forked from evolix/ansible-roles
Handle backup jail creation
Does not handle sync step yet
This commit is contained in:
parent
4851af7432
commit
daad12fdeb
|
@ -4,3 +4,7 @@
|
|||
register: minifirewall_init_restart
|
||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||
|
||||
- name: 'created new jail'
|
||||
command: "bkctld start {{ evolinux_hostname }}"
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
|
|
29
evobackup-client/tasks/create_jail.yml
Normal file
29
evobackup-client/tasks/create_jail.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
|
||||
- name: 'create jail'
|
||||
command: "bkctld init {{ evolinux_hostname }}"
|
||||
args:
|
||||
creates: "/backup/jails/{{ evolinux_hostname }}/"
|
||||
become: true
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
notify: 'created new jail'
|
||||
|
||||
- name: 'add ssh key to jail'
|
||||
command: "bkctld key {{ evolinux_hostname }} /root/{{ evolinux_hostname }}.pub"
|
||||
become: true
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
|
||||
- name: 'add ip to jail'
|
||||
command: "bkctld ip {{ evolinux_hostname }} {{ ansible_host }}"
|
||||
become: true
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
|
||||
- name: 'get jail port'
|
||||
command: "bkctld port {{ evolinux_hostname }}"
|
||||
become: true
|
||||
register: bkctld_port
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
|
||||
- name: 'register jail port'
|
||||
set_fact:
|
||||
evobackup_ssh_port={{ bkctld_port.stdout }}
|
|
@ -5,6 +5,11 @@
|
|||
- evobackup_client
|
||||
- evobackup_client_backup_ssh_key
|
||||
|
||||
- include: "create_jail.yml"
|
||||
tags:
|
||||
- evobackup_client
|
||||
- evobackup_client_jail
|
||||
|
||||
- include: "upload_scripts.yml"
|
||||
tags:
|
||||
- evobackup_client
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
- name: Add backup SSH port in /etc/default/minifirewall
|
||||
blockinfile:
|
||||
dest: /etc/default/minifirewall
|
||||
marker: "# {{ item.name }}"
|
||||
marker: "# {mark} {{ item.name }}"
|
||||
block: |
|
||||
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
with_items: "{{ evobackup_client__hosts }}"
|
||||
|
|
|
@ -18,3 +18,14 @@
|
|||
tags:
|
||||
- evobackup_client
|
||||
- evobackup_client_backup_ssh_key
|
||||
|
||||
- name: 'copy ssh public key to backup server'
|
||||
copy:
|
||||
content: "{{ evobackup_client__root_key.ssh_public_key }}"
|
||||
dest: "/root/{{ evolinux_hostname }}.pub"
|
||||
become: true
|
||||
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||
tags:
|
||||
- evobackup_client
|
||||
- evobackup_client_backup_ssh_key
|
||||
- evobackup_client_jail
|
||||
|
|
Loading…
Reference in a new issue