificationWarningMedium: mail sstBackupSize: 0 sstIncrementSize: 0 sstBackupIntervalHourly: 0 sstBackupIntervalDaily: 7 sstBackupIntervalWeekly: 4 sstBackupIntervalMonthly: 3 sstBackupIntervalYearly: 0 sstUseSelfcare: FALSE sstUseSSH: TRUE sstIsActive: TRUE
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
loginShell | |
|
|
|
The path to the login shell. The default is /bin/sh. |
shadowMax | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the maximum number of days the password is valid. The default is 99999, which corresponds to about 273 years. In reality, this means, that the user does not need to change the password. |
shadowWarning | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the number of days before the password expires that the user is warned. The default is 7. |
shadowFlag | |
|
|
|
Related to the /etc/shadow file, this attribute is currently not used and is reserved for future use. The default is set to 134539460.
|
sstVolumeCapacityDefault | |
|
|
|
|
sstVolumeCapacityMin | |
|
|
|
|
sstVolumeCapacityMax | |
|
|
|
|
sstVolumeCapacityStep | |
|
|
|
|
sstQuotaChange | |
|
|
|
Can the user change the quota? Either TRUE (yes) or FALSE (no). Default is FALSE (no).
|
sstBackupWarningDays | |
|
|
|
After how many missed backup days should the user be warned. Possible values are between 0 and 99. Default is 1. |
sstBackupWarningNumbers | |
|
|
|
After how many missed backups should the user be warned. Possible values are between 0 and 99. Default is 0. |
sstBackupWarningOn | |
|
|
|
Does the user want to informed about failed backups (TRUE) or not (FALSE). |
sstNotificationWarningLevel | |
|
|
|
The quota notification level in percent, when the owner of the backup needs to warned. A value between 0 and 100. The default is 85 percent. |
sstNotificationWarningMedium | |
|
|
|
The notification medium, either sms (points to the multi-valued attribute mobileTelephoneNumber ) or mail (points to the multi-valued attribute mail ). Currently, only mail is supported.
|
sstNotificationWarningMediumChange | |
|
|
|
Can a user change the notification warning medium? Either TRUE (yes) or FALSE (no). The default is FALSE (no).
|
sstNotificationWarningMediumAdd | |
|
|
|
Can a user add new notification warning mediums (mobileTelephoneNumber or mail ? Either TRUE (yes) or FALSE (no). The default is TRUE (yes). Currently, only adding new mail addresses are supported.
|
sstBackupIntervalHourly | |
|
|
|
How many hourly backups do we want? The default is 0. |
sstBackupIntervalDaily | |
|
|
|
How many daily backups do we want? The default is 7. |
sstBackupIntervalWeekly | |
|
|
|
How many weekly backups do we want? The default is 4. |
sstBackupIntervalMonthly | |
|
|
|
How many monthly backups do we want? The default is 3. |
sstBackupIntervalYearly | |
|
|
|
How many yearly backups do we want? The default is 0. |
sstIsActive | |
|
|
|
Is the backup account active? Either TRUE (yes) or FALSE (no). Default is TRUE (yes).
|
sstUseSelfcare | |
|
|
|
Can the Self-Service interface be used with the credentials of the backup account? Either TRUE (yes) or FALSE (no). Default is FALSE (no).
|
sstUseSSH | |
|
|
|
Is the ssh service active for the backup account? Either TRUE (yes) or FALSE (no). Default is TRUE (yes).
|
Legend:
- x: Mandatory in all cases.
Backup Reseller Backup Notification Settings
The sub tree stores the notification information for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. The idea is, that the reseller can receive notifications for a customer and react on the received information (for example, when the quota has been reached):
dn: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstNotificationObjectClass ou: notifications description: The sub tree stores the notification information for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. sstMailTo: Support stepping stone GmbH <support@stepping-stone.ch> sstNotificationWarning: quota sstNotificationWarning: schedule sstNotificationWarning: unsuccessful
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailTo | |
|
|
|
|
sstNotificationWarning | |
|
|
|
This multi-valued attribute will be used to turn single notifications on or off. The attribute sstBackupWarningOn must be set to TRUE Possible values are quota, schedule and unsuccessful (the names correspond with the template dn).
|
Legend:
- x: Mandatory in all cases.
Backup Reseller Backup Account Settings
The sub tree stores the information about what can be modified in which scope for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=settings,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstServiceSettingsObjectClass ou: settings description: This sub tree stores the information about what can be modified in which scope. sstVolumeCapacityDefault: 1073741824 sstVolumeCapacityMin: 1073741824 sstVolumeCapacityMax: 536870912000 sstVolumeCapacityStep: 1073741824 sstNotificationWarningMediumChange: FALSE sstNotificationWarningMediumAdd: TRUE sstQuotaChange: FALSE sstSendCredentialsTo: owner sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> preferredLanguage: de-CH
Human readable format:
- sstVolumeCapacityDefault: 1 Gibibyte (GiB)
- sstVolumeCapacityMin: 1 Gibibyte (GiB)
- sstVolumeCapacityMax: 500 Gibibyte (GiB)
- sstVolumeCapacityStep: 1 Gibibyte (GiB)
The following table describes how to calculate the sstVolumeCapacity* attributes:
Size | Calculation | Value |
|
1 | 1 |
|
210 | 1 024 |
|
220 | 1 048 576 |
|
230 | 1 073 741 824 |
|
5 x 230 | 5 368 709 120 |
|
10 x 230 | 10 737 418 240 |
|
100 x 230 | 107 374 182 400 |
|
500 x 230 | 536 870 912 000 |
|
240 | 1 099 511 627 776 |
|
250 | 1 125 899 906 842 624 |
|
260 | 1 152 921 504 606 846 976 |
Legend:
- x: Mandatory in all cases.
Backup Reseller Templates
This sub tree contains the templates for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: templates description: This sub tree contains the templates for the (online) backup service for the reseller Reseller Ltd. with the uid 4000000.
Backup Reseller Credentials Templates
This sub tree contains the quota templates for the (online) backup service:
dn: ou=credentials,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: credentials description: This leaf contains the credential templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/credentials/credentials_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/credentials/credentials_attachment sstTemplateFormatSource: odt sstTemplateFormatTarget: pdf
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailFrom | |
|
|
|
The mail address, from which the credentials are sent from. For example:
If this attribute does not exist, the
from
must be taken. |
sstMailTo | |
|
|
|
If this multi-valued attribute is set with one or mail address(es), then these recipients will receive the same information as the login user or the owner , depending on the value of sstSendCredentialsTo under ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org . Normally, this attribute is not set for the credentials.
|
sstMailTemplate | |
|
|
|
The template, that is used to create the mail that is sent to either the user logged in (sstSendCredentialsTo: login ) or to the owner of then newly created service (sstSendCredentialsTo: owner . For example:
|
sstMailTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
Default would normally be |
sstMailTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
|
sstTemplate | |
|
|
|
The template, that is used to create the attachment that is sent with the mail. For example:
|
sstTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holders:
The complete path and file name is a string concatenation of the values of the attributes
This gives us:
Default would normally be |
sstTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
Note to Self-Service developer(s). Please be aware of the following issues when using PHP-Easy-Report:
Default would normally be |
Legend:
- x: Mandatory in all cases.
Credentials Place Holders E-Mail (txt/html)
Address with an example:
{$company} stepping stone GmbH {$salutation} {$name} {$surname} Mr. Michael Eichenberger {$address} Neufeldstrasse 9 {$country}-{$zip} {$location} CH-3013 Bern
Date with an example:
{$day} 16 {$month} August {$year} 2013
Backup Service with an example:
{$uid} 4000124 {$password} XlWz4Qa#
Optional Values:
{$externalID} 12345
Credentials Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup Reseller Quota Templates
Warns the user when the backup is running out of space (quota).
This sub tree contains the quota templates for the (online) backup service:
dn: ou=quota,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: quota description: This leaf contains the quota templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/quota/quota_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/quota/quota_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailFrom | |
|
|
|
The mail address, from which the quota mails are sent from. For example:
If this attribute does not exist, the
from
must be taken. |
sstMailTo | |
|
|
|
If this multi-valued attribute is set with one or mail address(es), then these recipients will receive the same information as the owner. Normally, this attribute is not set. |
sstMailTemplate | |
|
|
|
The template, that is used to create the mail that is sent to the owner of the service if sstBackupWarningOn: TRUE and sstNotificationWarningMedium: mail . If the mail is not set, you must look for the mail in the owners person entry under uid=<UID>,ou=people,dc=stoney-cloud,dc=org .
For example:
|
sstMailTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
Default would normally be |
sstMailTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
|
sstMailTemplateReseller | |
|
|
|
The path and name to a template file, that is used to inform one or more people if the multi-valued attribute sstMailTo is set in the notifications sub tree of the reseller
and if <code>sstNotificationWarning is set to
This way, the support organisation will be pre-informed for when the customer should call or write. The information the recipients will receive, is the same as the owner, but will formatted according to:
|
sstMailTemplateResellerFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
The complete path and file name is a string concatenation of the values of the attributes
This gives us:
Default would normallb be |
sstMailTemplateResellerFormatTarget | |
|
|
|
The format of the target. Supported values:
Default would normallb be |
Legend:
- x: Mandatory in all cases.
- x1: Must exist, if
sstMailTo
is set.
Quota Place Holders E-Mail (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$uid} 3723707 {$percent} 98 {$quota} 100 {$backup_size} 40 {$snapshot_size} 48
Optional Values:
{$externalID} 12345
Quota Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup Reseller Schedule Templates
Warns the user if the backup wasn't executed at the planned time (schedule).
This sub tree contains the schedule templates for the (online) backup service:
dn: ou=schedule,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: schedule description: This leaf contains the schedule templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/schedule/schedule_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/schedule/schedule_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
Schedule Place Holders E-Mail (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$scheduled_date} 01. August 2013 {$scheduled_time} 15:00 {$gecos} Michael Eichenberger {$computer} my-laptop {$last_success} The last successful backup was made on the 03. July 2013 at 14:45 {$uid} 1234567
Optional Values:
{$externalID} 12345
Schedule Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup Reseller Unsuccessful Templates
Informs the user if the backup was executed, but finished with errors (unsuccessful).
This sub tree contains the unsuccessful templates for the (online) backup service:
dn: ou=unsuccessful,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: unsuccessful description: This leaf contains the schedule templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/unsuccessful/unsuccessful_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/unsuccessful/unsuccessful_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
Unsuccessful Place Holders E-Mail (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$scheduled_date} 01. August 2013 {$scheduled_time} 15:00 {$gecos} Michael Eichenberger {$computer} my-laptop {$last_success} The last successful backup was made on the 03. July 2013 at 14:45 {$uid} 1234567
Optional Values:
{$externalID} 12345
Example template:
Subject: Online Backup information for account {$uid} {$salutation} {$surname} Your backup for the account '{$gecos}' and the computer '{$computer}', scheduled for the {$scheduled_date} at {$scheduled_time}, was not successful. {$last_success} If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
Which results in the following mail for the backup account 4000152:
Dear Mr. Kläy Your backup for the account 'Pat Klaey' and the computer 'pat-GT60', scheduled for the 18. Aug 2013 at 17:15, was not successful. The last successful backup was made the 01. July 2013 at 12:00 If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
Unsuccessful Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup Reseller Upgrade Templates
If the Backup Client is too old, inform the user (upgrade).
This sub tree contains the upgrade templates for the (online) backup service:
dn: ou=upgrade,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: upgrade description: This leaf contains the schedule templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/upgrade/upgrade_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/upgrade/upgrade_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
Upgrade Place Holders E-Mail (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$scheduled_date} 01. August 2013 {$scheduled_time} 15:00 {$gecos} Michael Eichenberger {$computer} my-laptop {$last_success} The last successful backup was made on the 03. July 2013 at 14:45 {$uid} 1234567
Optional Values:
{$externalID} 12345
Example template:
Subject: Online Backup information for account {$uid} {$salutation} {$surname} Your backup for the account '{$gecos}' and the computer '{$computer}', scheduled for the {$scheduled_date} at {$scheduled_time}, was not successful. {$last_success} If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
Which results in the following mail for the backup account 4000152:
Dear Mr. Kläy Your backup for the account 'Pat Klaey' and the computer 'pat-GT60', scheduled for the 18. Aug 2013 at 17:15, was not successful. The last successful backup was made the 01. July 2013 at 12:00 If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
Upgrade Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup Reseller No Backup Templates
Tell the user, that they have a backup account, but it was never used (no backup).
This sub tree contains the no backup templates for the (online) backup service:
dn: ou=no backup,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: no backup description: This leaf contains the schedule templates for the (online) backup service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/no backup/no backup_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/backup/no backup/no backup_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
No Backup Place Holders E-Mail (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$scheduled_date} 01. August 2013 {$scheduled_time} 15:00 {$gecos} Michael Eichenberger {$computer} my-laptop {$last_success} The last successful backup was made on the 03. July 2013 at 14:45 {$uid} 1234567
Optional Values:
{$externalID} 12345
Example template:
Subject: Online Backup information for account {$uid} {$salutation} {$surname} Your backup for the account '{$gecos}' and the computer '{$computer}', scheduled for the {$scheduled_date} at {$scheduled_time}, was not successful. {$last_success} If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
Which results in the following mail for the backup account 4000152:
Dear Mr. Kläy Your backup for the account 'Pat Klaey' and the computer 'pat-GT60', scheduled for the 18. Aug 2013 at 17:15, was not successful. The last successful backup was made the 01. July 2013 at 12:00 If the problem can be solved with a manual Backup, you may ignore this message. Otherwise please contact us under: support@stepping-stone.ch Kind regards your stepping stone GmbH support team -- stepping stone GmbH Neufeldstrasse 9 CH-3012 Bern Telefon: +41 31 332 53 63 www.stepping-stone.ch support@stepping-stone.ch
No Backup Place Holders LibreOffice (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Backup accounts
The sub tree for the accounts of the (online) backup service:
dn: ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: accounts description: The sub tree for the accounts of the (online) backup service.
Backup accounts - Posix account based backup account example
Each (Online) Backup service account has it's own change root (chroot, jail) directory. The following example shows the OpenLDAP directory entry for the (online) backup account with the uid number 3723707:
dn: uid=3723707,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: account objectclass: posixAccount objectclass: shadowAccount objectclass: sstBackup objectclass: sstProvisioning objectclass: sstRelationship uid: 3723707 userPassword: {SSHA}E/KLUgeAtApAPQ7mG2GMddCxTE9m9QOS uidNumber: 3723707 gidNumber: 3723707 cn: Michael Eichenberger gecos: Michael Eichenberger homeDirectory: /home/3723707 loginShell: /bin/sh shadowLastChange: 11108 shadowMax: 99999 shadowWarning: 7 shadowFlag: 134539460 sstBackupIntervalHourly: 0 sstBackupIntervalDaily: 7 sstBackupIntervalWeekly: 4 sstBackupIntervalMonthly: 3 sstBackupIntervalYearly: 0 sstBackupIterations: 99 sstBackupWarningDays: 1 sstBackupWarningNumbers: 0 sstBackupWarningOn: TRUE sstNotificationWarningLevel: 85 preferredLanguage: de-CH sstNotificationWarningMedium: mail sstUseSelfcare: FALSE sstUseSSH: TRUE sstIsActive: TRUE sstQuota: 10737418240 sstBackupSize: 0 sstIncrementSize: 0 sstBackupLastSuccessfulBackup: computer:20130923T063554Z host: sst-int-054 sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002 sstBelongsToServiceUID: 4000003
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
uid | |
|
|
|
The unique identifier (uid). This attribute is created by the Self-Service interface by reading (and incrementing) the next free uid from "cn=nextfreeuid,ou=administration,dc=stoney-cloud,dc=org". |
userPassword | |
|
|
|
Identifies the entry's password and encryption method in the following format: {encryption method}encrypted password . For example: {SSHA}zBiT1dHAZh/8zbCeyocRVWhdP0j9xJ3U. This password will be automatically set through the Self-Service interface. Afterwords, the password can be changed by the user (including the reseller and customer).
|
uidNumber | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the user's login ID. Is the same as the uid. For example: 3723707. |
gidNumber | |
|
|
|
Group ID number. Is the same as the uid. For example: 3723707. |
cn | |
|
|
|
givenName and Surname. Will be used for the presentation in the interface. TBD |
gecos | |
|
|
|
Named for historical reasons, the GECOS field is mandatory and is used to store extra information (such as the user's full name). Utilities such as finger or getent access this field to provide additional user information. For a personal account, this entry would consist of givenName and surname , for example Michael Eichenberger . These values are taken from the owners entry (ou=people). For a service account, the attribute sstDisplayName from the corresponding service would be used for the content of this attribute. Please be aware, that this attribute is a IA5String (OID=1.3.6.1.4.1.1466.115.121.1.26) IA5 (almost ASCII) character set (7-bit). Does NOT allow extended characters e.g. é, Ø, å etc. The Self-Service interface automatically creates the content of this attribute. The user (including the reseller and customer) can modify this attribute as desired (except for the IA5 restrictions).
You can use: |
homeDirectory | |
|
|
|
The directory path corresponds with the 7 digit account uid. The following example describes, how the directory structure is built up for the account with the uid 3723707.
This attribute is created by the Self-Service interface. |
loginShell | |
|
|
|
The path to the login shell. The default is /bin/sh and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
shadowLastChange | |
|
|
|
Related to the /etc/shadow file, this attribute specifies number of days between January 1, 1970, and the date that the password was last modified. Must be set to the day, that the password was set (must be updated, when the password is changed). This attribute is created by the Self-Service interface. |
shadowMax | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the maximum number of days the password is valid. The default is 99999, which corresponds to about 273 years. In reality, this means, that the user does not need to change the password. This attribute is created by the Self-Service interface. The value is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
shadowWarning | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the number of days before the password expires that the user is warned. The default is 7 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
shadowFlag | |
|
|
|
Related to the /etc/shadow file, this attribute is currently not used and is reserved for future use. The default is set to 134539460 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIntervalHourly | |
|
|
|
How many hourly backups do we want? The default is 0 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIntervalDaily | |
|
|
|
How many daily backups do we want? The default is 7 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIntervalWeekly | |
|
|
|
How many weekly backups do we want? The default is 4 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIntervalMonthly | |
|
|
|
How many monthly backups do we want? The default is 3 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIntervalYearly | |
|
|
|
How many yearly backups do we want? The default is 0 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstBackupIterations | |
|
|
|
The number of backup iterations (when no backup intervals have been chosen). Possible values are between 0 and 9999. Default ist 0 if either sstBackupIntervalHourly , sstBackupIntervalDaily , sstBackupIntervalWeekly , sstBackupIntervalMonthly or sstBackupIntervalYearly contain a non-zero entry. Otherwise the default is 99.
|
sstBackupWarningDays | |
|
|
|
If the attribute sstBackupWarningOn ist true, a non-successful backup notification warning is sent after X days of non-successful backups (where X is an integer number larger than zero). X is an integer number larger than 1. 0 means, the warning is turned off. The default is 1 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupWarningNumbers | |
|
|
|
If the attribute sstBackupWarningOn ist true, a non-successful backup notification warning is sent after X non-successful backups. X is an integer number larger than 1. 0 means, the warning is turned off. The default is 0 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupWarningOn | |
|
|
|
Is the non-successful backup notification warning turned on or not? Either true (yes) or false (no). Default is true (yes) and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstNotificationWarning | |
|
|
|
This multi-valued attribute will be used to turn single notifications on or off. The attribute sstBackupWarningOn must be set to TRUE Possible values are quota, schedule and unsuccessful (the names correspond with the template dn).
|
preferredLanguage | |
|
|
|
The notification language according to RFC 1766 (ISO 3166-1-alpha-2 code-ISO 639-1 Code. For example de-CH or en-GB. The content of this value is taken from the person entry from the attribute preferredLanguage . If the backup account belongs to a service, the user must be asked for the notification language.
|
sstNotificationWarningLevel | |
|
|
|
The quota notification level in percent, when the owner of the backup needs to warned. A value between 0 and 100. The default is 85 percent and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstNotificationWarningMedium | |
|
|
|
The notification medium, either sms (points to the multi-valued attribute mobileTelephoneNumber ) or mail (points to the multi-valued attribute mail ). Currently, only mail is supported. This is the default is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstQuota | |
|
|
|
The filesystem quota in bytes. 10737418240 Bytes equal 10 Gigabytes. The user can change the quota, if the sstQuotaChange is set to TRUE . See "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupSize | |
|
|
|
The size of the actual backup in bytes. Default is 0 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. This attribute will be updated by the writeAccountSize.pl script, which is called during the daily backup run by the rsnapshotPostExecWrapper.sh script.
|
sstIncrementSize | |
|
|
|
The size of all the incremental backups combined in bytes. This attribute will be updated by the writeAccountSize.pl script, which is called during the daily backup run by the rsnapshotPostExecWrapper.sh script.
|
mobileTelephoneNumber | |
|
|
|
Multi-valued attribute with the mobile phone number(s) that is used for the notification of the user(s), if the attribute sstBackupWarningOn ist true and the attribute sstNotificationWarningMedium ist set to sms . Currently, only adding new mail addresses are supported, therefore this attribute is not used for the moment.
|
|
|
|
|
Multi-valued attribute with the E-Mail addresse(s) that is used for the notification of the user(s), if the attribute sstBackupWarningOn ist TRUE and the attribute sstNotificationWarningMedium ist set to mail . If sstNotificationWarningMediumAdd is set to TRUE and the backup service belongs to a personal account, the mail entry would be taken from the owners entry (ou=people). For a backup service belonging to another serviĉe, the Self-Service would ask the user for the mail address.
| |
sstIsActive | |
|
|
|
Is the backup account active? Either TRUE (yes) or FALSE (no). Default is TRUE (yes) and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstUseSelfcare | |
|
|
|
Can the Self-Service interface be used with the credentials of the backup account? Either TRUE (yes) or FALSE (no). Default is FALSE (no) and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstUseSSH | |
|
|
|
Is the ssh service active for the backup account? Either TRUE (yes) or FALSE (no). Default is TRUE (yes) and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupLastSuccessfulBackup | |
|
|
|
The date and time of the last successful backup in UTC, either 0 or in the form of hostname:[YYYY][MM][DD]T[hh][mm][ss]Z (ISO 8601). For example: computer:20130923T063554Z or computer.example.com:20130923T063554Z. |
host | |
|
|
|
TBD |
sstProvisioningMode | |
|
|
|
The provisioning mode, either add , modify or delete . For a new account, this attribute must be set to add . See Provisioning for details.
|
sstProvisioningExecutionDate | |
|
|
|
The date the provisioning shall occur in the form of [YYYY][MM][DD] (ISO 8601). For a new account, this attribute must be set to 0. See Provisioning for details. |
sstProvisioningReturnValue | |
|
|
|
The provisioning return value written by the prov-backup-rsnapshot daemon. 0 means success, >0 means failure. See the prov-backup-rsnapshot Exit Codes for detailed information. |
sstProvisioningState | |
|
|
|
The provisioning state, either 0 or in the form of [YYYY][MM][DD]T[hh][mm][ss] (ISO 8601). For a new account, this attribute must be set to 0. See Provisioning for details. |
sstBelongsToResellerUID | |
|
|
|
Stores the reseller UID the leaf belongs to. |
sstBelongsToCustomerUID | |
|
|
|
Stores the customer UID the leaf belongs to. |
sstBelongsToPersonUID | |
|
|
|
Stores the person UID the leaf belongs to. |
sstBelongsToServiceUID | |
|
|
|
Stores the UID (Unique Identifier) of the service the leaf belongs to. This UID can be used to look up other information. For a customer mail account, the service the account belongs to will most likely be a stoney cloud unit (instance). |
Legend:
- x: Mandatory in all cases.
- x1: Only show, if the number is larger than zero.
- x2: Only show, if
sstBackupWarningOn
is set toTRUE
. - x3: Either
sstBelongsToPersonUID
orsstBelongsToServiceUID
must bei set. The attributesstBelongsToServiceUID
must be set for all the stoney cloud units (instances).
Backup accounts - S3 bucket based backup account example
Each (Online) Backup service account has it's own change root (chroot, jail) directory. The following example shows the OpenLDAP directory entry for the (online) backup account with the uid number 4000907:
dn: uid=4000907,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: sstS3Bucket objectclass: sstProvisioning objectclass: sstRelationship uid: 4000907 sstDisplayName: Support stepping stone AG description: The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the user 'Support stepping stone AG'. sstBackupWarningDays: 1 sstBackupWarningNumbers: 0 sstBackupWarningOn: TRUE sstNotificationWarningMedium: mail sstIsActive: TRUE sstBillable: FALSE sstQuota: 10737418240 sstS3BucketLifecycleDays: 1 sstS3BucketWormDays: 1 sstS3BucketWormMode: COMPLIANCE sstAutoGrow: FALSE sstActionLevel: 90 host: ctrl-test-vm-043 sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstProvisioningReturnValue: 0 sstBelongsToResellerUID: 2000000 sstBelongsToCustomerUID: 3723426 sstBelongsToPersonUID: 1000482
With auto-grow:
dn: uid=4000907,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: sstS3Bucket objectclass: sstProvisioning objectclass: sstRelationship uid: 4000907 sstDisplayName: Support stepping stone AG description: The leaf for the S3 bucket based backup account with the uid '4000907' belonging to the user 'Support stepping stone AG'. sstBackupWarningDays: 1 sstBackupWarningNumbers: 0 sstBackupWarningOn: TRUE sstNotificationWarningMedium: mail sstIsActive: TRUE sstBillable: FALSE sstQuota: 10737418240 sstS3BucketLifecycleDays: 1 sstS3BucketWormDays: 1 sstS3BucketWormMode: COMPLIANCE sstAutoGrow: TRUE sstActionLevel: 90 sstAutoGrowStepBytes: 1073741824 host: ctrl-test-vm-043 sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstProvisioningReturnValue: 0 sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
The following table describes the different attributes:
Attribute | Objectclass | Existance | Mandatory | Description |
---|---|---|---|---|
uid | sstS3Bucket | MUST | x | A unique integer value with 7 digits or more. For example: 4000003 .
|
sstDisplayName | sstS3Bucket | MUST | x | The human readable display name. Either the human readable server name the S3 bucket belongs to or the persons full name the S3 bucket belongs to.
For example: |
description | sstS3Bucket | MAY | x | The description of the leaf.
For example: Or: |
sstBackupWarningDays | sstS3Bucket | MUST | x | If the attribute sstBackupWarningOn ist true, a non-successful backup notification warning is sent after X days of non-successful backups (where X is an integer number larger than zero). X is an integer number larger than 1. 0 means, the warning is turned off. The default is 1 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupWarningNumbers | sstS3Bucket | MUST | x | If the attribute sstBackupWarningOn ist true, a non-successful backup notification warning is sent after X non-successful backups. X is an integer number larger than 1. 0 means, the warning is turned off. The default is 0 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstBackupWarningOn | sstS3Bucket | MUST | x | Is the non-successful backup notification warning turned on or not? Either true (yes) or false (no). Default is true (yes) and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstNotificationWarningLevel | sstS3Bucket | MUST | x | The quota notification level in percent, when the owner of the backup needs to warned. A value between 0 and 100. The default is 85 percent and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry. |
sstNotificationWarningMedium | sstS3Bucket | MUST | x | The notification medium, either sms (points to the multi-valued attribute mobileTelephoneNumber ) or mail (points to the multi-valued attribute mail ). Currently, only mail is supported. This is the default is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstQuota | sstS3Bucket | MUST | x | The S3 bucket quota in bytes. The value must be a multiple of 1073741824 bytes.
For example: 10737418240 (10 Gibibyte or 10 GiB). |
sstS3BucketLifecycleDays | sstS3Bucket | MUST | x | How long the modified items are kept in the S3 version history. Possible values are between 1 and 99. Default is 1.
For example: 3 (three days). |
sstS3BucketWormDays | sstS3Bucket | MUST | x | How long the S3 version history is delete protected (compliance mode). Possible values are between 1 and 99. Default is 1.
For example: 3 (three days). |
sstS3BucketWormMode | sstS3Bucket | MUST | x | S3 object lock provides two retention modes that apply different levels of protection to your objects. COMPLIANCE and GOVERNANCE. Default is COMPLIANCE.
For example: COMPLIANCE. |
sstAutoGrow | sstS3Bucket | MUST | x | Defines if the given quota must automatically expand (TRUE) or not (FALSE). Default is FALSE.
Example: FALSE |
sstActionLevel | sstS3Bucket | MUST | x | The level in percent from which an action must be carried out.
For example: 90 (ninety percent). |
sstBackupLastSuccessfulBackup | sstS3Bucket | MAY | The date and time of the last successful backup in UTC, either 0 or in the form of hostname:[YYYY][MM][DD]T[hh][mm][ss]Z (ISO 8601).
For example: computer:20130923T063554Z or computer.example.com:20130923T063554Z. | |
preferredLanguage | sstS3Bucket | MAY | x3 | The notification language according to RFC 1766 (ISO 3166-1-alpha-2 code-ISO 639-1 Code.
For example de-CH or en-GB. The content of this value is taken from the person entry from the attribute |
sstBillable | sstS3Bucket | MAY | ||
sstAutoGrowStepPercentage | sstS3Bucket | MAY | x1 | By how much must the quota be expanded in percent. Possible values are between 1 and 99.
For example: 2 (two percent). |
sstAutoGrowStepBytes | sstS3Bucket | MAY | x1 | By how much must the quota be expanded in bytes. The value must be a multiple of 1073741824 bytes.
For example: 1073741824 (1 Gibibyte or 1 GiB). |
host | sstS3Bucket | MUST | x | The host where the S3 bucket provisioning daemon runs. |
sstCancellationDate | sstRelationship | MAY | The UTC based cancellation date of a reseller, customer or service in the form of [YYYY][MM][DD]T[hh][mm][ss]Z (ISO 8601).
For example: 20201231T225959Z. Presuming the service owner is located in Bern Switzerland: Bern in winter follows Central European Time (CET), which is UTC+1. Let's confirm the conversion from 20201231T225959Z (UTC) to Bern's local time step-by-step. UTC Timestamp: 2020-12-31 at 22:59:59 UTC. Bern's Time Zone in Winter: Bern operates on CET (Central European Time) during winter, which is UTC+1. Conversion: Add 1 hour to the UTC time to convert to Bern local time. So, let's perform the conversion: UTC Time: 2020-12-31 22:59:59 Add 1 hour for CET: 2020-12-31 23:59:59 Thus, 20201231T225959Z in Bern local time is 2020-12-31 at 23:59:59. Due to backwards compatibility, [YYYY][MM][DD] (ISO 8601) is allowed. For example: 20201231. It will be interpreted with Bern local time as 2020-12-31 at 23:59:59. The attribute | |
sstProvisioningMode | sstProvisioning | MUST | x | The provisioning mode. For a new account, this attribute must be set to add .
For example: See the backup provisioning section for details. |
sstProvisioningExecutionDate | sstProvisioning | MUST | x | The date the provisioning shall occur in the form of [YYYY][MM][DD]T[hh][mm][ss]Z (ISO 8601). For a new account, this attribute is normally set to 0 (the provisioning happens as quickly as possible).
For example: 0 or 20201231T225959Z. See the backup provisioning section for details. |
sstProvisioningState | sstProvisioning | MUST | x | The provisioning state, either 0 or in the form of [YYYY][MM][DD]T[hh][mm][ss]Z (ISO 8601). For a new account, this attribute must be set to 0.
For example: 0 or 20201231T225959Z. You can use See the backup provisioning section for details. |
sstProvisioningReturnValue | sstProvisioning | MAY | x | The provisioning return value written by the S3 bucket provisioning daemon. 0 means success, >0 means failure.
For example: 0. |
sstBelongsToResellerUID | sstRelationship | MUST | x | Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000 .
|
sstBelongsToCustomerUID | sstRelationship | MUST | x | Stores the customer UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000001 .
|
sstBelongsToPersonUID | sstRelationship | MAY | x2 | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. 4000123 .
|
sstBelongsToServiceUID | sstRelationship | MAY | x2 | Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. 4000123 .
|
Legend:
- x: Mandatory in all cases.
- x1: If
sstAutoGrow
is set toTRUE
, eithersstAutoGrowStepPercentage
orsstAutoGrowStepBytes
must be set. - x2: Either
sstBelongsToPersonUID
orsstBelongsToServiceUID
must be set. - x3: See notes below!
Notes:
- sstInformPersonUID (sstRelationship): We should use
sstInformPersonUID
, ifsstBelongsToServiceUID
insteadsstBelongsToPersonUID
is set. The multi-valued attribute may be set on three levels:-
uid=<backup_uid>,ou=accounts,ou=backup,ou=services,dc=stoney-cloud,dc=org
-
ou=settings,uid=<customer_uid>,ou=customers,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org
-
ou=settings,uid=<reseller_uid>,ou=reseller,ou=configuration,ou=backup,ou=services,dc=stoney-cloud,dc=org
-
- preferredLanguage (sstS3Bucket): The same applies here.
Backup groups
The sub tree for the groups of the (online) backup service:
dn: ou=groups,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: groups description: The sub tree for the groups of the (online) backup service.
Backup groups - Posix account based backup group example
dn: cn=3723707,ou=groups,ou=backup,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: posixGroup objectclass: sstRelationship cn: 3723707 gidNumber: 3723707 sstIsActive: TRUE sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
Backup groups - S3 bucket based backup group example
S3 buckets do not require a group.
Backup Provisioning
See the OpenLDAP provisioning page for the overview of the provisioning functionality and stoney backup: prov-backup-rsnapshot the actual backup provisioning.