evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

Dried up the tags for evobackup-client
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is failing
Details

Browse source 
blocks allow us to assign multiple tags to multiple tasks without
repeating ourselves. This also simplifies other logic like conditional
includes.
This commit is contained in:
Patrick Marchand 2020-06-23 12:07:51 -04:00
parent 8caca4c711
commit de4ba88790
7 changed files with 115 additions and 130 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
evobackup-client/tasks/jail.yml
View file

@ -1,41 +1,34 @@
--- ---
- name: 'create jail' - block:
command: "bkctld init {{ evolinux_hostname }}" - name: 'create jail'
args: command: "bkctld init {{ evolinux_hostname }}"
creates: "/backup/jails/{{ evolinux_hostname }}/" args:
become: true creates: "/backup/jails/{{ evolinux_hostname }}/"
delegate_to: "{{ evobackup_client__hosts[0].ip }}" become: true
notify: delegate_to: "{{ evobackup_client__hosts[0].ip }}"
- 'created new jail' notify:
tags: - 'created new jail'
- evobackup_client
- evobackup_client_jail
# temp fix for bkctld 2.x because the ip and key command return 1 # temp fix for bkctld 2.x because the ip and key command return 1
# if the jail is not started, see https://gitea.evolix.org/evolix/evobackup/issues/31 # if the jail is not started, see https://gitea.evolix.org/evolix/evobackup/issues/31
- name: 'start jail' - name: 'start jail'
command: "bkctld restart {{ evolinux_hostname }}" command: "bkctld restart {{ evolinux_hostname }}"
become: true become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}" delegate_to: "{{ evobackup_client__hosts[0].ip }}"
tags:
- evobackup_client
- evobackup_client_jail
- name: 'add ip to jail' - name: 'add ip to jail'
command: "bkctld ip {{ evolinux_hostname }} {{ ansible_host }}" command: "bkctld ip {{ evolinux_hostname }} {{ ansible_host }}"
become: true become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}" delegate_to: "{{ evobackup_client__hosts[0].ip }}"
notify: 'jail updated' notify: 'jail updated'
tags:
- evobackup_client - name: 'add key to jail'
- evobackup_client_jail command: "bkctld key {{ evolinux_hostname }} /root/{{ evolinux_hostname }}.pub"
become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
notify: 'jail updated'
- name: 'add key to jail'
command: "bkctld key {{ evolinux_hostname }} /root/{{ evolinux_hostname }}.pub"
become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
notify: 'jail updated'
tags: tags:
- evobackup_client - evobackup_client
- evobackup_client_jail - evobackup_client_jail

22
evobackup-client/tasks/jail_port.yml
View file

@ -1,11 +1,17 @@
--- ---
- name: 'get jail port' - block:
command: "bkctld port {{ evolinux_hostname }}" - name: 'get jail port'
become: true command: "bkctld port {{ evolinux_hostname }}"
register: bkctld_port become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}" register: bkctld_port
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
- name: 'register jail port' - name: 'register jail port'
set_fact: set_fact:
evobackup_ssh_port={{ bkctld_port.stdout }} evobackup_ssh_port={{ bkctld_port.stdout }}
when: evobackup_ssh_port = ''
tags:
- evobackup_client
- evobackup_client_ssh_port

27
evobackup-client/tasks/main.yml
View file

@ -1,26 +1,11 @@
--- ---
- include: "ssh_key.yml" - block:
tags: - include: "ssh_key.yml"
- evobackup_client - include: "jail.yml"
- evobackup_client_backup_ssh_key - include: "upload_scripts.yml"
- include: "open_ssh_ports.yml"
- include: "verify_ssh.yml"
- include: "jail.yml"
tags: tags:
- evobackup_client - evobackup_client
- evobackup_client_jail
- include: "upload_scripts.yml"
tags:
- evobackup_client
- evobackup_client_backup_scripts
- include: "open_ssh_ports.yml"
tags:
- evobackup_client
- evobackup_client_backup_firewall
- include: "verify_ssh.yml"
tags:
- evobackup_client
- evobackup_client_backup_hosts

41
evobackup-client/tasks/open_ssh_ports.yml
View file

@ -1,25 +1,24 @@
--- ---
- name: Is there a Minifirewall ? - block:
stat: - name: Is there a Minifirewall ?
path: /etc/default/minifirewall stat:
register: evobackup_client__minifirewall path: /etc/default/minifirewall
register: evobackup_client__minifirewall
- include: "jail_port.yml"
when: evobackup_client__minifirewall.stat.exists
- name: Add backup SSH port in /etc/default/minifirewall
blockinfile:
dest: /etc/default/minifirewall
marker: "# {mark} {{ item.name }}"
block: |
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
with_items: "{{ evobackup_client__hosts }}"
notify: restart minifirewall
when: evobackup_client__minifirewall.stat.exists
tags: tags:
- evobackup_client - evobackup_client
- evobackup_client_backup_firewall - evobackup_client_firewall
- include: "jail_port.yml"
when: evobackup_ssh_port = ''
- name: Add backup SSH port in /etc/default/minifirewall
blockinfile:
dest: /etc/default/minifirewall
marker: "# {mark} {{ item.name }}"
block: |
/sbin/iptables -A INPUT -p tcp --sport {{ item.port }} --dport 1024:65535 -s {{ item.ip }} -m state --state ESTABLISHED,RELATED -j ACCEPT
with_items: "{{ evobackup_client__hosts }}"
notify: restart minifirewall
when: evobackup_client__minifirewall.stat.exists
tags:
- evobackup_client
- evobackup_client_backup_firewall

47
evobackup-client/tasks/ssh_key.yml
View file

@ -1,31 +1,28 @@
--- ---
- name: Create SSH key - block:
user: - name: Create SSH key
name: root user:
generate_ssh_key: true name: root
ssh_key_file: "{{ evobackup_client__root_key_path }}" generate_ssh_key: true
ssh_key_type: "{{ evobackup_client__root_key_type }}" ssh_key_file: "{{ evobackup_client__root_key_path }}"
register: evobackup_client__root_key ssh_key_type: "{{ evobackup_client__root_key_type }}"
tags: register: evobackup_client__root_key
- evobackup_client
- evobackup_client_backup_ssh_key
- name: Print SSH key - name: Print SSH key
debug: debug:
var: evobackup_client__root_key.ssh_public_key var: evobackup_client__root_key.ssh_public_key
when: evobackup_client__root_key.ssh_public_key is defined when: evobackup_client__root_key.ssh_public_key is defined
tags:
- evobackup_client - name: 'copy ssh public key to backup server'
- evobackup_client_backup_ssh_key copy:
content: "{{ evobackup_client__root_key.ssh_public_key }}"
dest: "/root/{{ evolinux_hostname }}.pub"
become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
tags:
- evobackup_client_jail
- name: 'copy ssh public key to backup server'
copy:
content: "{{ evobackup_client__root_key.ssh_public_key }}"
dest: "/root/{{ evolinux_hostname }}.pub"
become: true
delegate_to: "{{ evobackup_client__hosts[0].ip }}"
tags: tags:
- evobackup_client - evobackup_client
- evobackup_client_backup_ssh_key - evobackup_client_ssh_key
- evobackup_client_jail

30
evobackup-client/tasks/upload_scripts.yml
View file

@ -1,16 +1,20 @@
--- ---
- include: "jail_port.yml" - block:
when: evobackup_ssh_port = '' - include: "jail_port.yml"
- name: Upload evobackup script - name: Upload evobackup script
template: template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ evobackup_client__cron_path }}" dest: "{{ evobackup_client__cron_path }}"
force: true force: true
mode: 0755 mode: 0755
with_first_found: with_first_found:
- "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.{{ inventory_hostname }}.sh.j2" - "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.{{ inventory_hostname }}.sh.j2"
- "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.{{ host_group }}.sh.j2" - "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.{{ host_group }}.sh.j2"
- "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.sh.j2" - "templates/evobackup-client/{{ evobackup_client__cron_template_name }}.sh.j2"
- "zzz_evobackup.default.sh.j2" - "zzz_evobackup.default.sh.j2"
tags:
- evobackup_client
- evobackup_client_script

19
evobackup-client/tasks/verify_ssh.yml
View file

@ -1,14 +1,15 @@
--- ---
- include: "jail_port.yml" - block:
when: evobackup_ssh_port = '' - include: "jail_port.yml"
- name: Verify evolix backup servers
known_hosts:
path: /root/.ssh/known_hosts
name: "[{{ item.name }}]:{{ item.port }}"
key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}"
with_list: "{{ evobackup_client__hosts }}"
- name: Verify evolix backup servers
known_hosts:
path: /root/.ssh/known_hosts
name: "[{{ item.name }}]:{{ item.port }}"
key: "[{{ item.name }}]:{{ item.port }} {{ item.fingerprint }}"
with_list: "{{ evobackup_client__hosts }}"
tags: tags:
- evobackup_client - evobackup_client
- evobackup_client_backup_hosts - evobackup_client_fingerprints