diff --git a/docker-host.yaml b/docker-host.yaml index c61d6fd..20be74b 100644 --- a/docker-host.yaml +++ b/docker-host.yaml @@ -1,6 +1,6 @@ --- - name: "Deploy basic webhost with Docker" - hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud, git, + hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud roles: - netplan - common diff --git a/gitea.yaml b/gitea.yaml new file mode 100644 index 0000000..aeac613 --- /dev/null +++ b/gitea.yaml @@ -0,0 +1,11 @@ +--- +- name: "Deploy gitea in Docker" + hosts: git + roles: + - netplan + - common + - docker + - webserver + - internalsmtp + - backupscript + - gitea diff --git a/host_vars/git.yaml b/host_vars/git.yaml new file mode 100644 index 0000000..f987f64 --- /dev/null +++ b/host_vars/git.yaml @@ -0,0 +1,5 @@ +--- +service-name: git +backup: + preare-command: "" + folder: "/home/git" diff --git a/roles/backupscript/files/backup-script.service b/roles/backupscript/files/backup-script.service index c792c91..24c483a 100644 --- a/roles/backupscript/files/backup-script.service +++ b/roles/backupscript/files/backup-script.service @@ -6,4 +6,4 @@ Type=simple ExecStart=/usr/bin/bash /opt/backupscript.sh [Install] -WantedBy=backup.target \ No newline at end of file +WantedBy=backup.target diff --git a/roles/backupscript/files/backup.target b/roles/backupscript/files/backup.target index 7d6e903..a0e185f 100644 --- a/roles/backupscript/files/backup.target +++ b/roles/backupscript/files/backup.target @@ -2,4 +2,4 @@ Description=Script based backup for VMs [Install] -WantedBy=default.target \ No newline at end of file +WantedBy=default.target diff --git a/roles/backupscript/files/backup.timer b/roles/backupscript/files/backup.timer index 689a800..759d229 100644 --- a/roles/backupscript/files/backup.timer +++ b/roles/backupscript/files/backup.timer @@ -7,4 +7,4 @@ OnCalendar=Sun *-*-* 00:00:00 Unit=backup.target [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/roles/backupscript/files/test-backupscript.sh b/roles/backupscript/files/test-backupscript.sh deleted file mode 100644 index 7cd4a00..0000000 --- a/roles/backupscript/files/test-backupscript.sh +++ /dev/null @@ -1 +0,0 @@ -echo "true" \ No newline at end of file diff --git a/roles/backupscript/tasks/main.yaml b/roles/backupscript/tasks/main.yaml index fa8b1b9..f846c90 100644 --- a/roles/backupscript/tasks/main.yaml +++ b/roles/backupscript/tasks/main.yaml @@ -1,31 +1,35 @@ --- -- name: Copy backupscript to target - copy: - src: "{{ backupscript_name }}" +- name: "Generate backupscript" + ansible.builtin.template: + src: backupscript.sh dest: /opt/backupscript.sh - mode: 700 - owner: service-user + owner: root + group: root + mode: '0700' - name: Copy backup-script.service to target copy: src: backup-script.service dest: /usr/lib/systemd/system/backup-script.service mode: 644 - owner: service-user + owner: root + group: root - name: Copy backup.target to target copy: src: backup.target dest: /usr/lib/systemd/system/backup.target mode: 644 - owner: service-user + owner: root + group: root - name: Copy backup.timer to target copy: src: backup.timer dest: /usr/lib/systemd/system/backup.timer mode: 644 - owner: service-user + owner: root + group: root - name: Enable backup-script.service and reload systemd daemon when: ansible_service_mgr == "systemd" diff --git a/roles/backupscript/templates/backupscript.sh b/roles/backupscript/templates/backupscript.sh new file mode 100644 index 0000000..50a6681 --- /dev/null +++ b/roles/backupscript/templates/backupscript.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +# {{ansible_managed}} + +{{backup.preare-command}} + +time ( rsync -azP --delete {{backup.folder}} backup@192.168.69.26:/mnt/backupstore/{{service-name}}/staging ) + +time ( ssh backup@backup.stargate.internal 'tar -zcvf /mnt/backupstore/{{service-name}}/{{service-name}}-$(date +"%Y-%m-%d").tar.gz -C /mnt/backupstore/{{service-name}}/staging' ) diff --git a/roles/gitea/tasks/main.yaml b/roles/gitea/tasks/main.yaml new file mode 100644 index 0000000..1d88499 --- /dev/null +++ b/roles/gitea/tasks/main.yaml @@ -0,0 +1,6 @@ +--- +- name: Allow git ssh via ufw + community.general.ufw: + rule: allow + port: 2222 + proto: tcp