Handle backup jail creation
Does not handle sync step yet
This commit is contained in:
parent
4851af7432
commit
daad12fdeb
|
@ -4,3 +4,7 @@
|
||||||
register: minifirewall_init_restart
|
register: minifirewall_init_restart
|
||||||
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
failed_when: "'starting IPTables rules is now finish : OK' not in minifirewall_init_restart.stdout"
|
||||||
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
changed_when: "'starting IPTables rules is now finish : OK' in minifirewall_init_restart.stdout"
|
||||||
|
|
||||||
|
- name: 'created new jail'
|
||||||
|
command: "bkctld start {{ evolinux_hostname }}"
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
|
29
evobackup-client/tasks/create_jail.yml
Normal file
29
evobackup-client/tasks/create_jail.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: 'create jail'
|
||||||
|
command: "bkctld init {{ evolinux_hostname }}"
|
||||||
|
args:
|
||||||
|
creates: "/backup/jails/{{ evolinux_hostname }}/"
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
notify: 'created new jail'
|
||||||
|
|
||||||
|
- name: 'add ssh key to jail'
|
||||||
|
command: "bkctld key {{ evolinux_hostname }} /root/{{ evolinux_hostname }}.pub"
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
|
||||||
|
- name: 'add ip to jail'
|
||||||
|
command: "bkctld ip {{ evolinux_hostname }} {{ ansible_host }}"
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
|
||||||
|
- name: 'get jail port'
|
||||||
|
command: "bkctld port {{ evolinux_hostname }}"
|
||||||
|
become: true
|
||||||
|
register: bkctld_port
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
|
||||||
|
- name: 'register jail port'
|
||||||
|
set_fact:
|
||||||
|
evobackup_ssh_port={{ bkctld_port.stdout }}
|
|
@ -5,6 +5,11 @@
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_ssh_key
|
- evobackup_client_backup_ssh_key
|
||||||
|
|
||||||
|
- include: "create_jail.yml"
|
||||||
|
tags:
|
||||||
|
- evobackup_client
|
||||||
|
- evobackup_client_jail
|
||||||
|
|
||||||
- include: "upload_scripts.yml"
|
- include: "upload_scripts.yml"
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
- name: Add backup SSH port in /etc/default/minifirewall
|
- name: Add backup SSH port in /etc/default/minifirewall
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/default/minifirewall
|
dest: /etc/default/minifirewall
|
||||||
marker: "# {{ item.name }}"
|
marker: "# {mark} {{ item.name }}"
|
||||||
block: |
|
block: |
|
||||||
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
|
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
with_items: "{{ evobackup_client__hosts }}"
|
with_items: "{{ evobackup_client__hosts }}"
|
||||||
|
|
|
@ -18,3 +18,14 @@
|
||||||
tags:
|
tags:
|
||||||
- evobackup_client
|
- evobackup_client
|
||||||
- evobackup_client_backup_ssh_key
|
- evobackup_client_backup_ssh_key
|
||||||
|
|
||||||
|
- name: 'copy ssh public key to backup server'
|
||||||
|
copy:
|
||||||
|
content: "{{ evobackup_client__root_key.ssh_public_key }}"
|
||||||
|
dest: "/root/{{ evolinux_hostname }}.pub"
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
|
||||||
|
tags:
|
||||||
|
- evobackup_client
|
||||||
|
- evobackup_client_backup_ssh_key
|
||||||
|
- evobackup_client_jail
|
||||||
|
|
Loading…
Reference in a new issue