Handle backup jail creation

Does not handle sync step yet
2019-10-07 12:28:25 -04:00 · 2019-10-07 12:28:25 -04:00 · daad12fdeb
parent 4851af7432
commit daad12fdeb
5 changed files with 50 additions and 1 deletions
--- a/evobackup-client/handlers/main.yml
+++ b/evobackup-client/handlers/main.yml
@ -4,3 +4,7 @@
  register: minifirewall_init_restart
  failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
  changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
+
+- name: 'created new jail'
+  command: "bkctld start {{ evolinux_hostname }}"
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
--- a/evobackup-client/tasks/create_jail.yml
+++ b/evobackup-client/tasks/create_jail.yml
@ -0,0 +1,29 @@
+---
+
+- name: 'create jail'
+  command: "bkctld init {{ evolinux_hostname }}"
+  args:
+    creates: "/backup/jails/{{ evolinux_hostname }}/"
+  become: true
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
+  notify: 'created new jail'
+
+- name: 'add ssh key to jail'
+  command: "bkctld key {{ evolinux_hostname }} /root/{{ evolinux_hostname }}.pub"
+  become: true
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
+
+- name: 'add ip to jail'
+  command: "bkctld ip {{ evolinux_hostname }} {{ ansible_host }}"
+  become: true
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
+
+- name: 'get jail port'
+  command: "bkctld port {{ evolinux_hostname }}"
+  become: true
+  register: bkctld_port
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
+
+- name: 'register jail port'
+  set_fact:
+    evobackup_ssh_port={{ bkctld_port.stdout }}
--- a/evobackup-client/tasks/main.yml
+++ b/evobackup-client/tasks/main.yml
@ -5,6 +5,11 @@
    - evobackup_client
    - evobackup_client_backup_ssh_key

+- include: "create_jail.yml"
+  tags:
+    - evobackup_client
+    - evobackup_client_jail
+
 - include: "upload_scripts.yml"
  tags:
    - evobackup_client
--- a/evobackup-client/tasks/open_ssh_ports.yml
+++ b/evobackup-client/tasks/open_ssh_ports.yml
@ -11,7 +11,7 @@
 - name: Add backup SSH port in /etc/default/minifirewall
  blockinfile:
    dest: /etc/default/minifirewall
-    marker: "# {{ item.name }}"
+    marker: "# {mark} {{ item.name }}"
    block: |
      /sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
  with_items: "{{ evobackup_client__hosts }}"
--- a/evobackup-client/tasks/ssh_key.yml
+++ b/evobackup-client/tasks/ssh_key.yml
@ -18,3 +18,14 @@
  tags:
    - evobackup_client
    - evobackup_client_backup_ssh_key
+
+- name: 'copy ssh public key to backup server'
+  copy:
+    content: "{{ evobackup_client__root_key.ssh_public_key }}"
+    dest: "/root/{{ evolinux_hostname }}.pub"
+  become: true
+  delegate_to: "{{ evobackup_client__hosts[0].ip }}"
+  tags:
+    - evobackup_client
+    - evobackup_client_backup_ssh_key
+    - evobackup_client_jail