make backup bettr

2022-04-16 17:13:16 +02:00 · 2022-04-16 17:13:16 +02:00 · fffe7adbfd
commit fffe7adbfd
parent e41e2b83d5
10 changed files with 46 additions and 13 deletions
--- a/docker-host.yaml
+++ b/docker-host.yaml
@ -1,6 +1,6 @@
 ---
 - name: "Deploy basic webhost with Docker"
-  hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud, git, 
+  hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud 
  roles:
    - netplan
    - common
--- a/gitea.yaml
+++ b/gitea.yaml
@ -0,0 +1,11 @@
 ---
 - name: "Deploy gitea in Docker"
  hosts: git
  roles:
    - netplan
    - common
    - docker
    - webserver
    - internalsmtp
    - backupscript
    - gitea
--- a/host_vars/git.yaml
+++ b/host_vars/git.yaml
@ -0,0 +1,5 @@
 ---
 service-name: git
 backup:
  preare-command: ""
  folder: "/home/git"
--- a/roles/backupscript/files/backup-script.service
+++ b/roles/backupscript/files/backup-script.service
@ -6,4 +6,4 @@ Type=simple
 ExecStart=/usr/bin/bash /opt/backupscript.sh
 [Install]
-WantedBy=backup.target
+WantedBy=backup.target
--- a/roles/backupscript/files/backup.target
+++ b/roles/backupscript/files/backup.target
@ -2,4 +2,4 @@
 Description=Script based backup for VMs
 [Install]
-WantedBy=default.target
+WantedBy=default.target
--- a/roles/backupscript/files/backup.timer
+++ b/roles/backupscript/files/backup.timer
@ -7,4 +7,4 @@ OnCalendar=Sun *-*-* 00:00:00
 Unit=backup.target
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target
--- a/roles/backupscript/files/test-backupscript.sh
+++ b/roles/backupscript/files/test-backupscript.sh
@ -1 +0,0 @@
 echo "true"
--- a/roles/backupscript/tasks/main.yaml
+++ b/roles/backupscript/tasks/main.yaml
@ -1,31 +1,35 @@
 ---
- name: Copy backupscript to target
+- name: "Generate backupscript"
-  copy:
+  ansible.builtin.template:
-    src: "{{ backupscript_name }}"
+    src: backupscript.sh
    dest: /opt/backupscript.sh
-    mode: 700
+    owner: root
-    owner: service-user
+    group: root
    mode: '0700'
 - name: Copy backup-script.service to target
  copy:
    src: backup-script.service
    dest: /usr/lib/systemd/system/backup-script.service
    mode: 644
-    owner: service-user
+    owner: root
    group: root
 - name: Copy backup.target to target
  copy:
    src: backup.target
    dest: /usr/lib/systemd/system/backup.target
    mode: 644
-    owner: service-user
+    owner: root
    group: root
 - name: Copy backup.timer to target
  copy:
    src: backup.timer
    dest: /usr/lib/systemd/system/backup.timer
    mode: 644
-    owner: service-user
+    owner: root
    group: root
 - name: Enable backup-script.service and reload systemd daemon
  when: ansible_service_mgr == "systemd"
--- a/roles/backupscript/templates/backupscript.sh
+++ b/roles/backupscript/templates/backupscript.sh
@ -0,0 +1,8 @@
 #!/usr/bin/env bash
 # {{ansible_managed}}
 {{backup.preare-command}}
 time ( rsync -azP --delete {{backup.folder}} backup@192.168.69.26:/mnt/backupstore/{{service-name}}/staging )
 time ( ssh backup@backup.stargate.internal 'tar -zcvf /mnt/backupstore/{{service-name}}/{{service-name}}-$(date +"%Y-%m-%d").tar.gz -C /mnt/backupstore/{{service-name}}/staging' )
--- a/roles/gitea/tasks/main.yaml
+++ b/roles/gitea/tasks/main.yaml
@ -0,0 +1,6 @@
 ---
 - name: Allow git ssh via ufw
  community.general.ufw:
    rule: allow
    port: 2222
    proto: tcp