evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

Merge pull request 'Release 22.01.2' (#144) from unstable into stable
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/tag Build was killed
Details

Browse source 
Reviewed-on: #144
This commit is contained in:
Jérémy Lecour 2022-01-27 14:13:53 +01:00
parent 2c6a3601de bb30402df3
commit 359719d0d0
5 changed files with 532 additions and 137 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.md
View file

@ -20,6 +20,13 @@ The **patch** part changes is incremented if multiple releases happen the same m
### Security ### Security
## [22.01.2] 2022-01-27
### Changed
* evolinux-base: many improvements for backup-server-state script
* remount-usr: use findmnt to find if usr is a readonly partition
## [22.01] 2022-01-25 ## [22.01] 2022-01-25
### Added ### Added

642
evolinux-base/files/backup-server-state.sh
View file

@ -2,7 +2,7 @@
PROGNAME="backup-server-state" PROGNAME="backup-server-state"
VERSION="22.01" VERSION="22.01.2"
readonly VERSION readonly VERSION
backup_dir= backup_dir=
@ -30,38 +30,48 @@ ${PROGNAME} is making backup copies of information related to the state of the s
Usage: ${PROGNAME} --backup-dir=/path/to/backup/directory [OPTIONS] Usage: ${PROGNAME} --backup-dir=/path/to/backup/directory [OPTIONS]
Options Options
-d, --backup-dir path to the directory where the backup will be stored -d, --backup-dir path to the directory where the backup will be stored
--etc backup copy of /etc --etc backup copy of /etc
--no-etc no backup copy of /etc (default) --no-etc no backup copy of /etc (default)
--dpkg backup copy of /var/lib/dpkg --dpkg backup copy of /var/lib/dpkg
--no-dpkg no backup copy of /var/lib/dpkg (default) --no-dpkg no backup copy of /var/lib/dpkg (default)
--apt backup copy of apt extended states (default) --apt-states backup copy of apt extended states (default)
--no-apt no backup copy of apt extended states --no-apt-states no backup copy of apt extended states
--packages backup copy of dpkg selections (default) --apt-config backup copy of apt configuration (default)
--no-packages no backup copy of dpkg selections --no-apt-config no backup copy of apt configuration
--processes backup copy of process list (default) --packages backup copy of dpkg selections (default)
--no-processes no backup copy of process list --no-packages no backup copy of dpkg selections
--uptime backup of uptime value (default) --processes backup copy of process list (default)
--no-uptime no backup of uptime value --no-processes no backup copy of process list
--netstat backup copy of netstat (default) --uptime backup of uptime value (default)
--no-netstat no backup copy of netstat --no-uptime no backup of uptime value
--netcfg backup copy of network configuration (default) --netstat backup copy of netstat (default)
--no-netcfg no backup copy of network configuration --no-netstat no backup copy of netstat
--iptables backup copy of iptables (default) --netcfg backup copy of network configuration (default)
--no-iptables no backup copy of iptables --no-netcfg no backup copy of network configuration
--sysctl backup copy of sysctl values (default) --iptables backup copy of iptables (default)
--no-sysctl no backup copy of sysctl values --no-iptables no backup copy of iptables
--virsh backup copy of virsh list (default) --sysctl backup copy of sysctl values (default)
--no-virsh no backup copy of virsh list --no-sysctl no backup copy of sysctl values
--lxc backup copy of lxc list (default) --virsh backup copy of virsh list (default)
--no-lxc no backup copy of lxc list --no-virsh no backup copy of virsh list
--mount backup copy of mount points (default) --lxc backup copy of lxc list (default)
--no-mount no backup copy of mount points --no-lxc no backup copy of lxc list
--df backup copy of disk usage (default) --disks backup copy of MBR and partitions (default)
--no-df no backup copy of disk usage --no-disks no backup copy of MBR and partitions
-v, --verbose print details about backup steps --mount backup copy of mount points (default)
-V, --version print version and exit --no-mount no backup copy of mount points
-h, --help print this message and exit --df backup copy of disk usage (default)
--no-df no backup copy of disk usage
--dmesg backup copy of dmesg (default)
--no-dmesg no backup copy of dmesg
--mysql backup copy of mysql processes (default)
--no-mysql no backup copy of mysql processes
--services backup copy of services states (default)
--no-services no backup copy of services states
-v, --verbose print details about backup steps
-V, --version print version and exit
-h, --help print this message and exit
END END
} }
debug() { debug() {
@ -88,34 +98,10 @@ create_backup_dir() {
backup_etc() { backup_etc() {
debug "Backup /etc" debug "Backup /etc"
last_result=$(rsync -ah --itemize-changes --exclude=.git /etc "${backup_dir}/") rsync_bin=$(command -v rsync)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ -n "${rsync_bin}" ]; then
debug "* rsync OK" last_result=$(${rsync_bin} -ah --itemize-changes --exclude=.git /etc "${backup_dir}/")
else
debug "* rsync ERROR :"
debug "${last_result}"
rc=10
fi
}
backup_apt() {
if [ -f /var/lib/apt/extended_states ]; then
debug "Backup APT states"
last_result=$(mkdir -p "${backup_dir}/var/lib/apt" && chmod -R 755 "${backup_dir}/var/lib/apt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* mkdir/chmod OK"
else
debug "* mkdir/chmod ERROR"
debug "${last_result}"
rc=10
fi
last_result=$(rsync -ah /var/lib/apt/extended_states "${backup_dir}/var/lib/apt/")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
@ -125,13 +111,86 @@ backup_apt() {
debug "${last_result}" debug "${last_result}"
rc=10 rc=10
fi fi
else
debug "* rsync not found"
last_result=$(cp -r /etc "${backup_dir}/ && rm -rf ${backup_dir}/etc/.git")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* cp OK"
else
debug "* cp ERROR :"
debug "${last_result}"
rc=10
fi
fi fi
} }
backup_dpkg() { backup_apt_states() {
debug "Backup DPkg" apt_dir="/"
apt_dir_state="var/lib/apt"
apt_dir_state_extended_states="extended_states"
last_result=$(mkdir -p "${backup_dir}/var/lib" && chmod -R 755 "${backup_dir}/var/lib") apt_config_bin=$(command -v apt-config)
if [ -n "${apt_config_bin}" ]; then
eval "$(${apt_config_bin} shell apt_dir Dir)"
eval "$(${apt_config_bin} shell apt_dir_state Dir::State)"
eval "$(${apt_config_bin} shell apt_dir_state_extended_states Dir::State::extended_states)"
fi
extended_states="${apt_dir}/${apt_dir_state}/${apt_dir_state_extended_states}"
if [ -f "${extended_states}" ]; then
debug "Backup APT states"
last_result=$(cp -r "${extended_states}" "${backup_dir}/apt-extended-states.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* cp OK"
else
debug "* cp ERROR :"
debug "${last_result}"
rc=10
fi
fi
}
backup_apt_config() {
debug "Backup APT config"
apt_config_bin=$(command -v apt-config)
if [ -n "${apt_config_bin}" ]; then
last_result=$(${apt_config_bin} dump > "${backup_dir}/apt-config.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* apt-config OK"
else
debug "* apt-config ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* apt-config is not found"
fi
}
backup_dpkg_full() {
debug "Backup DPkg full state"
dir_state_status="/var/lib/dpkg/status"
apt_config_bin=$(command -v apt-config)
if [ -n "${apt_config_bin}" ]; then
eval "$(${apt_config_bin} shell dir_state_status Dir::State::status)"
fi
dpkg_dir=$(dirname "${dir_state_status}")
last_result=$(mkdir -p "${backup_dir}${dpkg_dir}" && chmod -R 755 "${backup_dir}${dpkg_dir}")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
@ -142,13 +201,53 @@ backup_dpkg() {
rc=10 rc=10
fi fi
last_result=$(rsync -ah --itemize-changes /var/lib/dpkg "${backup_dir}/var/lib/") rsync_bin=$(command -v rsync)
if [ -n "${rsync_bin}" ]; then
last_result=$(${rsync_bin} -ah --itemize-changes --exclude='*-old' "${dpkg_dir}/" "${backup_dir}${dpkg_dir}/")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* rsync OK"
else
debug "* rsync ERROR :"
debug "${last_result}"
rc=10
fi
else
debug "* rsync not found"
last_result=$(cp -r "${dpkg_dir}/*" "${backup_dir}${dpkg_dir}/" && rm -rf "${backup_dir}${dpkg_dir}/*-old")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* cp OK"
else
debug "* cp ERROR :"
debug "${last_result}"
rc=10
fi
fi
}
backup_dpkg_status() {
debug "Backup DPkg status"
dir_state_status="/var/lib/dpkg/status"
apt_config_bin=$(command -v apt-config)
if [ -n "${apt_config_bin}" ]; then
eval "$(${apt_config_bin} shell dir_state_status Dir::State::status)"
fi
last_result=$(cp "${dir_state_status}" "${backup_dir}/dpkg-status.txt")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
debug "* rsync OK" debug "* cp OK"
else else
debug "* rsync ERROR" debug "* cp ERROR :"
debug "${last_result}" debug "${last_result}"
rc=10 rc=10
fi fi
@ -157,13 +256,34 @@ backup_dpkg() {
backup_packages() { backup_packages() {
debug "Backup list of installed package" debug "Backup list of installed package"
last_result=$(dpkg --get-selections "*" > "${backup_dir}/current_packages.txt") dpkg_bin=$(command -v dpkg)
if [ -n "${dpkg_bin}" ]; then
last_result=$(${dpkg_bin} --get-selections "*" > "${backup_dir}/current_packages.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* dpkg OK"
else
debug "* dpkg ERROR :"
debug "${last_result}"
rc=10
fi
else
debug "* dpkg not found"
fi
}
backup_uname() {
debug "Backup uname"
last_result=$(uname -a > "${backup_dir}/uname.txt")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
debug "* dpkg OK" debug "* uname OK"
else else
debug "* dpkg ERROR :" debug "* uname ERROR"
debug "${last_result}" debug "${last_result}"
rc=10 rc=10
fi fi
@ -200,8 +320,8 @@ backup_processes() {
pstree_bin=$(command -v pstree) pstree_bin=$(command -v pstree)
if [ -z "${pstree_bin}" ]; then if [ -n "${pstree_bin}" ]; then
last_result=$(pstree -pan > "${backup_dir}/pstree.txt") last_result=$(${pstree_bin} -pan > "${backup_dir}/pstree.txt")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
@ -218,7 +338,8 @@ backup_netstat() {
debug "Backup network status" debug "Backup network status"
ss_bin=$(command -v ss) ss_bin=$(command -v ss)
if [ -z "${ss_bin}" ]; then
if [ -n "${ss_bin}" ]; then
last_result=$(${ss_bin} -tanpul > "${backup_dir}/netstat-ss.txt") last_result=$(${ss_bin} -tanpul > "${backup_dir}/netstat-ss.txt")
last_rc=$? last_rc=$?
@ -229,10 +350,13 @@ backup_netstat() {
debug "${last_result}" debug "${last_result}"
rc=10 rc=10
fi fi
else
debug "* ss not found"
fi fi
netstat_bin=$(command -v netstat) netstat_bin=$(command -v netstat)
if [ -z "${netstat_bin}" ]; then
if [ -n "${netstat_bin}" ]; then
last_result=$(netstat -laputen > "${backup_dir}/netstat-legacy.txt") last_result=$(netstat -laputen > "${backup_dir}/netstat-legacy.txt")
last_rc=$? last_rc=$?
@ -243,62 +367,116 @@ backup_netstat() {
debug "${last_result}" debug "${last_result}"
rc=10 rc=10
fi fi
else
debug "* netstat not found"
fi fi
} }
backup_netcfg() { backup_netcfg() {
debug "Backup network configuration" debug "Backup network configuration"
last_result=$(ip address show > "${backup_dir}/ip-address.txt") ip_bin=$(command -v ip)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ -n "${ip_bin}" ]; then
debug "* ip address OK" last_result=$(${ip_bin} address show > "${backup_dir}/ip-address.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* ip address OK"
else
debug "* ip address ERROR"
debug "${last_result}"
rc=10
fi
last_result=$(${ip_bin} route show > "${backup_dir}/ip-route.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* ip route OK"
else
debug "* ip route ERROR"
debug "${last_result}"
rc=10
fi
else else
debug "* ip address ERROR" debug "* ip not found"
debug "${last_result}"
rc=10
fi
last_result=$(ip route show > "${backup_dir}/ip-route.txt") ifconfig_bin=$(command -v ifconfig)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ -n "${ifconfig_bin}" ]; then
debug "* ip route OK" last_result=$(${ifconfig_bin} > "${backup_dir}/ifconfig.txt")
else last_rc=$?
debug "* ip route ERROR"
debug "${last_result}" if [ ${last_rc} -eq 0 ]; then
rc=10 debug "* ifconfig OK"
else
debug "* ifconfig ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* ifconfig not found"
fi
fi fi
} }
backup_iptables() { backup_iptables() {
debug "Backup iptables" debug "Backup iptables"
last_result=$({ /sbin/iptables -L -n -v; /sbin/iptables -t filter -L -n -v; } > "${backup_dir}/iptables.txt") iptables_bin=$(command -v iptables)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ -n "${iptables_bin}" ]; then
debug "* iptables OK" last_result=$({ ${iptables_bin} -L -n -v; ${iptables_bin} -t filter -L -n -v; } > "${backup_dir}/iptables.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* iptables OK"
else
debug "* iptables ERROR"
debug "${last_result}"
rc=10
fi
else else
debug "* iptables ERROR" debug "* iptables not found"
debug "${last_result}" fi
rc=10
iptables_save_bin=$(command -v iptables-save)
if [ -n "${iptables_save_bin}" ]; then
last_result=$(${iptables_save_bin} > "${backup_dir}/iptables-save.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* iptables-save OK"
else
debug "* iptables-save ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* iptables-save not found"
fi fi
} }
backup_sysctl() { backup_sysctl() {
debug "Backup sysctl values" debug "Backup sysctl values"
last_result=$(sysctl -a | sort -h > "${backup_dir}/sysctl.txt") sysctl_bin=$(command -v sysctl)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ -n "${sysctl_bin}" ]; then
debug "* sysctl OK" last_result=$(${sysctl_bin} -a | sort -h > "${backup_dir}/sysctl.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* sysctl OK"
else
debug "* sysctl ERROR"
debug "${last_result}"
rc=10
fi
else else
debug "* sysctl ERROR" debug "* sysctl not found"
debug "${last_result}"
rc=10
fi fi
} }
@ -319,7 +497,7 @@ backup_virsh() {
rc=10 rc=10
fi fi
else else
debug "* virsh not installed" debug "* virsh not found"
fi fi
} }
@ -340,7 +518,58 @@ backup_lxc() {
rc=10 rc=10
fi fi
else else
debug "* lxc-ls not installed" debug "* lxc-ls not found"
fi
}
backup_disks() {
debug "Backup disks"
lsblk_bin=$(command -v lsblk)
awk_bin=$(command -v awk)
if [ -n "${lsblk_bin}" ] && [ -n "${awk_bin}" ]; then
disks=$(${lsblk_bin} -l | grep disk | grep -v -E '(drbd|fd[0-9]+)' | ${awk_bin} '{print $1}')
for disk in ${disks}; do
dd_bin=$(command -v dd)
if [ -n "${dd_bin}" ]; then
last_result=$(${dd_bin} if="/dev/${disk}" of="${backup_dir}/MBR-${disk}" bs=512 count=1 2>&1)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* dd ${disk} OK"
else
debug "* dd ${disk} ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* dd not found"
fi
fdisk_bin=$(command -v fdisk)
if [ -n "${fdisk_bin}" ]; then
last_result=$(${fdisk_bin} -l "/dev/${disk}" > "${backup_dir}/partitions-${disk}" 2>&1)
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* fdisk ${disk} OK"
else
debug "* fdisk ${disk} ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* fdisk not found"
fi
done
cat "${backup_dir}"/partitions-* > "${backup_dir}/partitions"
else
if [ -n "${lsblk_bin}" ]; then
debug "* lsblk not found"
fi
if [ -n "${awk_bin}" ]; then
debug "* awk not found"
fi
fi fi
} }
@ -348,23 +577,11 @@ backup_mount() {
debug "Backup mount points" debug "Backup mount points"
findmnt_bin=$(command -v findmnt) findmnt_bin=$(command -v findmnt)
mount_bin=$(command -v mount)
if [ -n "${findmnt_bin}" ]; then if [ -n "${findmnt_bin}" ]; then
last_result=$(${findmnt_bin} > "${backup_dir}/mount.txt") last_result=$(${findmnt_bin} > "${backup_dir}/mount.txt")
last_rc=$? last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* mount points OK"
else
debug "* mount points ERROR"
debug "${last_result}"
rc=10
fi
elif [ -n "${mount_bin}" ]; then
last_result=$(${mount_bin} > "${backup_dir}/mount.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then if [ ${last_rc} -eq 0 ]; then
debug "* mount points OK" debug "* mount points OK"
else else
@ -373,7 +590,24 @@ backup_mount() {
rc=10 rc=10
fi fi
else else
debug "* findmnt and mount not installed" debug "* findmnt not found"
mount_bin=$(command -v mount)
if [ -n "${mount_bin}" ]; then
last_result=$(${mount_bin} > "${backup_dir}/mount.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* mount points OK"
else
debug "* mount points ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* mount not found"
fi
fi fi
} }
@ -394,10 +628,74 @@ backup_df() {
rc=10 rc=10
fi fi
else else
debug "* df not installed" debug "* df not found"
fi fi
} }
backup_dmesg() {
debug "Backup dmesg"
dmesg_bin=$(command -v dmesg)
if [ -n "${dmesg_bin}" ]; then
last_result=$(${dmesg_bin} > "${backup_dir}/dmesg.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* dmesg OK"
else
debug "* dmesg ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* dmesg not found"
fi
}
backup_mysql_processes() {
debug "Backup mysql processes"
mysqladmin_bin=$(command -v mysqladmin)
if [ -n "${mysqladmin_bin}" ]; then
last_result=$(${mysqladmin_bin} --verbose processlist > "${backup_dir}/mysql-processlist.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* mysqladmin OK"
else
debug "* mysqladmin ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* mysqladmin not found"
fi
}
backup_systemctl() {
debug "Backup services"
systemctl_bin=$(command -v systemctl)
if [ -n "${systemctl_bin}" ]; then
last_result=$(${systemctl_bin} systemctl --no-legend --state=failed --type=service > "${backup_dir}/systemctl-failed-services.txt")
last_rc=$?
if [ ${last_rc} -eq 0 ]; then
debug "* failed services OK"
else
debug "* failed services ERROR"
debug "${last_result}"
rc=10
fi
else
debug "* systemctl not found"
fi
}
main() { main() {
if [ -z "${backup_dir}" ]; then if [ -z "${backup_dir}" ]; then
echo "ERROR: You must provide the --backup-dir argument" >&2 echo "ERROR: You must provide the --backup-dir argument" >&2
@ -414,11 +712,17 @@ main() {
if [ "${DO_ETC}" -eq 1 ]; then if [ "${DO_ETC}" -eq 1 ]; then
backup_etc backup_etc
fi fi
if [ "${DO_DPKG}" -eq 1 ]; then if [ "${DO_DPKG_FULL}" -eq 1 ]; then
backup_dpkg backup_dpkg_full
fi fi
if [ "${DO_APT}" -eq 1 ]; then if [ "${DO_DPKG_STATUS}" -eq 1 ]; then
backup_apt backup_dpkg_status
fi
if [ "${DO_APT_STATES}" -eq 1 ]; then
backup_apt_states
fi
if [ "${DO_APT_CONFIG}" -eq 1 ]; then
backup_apt_config
fi fi
if [ "${DO_PACKAGES}" -eq 1 ]; then if [ "${DO_PACKAGES}" -eq 1 ]; then
backup_packages backup_packages
@ -429,6 +733,9 @@ main() {
if [ "${DO_UPTIME}" -eq 1 ]; then if [ "${DO_UPTIME}" -eq 1 ]; then
backup_uptime backup_uptime
fi fi
if [ "${DO_UNAME}" -eq 1 ]; then
backup_uname
fi
if [ "${DO_NETSTAT}" -eq 1 ]; then if [ "${DO_NETSTAT}" -eq 1 ]; then
backup_netstat backup_netstat
fi fi
@ -447,12 +754,25 @@ main() {
if [ "${DO_LXC}" -eq 1 ]; then if [ "${DO_LXC}" -eq 1 ]; then
backup_lxc backup_lxc
fi fi
if [ "${DO_DISKS}" -eq 1 ]; then
backup_disks
fi
if [ "${DO_MOUNT}" -eq 1 ]; then if [ "${DO_MOUNT}" -eq 1 ]; then
backup_mount backup_mount
fi fi
if [ "${DO_DF}" -eq 1 ]; then if [ "${DO_DF}" -eq 1 ]; then
backup_df backup_df
fi fi
if [ "${DO_DMESG}" -eq 1 ]; then
backup_dmesg
fi
if [ "${DO_MYSQL_PROCESSES}" -eq 1 ]; then
backup_mysql_processes
fi
if [ "${DO_SYSTEMCTL}" -eq 1 ]; then
backup_systemctl
fi
debug "=> Your backup is available at ${backup_dir}" debug "=> Your backup is available at ${backup_dir}"
exit ${rc} exit ${rc}
@ -501,18 +821,32 @@ while :; do
DO_ETC=0 DO_ETC=0
;; ;;
--dpkg) --dpkg-full)
DO_DPKG=1 DO_DPKG_FULL=1
;; ;;
--no-dpkg) --no-dpkg-full)
DO_DPKG=0 DO_DPKG_FULL=0
;; ;;
--apt) --dpkg-status)
DO_APT=1 DO_DPKG_STATUS=1
;; ;;
--no-apt) --no-dpkg-status)
DO_APT=0 DO_DPKG_STATUS=0
;;
--apt-states)
DO_APT_STATES=1
;;
--no-apt-states)
DO_APT_STATES=0
;;
--apt-config)
DO_APT_CONFIG=1
;;
--no-apt-config)
DO_APT_CONFIG=0
;; ;;
--packages) --packages)
@ -536,6 +870,13 @@ while :; do
DO_UPTIME=0 DO_UPTIME=0
;; ;;
--uname)
DO_UNAME=1
;;
--no-uname)
DO_UNAME=0
;;
--netstat) --netstat)
DO_NETSTAT=1 DO_NETSTAT=1
;; ;;
@ -578,6 +919,13 @@ while :; do
DO_LXC=0 DO_LXC=0
;; ;;
--disks)
DO_DISKS=1
;;
--no-disks)
DO_DISKS=0
;;
--mount) --mount)
DO_MOUNT=1 DO_MOUNT=1
;; ;;
@ -592,6 +940,27 @@ while :; do
DO_DF=0 DO_DF=0
;; ;;
--dmesg)
DO_DMESG=1
;;
--no-dmesg)
DO_DMESG=0
;;
--mysql-processes)
DO_MYSQL_PROCESSES=1
;;
--no-mysql-processes)
DO_MYSQL_PROCESSES=0
;;
--systemctl)
DO_SYSTEMCTL=1
;;
--no-systemctl)
DO_SYSTEMCTL=0
;;
--) --)
# End of all options. # End of all options.
shift shift
@ -614,10 +983,13 @@ done
# Default values # Default values
: "${VERBOSE:=0}" : "${VERBOSE:=0}"
: "${DO_ETC:=0}" : "${DO_ETC:=0}"
: "${DO_DPKG:=0}" : "${DO_DPKG_FULL:=0}"
: "${DO_APT:=1}" : "${DO_DPKG_STATUS:=1}"
: "${DO_APT_STATES:=1}"
: "${DO_APT_CONFIG:=1}"
: "${DO_PACKAGES:=1}" : "${DO_PACKAGES:=1}"
: "${DO_PROCESSES:=1}" : "${DO_PROCESSES:=1}"
: "${DO_UNAME:=1}"
: "${DO_UPTIME:=1}" : "${DO_UPTIME:=1}"
: "${DO_NETSTAT:=1}" : "${DO_NETSTAT:=1}"
: "${DO_NETCFG:=1}" : "${DO_NETCFG:=1}"
@ -625,8 +997,12 @@ done
: "${DO_SYSCTL:=1}" : "${DO_SYSCTL:=1}"
: "${DO_VIRSH:=1}" : "${DO_VIRSH:=1}"
: "${DO_LXC:=1}" : "${DO_LXC:=1}"
: "${DO_DISKS:=1}"
: "${DO_MOUNT:=1}" : "${DO_MOUNT:=1}"
: "${DO_DF:=1}" : "${DO_DF:=1}"
: "${DO_DMESG:=1}"
: "${DO_MYSQL_PROCESSES:=1}"
: "${DO_SYSTEMCTL:=1}"
export LC_ALL=C export LC_ALL=C

6
lxc-php/tasks/php74.yml
View file

@ -5,6 +5,12 @@
name: "{{ lxc_php_version }}" name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-zip composer libphp-phpmailer" container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-zip composer libphp-phpmailer"
- name: "{{ lxc_php_version }} - fix bullseye repository"
replace:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
regexp: 'bullseye/updates'
replace: 'bullseye-security'
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration" - name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
template: template:
src: z-evolinux-defaults.ini.j2 src: z-evolinux-defaults.ini.j2

6
lxc-php/tasks/php80.yml
View file

@ -5,6 +5,12 @@
name: "{{ lxc_php_version }}" name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg" container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg"
- name: "{{ lxc_php_version }} - fix bullseye repository"
replace:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
regexp: 'bullseye/updates'
replace: 'bullseye-security'
- name: "{{ lxc_php_version }} - Add sury repo" - name: "{{ lxc_php_version }} - Add sury repo"
lineinfile: lineinfile:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list.d/sury.list" dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list.d/sury.list"

8
remount-usr/tasks/main.yml
View file

@ -1,10 +1,10 @@
--- ---
# findmnt returns 0 on hit, 1 on miss
# If the return code is higher than 1, it's a blocking failure
- name: "check if /usr is a read-only partition" - name: "check if /usr is a read-only partition"
command: 'grep -E " /usr.*ro" /proc/mounts' command: 'findmnt /usr --noheadings --options ro'
args:
warn: no
changed_when: False changed_when: False
failed_when: False failed_when: usr_partition.rc > 1
check_mode: no check_mode: no
register: usr_partition register: usr_partition