make backup bettr

2022-04-16 17:13:16 +02:00 · 2022-04-16 17:13:16 +02:00 · fffe7adbfd
commit fffe7adbfd
parent e41e2b83d5
10 changed files with 46 additions and 13 deletions
--- a/docker-host.yaml
+++ b/docker-host.yaml
@ -1,6 +1,6 @@
 ---
 - name: "Deploy basic webhost with Docker"
-  hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud, git, 
+  hosts: keycloak, drone, swagger, guacamole, bitwarden, nexus, nextcloud 
  roles:
    - netplan
    - common
--- a/gitea.yaml
+++ b/gitea.yaml
@ -0,0 +1,11 @@
+---
+- name: "Deploy gitea in Docker"
+  hosts: git
+  roles:
+    - netplan
+    - common
+    - docker
+    - webserver
+    - internalsmtp
+    - backupscript
+    - gitea
--- a/host_vars/git.yaml
+++ b/host_vars/git.yaml
@ -0,0 +1,5 @@
+---
+service-name: git
+backup:
+  preare-command: ""
+  folder: "/home/git"
--- a/roles/backupscript/files/test-backupscript.sh
+++ b/roles/backupscript/files/test-backupscript.sh
@ -1 +0,0 @@
-echo "true"
--- a/roles/backupscript/tasks/main.yaml
+++ b/roles/backupscript/tasks/main.yaml
@ -1,31 +1,35 @@
 ---
- name: Copy backupscript to target
-  copy:
-    src: "{{ backupscript_name }}"
+- name: "Generate backupscript"
+  ansible.builtin.template:
+    src: backupscript.sh
    dest: /opt/backupscript.sh
-    mode: 700
-    owner: service-user
+    owner: root
+    group: root
+    mode: '0700'

 - name: Copy backup-script.service to target
  copy:
    src: backup-script.service
    dest: /usr/lib/systemd/system/backup-script.service
    mode: 644
-    owner: service-user
+    owner: root
+    group: root

 - name: Copy backup.target to target
  copy:
    src: backup.target
    dest: /usr/lib/systemd/system/backup.target
    mode: 644
-    owner: service-user
+    owner: root
+    group: root

 - name: Copy backup.timer to target
  copy:
    src: backup.timer
    dest: /usr/lib/systemd/system/backup.timer
    mode: 644
-    owner: service-user
+    owner: root
+    group: root

 - name: Enable backup-script.service and reload systemd daemon
  when: ansible_service_mgr == "systemd"
--- a/roles/backupscript/templates/backupscript.sh
+++ b/roles/backupscript/templates/backupscript.sh
@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+# {{ansible_managed}}
+
+{{backup.preare-command}}
+
+time ( rsync -azP --delete {{backup.folder}} backup@192.168.69.26:/mnt/backupstore/{{service-name}}/staging )
+
+time ( ssh backup@backup.stargate.internal 'tar -zcvf /mnt/backupstore/{{service-name}}/{{service-name}}-$(date +"%Y-%m-%d").tar.gz -C /mnt/backupstore/{{service-name}}/staging' )
--- a/roles/gitea/tasks/main.yaml
+++ b/roles/gitea/tasks/main.yaml
@ -0,0 +1,6 @@
+---
+- name: Allow git ssh via ufw
+  community.general.ufw:
+    rule: allow
+    port: 2222
+    proto: tcp