Skip to content
Extraits de code Groupes Projets

Comparer les révisions

Les modifications sont affichées comme si la révision source était fusionnée avec la révision cible. En savoir plus sur la comparaison des révisions.

Source

Sélectionner le projet cible
No results found
Sélectionner une révision Git
  • master
  • v1.0.0
  • v1.0.1
  • v1.0.2
  • v1.0.3
  • v1.0.4
  • v1.0.5
  • v1.0.6
  • v1.0.7
  • v1.0.8
  • v1.0.9
11 résultats

Cible

Sélectionner le projet cible
  • lefilament/ansible-roles/backup_server_conf
  • nqb/backup_server_conf
2 résultats
Sélectionner une révision Git
  • master
1 résultat
Afficher les modifications
Validations sur la source (11)
---
warn_list: # or 'skip_list' to silence them completely
- git-latest # Git checkouts must contain explicit version
- ignore-errors # Use failed_when and specify error conditions instead of using ignore_errors
- no-changed-when # Commands should not change things if nothing needs doing
- no-handler # Tasks that run when changed should likely be handlers
- package-latest # Package installs should not use latest
---
# Based on ansible-lint config
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
# comments enable
comments: enable
comments-indentation: enable
document-start: enable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation:
level: warning
indent-sequences: consistent
spaces: 4
check-multi-line-strings: true
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: enable
new-lines:
type: unix
# trailing-spaces enable
trailing-spaces: enable
truthy: enable
......@@ -42,28 +42,7 @@ This role can be simply executed like follows (gathering facts is not necessary
become: true
roles:
- { role: backup_server_conf, tags: backup }
vars:
- { swift_cloud_authurl: "https://auth.cloud.ovh.net/v3/" }
- { swift_cloud_authversion: 3 }
- { swift_cloud_tenantid: "12f1e" }
- { swift_cloud_tenantname: "2214534534" }
- { swift_cloud_username: "testuser" }
- { swift_cloud_password: "testpassword" }
- { swift_cloud_regionname: GRA }
- { swift_odoo_authurl: "https://auth.cloud.ovh.net/v3/" }
- { swift_odoo_authversion: 3 }
- { swift_odoo_tenantid: "132e1fa" }
- { swift_odoo_tenantname: "12312534534" }
- { swift_odoo_username: "testuser" }
- { swift_odoo_password: "testpassword" }
- { swift_odoo_regionname: "GRA" }
- { swift_odoo2_authurl: "https://auth.cloud.ovh.net/v3/" }
- { swift_odoo2_authversion: 3 }
- { swift_odoo2_tenantid: "12323534ab" }
- { swift_odoo2_tenantname: "123124235345" }
- { swift_odoo2_username: "testuser" }
- { swift_odoo2_password: "testpassword" }
- { swift_odoo2_regionname: "DE" }
License
-------
......
---
# Parameters for listing backups stored on Object Storage - for Cloud
swift_cloud_authurl: https://auth.cloud.ovh.net/v3/
swift_cloud_authversion: 3
swift_cloud_tenantid: "12f1e"
swift_cloud_tenantname: "2214534534"
swift_cloud_username: "testuser"
swift_cloud_password: "testpassword"
swift_cloud_regionname: GRA
## Parameters for listing backups stored on Object Storage - for Cloud
swift_cloud_accounts:
1:
authurl: https://auth.cloud.ovh.net/v3/
authversion: 3
tenantid: "12f1e"
tenantname: "2214534534"
regionname: GRA
swift_cloud_credentials:
1:
username: "testuser"
password: "testpassword"
# Parameters for listing backups stored on Object Storage - for Odoo
swift_odoo_authurl: https://auth.cloud.ovh.net/v3/
swift_odoo_authversion: 3
swift_odoo_tenantid: "132e1fa"
swift_odoo_tenantname: "12312534534"
swift_odoo_username: "testuser"
swift_odoo_password: "testpassword"
swift_odoo_regionname: "GRA"
# Parameters for listing backups stored on Object Storage - for Odoo (2nd backup)
swift_odoo2_authurl: https://auth.cloud.ovh.net/v3/
swift_odoo2_authversion: 3
swift_odoo2_tenantid: "12323534ab"
swift_odoo2_tenantname: "123124235345"
swift_odoo2_username: "testuser"
swift_odoo2_password: "testpassword"
swift_odoo2_regionname: "DE"
## Parameters for listing backups stored on Object Storage - for Odoo
swift_odoo_accounts:
1:
authurl: https://auth.cloud.ovh.net/v3/
authversion: 3
tenantid: "132e1fa"
tenantname: "12312534534"
regionname: "GRA"
2:
authurl: https://auth.cloud.ovh.net/v3/
authversion: 3
tenantid: "12323534ab"
tenantname: "123124235345"
regionname: "DE"
swift_odoo_credentials:
1:
username: "testuser"
password: "testpassword"
2:
username: "testuser"
password: "testpassword"
---
- name: restart-sshd
service: name=sshd state=restarted
- name: Restart SSHD
ansible.builtin.service:
name: sshd
state: restarted
---
galaxy_info:
author: Rémi
author: lefilament
description: Role to configure backup server to allow SFTP connection from all other servers
company: Le Filament (https://le-filament.com)
license: AGPL-3.0-or-later
min_ansible_version: 2.1
min_ansible_version: "2.1"
platforms:
- name: CentOS
versions:
- 7
- name: Ubuntu
versions:
- 18.04
- 20.04
- bionic
- focal
galaxy_tags:
- backup
- sftp
---
- name: Create SFTP group
group:
ansible.builtin.group:
name: sftpgroup
- name: Create SFTP users
user:
ansible.builtin.user:
name: "{{ hostvars[item].backup_sftp_user }}"
group: sftpgroup
password: "!"
shell: /sbin/nologin
with_items: "{{ groups.all | difference(groups.backup_server) }}"
- name: add SFTP users public key to authorized keys
authorized_key:
- name: Add SFTP users public key to authorized keys
ansible.posix.authorized_key:
key: "{{ hostvars[item].host_user_public_key }}"
user: "{{ hostvars[item].backup_sftp_user }}"
exclusive: true
with_items: "{{ groups.all | difference(groups.backup_server) }}"
- name: Create templates directory
ansible.builtin.file:
name: templates
state: directory
mode: '0755'
connection: local
become: false
delegate_to: localhost
tags: sshd
- name: Get sshd_config file from init_server role locally
ansible.builtin.get_url:
url: "https://sources.le-filament.com/lefilament/ansible-roles/init_server/-/raw/master/templates/sshd_config.j2"
dest: templates/sshd_config.j2
mode: '0644'
connection: local
become: false
delegate_to: localhost
tags: sshd
- name: Copy sshd_config file
template:
src: ../init_server/templates/sshd_config.j2
ansible.builtin.template:
src: templates/sshd_config.j2
dest: /etc/ssh/sshd_config
owner: root
group: root
mode: '0644'
notify: restart-sshd
notify: Restart SSHD
tags: sshd
- name: add pip package
apt:
- name: Add pip package
ansible.builtin.apt:
name: "{{ python_apt_packages }}"
force: true
install_recommends: false
- name: check that chroot directory for SFTP users exist
file:
- name: Check that chroot directory for SFTP users exist
ansible.builtin.file:
name: /backup/sftp
state: directory
owner: root
group: root
mode: '0755'
- name: check that directories for SFTP for all servers exist
file:
- name: Check that directories for SFTP for all servers exist
ansible.builtin.file:
name: /backup/sftp/{{ hostvars[item].inventory_hostname | lower }}
state: directory
owner: "{{ hostvars[item].backup_sftp_user }}"
......@@ -52,8 +72,8 @@
mode: '0755'
with_items: "{{ groups.all | difference(groups.backup_server) }}"
- name: check that directory for collecting openstack Cloud facts exists
file:
- name: Check that directory for collecting openstack Cloud facts exists
ansible.builtin.file:
name: /backup/{{ item }}
state: directory
owner: lefilament
......@@ -64,14 +84,16 @@
- odoo
- odoo2
- versions
- versions/apt
- versions/pip3
- name: install swift client
pip:
- name: Install swift client
ansible.builtin.pip:
name: "{{ swift_pip_packages }}"
- name: Copy OpenStack Fact Collection scripts on server
template:
src: "{{ item.script }}.j2"
ansible.builtin.template:
src: "{{ item.template }}"
dest: /root/{{ item.script }}
owner: root
group: root
......@@ -80,8 +102,8 @@
loop_control:
label: '{{ item.name }}'
- name: add cron job to retrieve backup list every day
cron:
- name: Add cron job to retrieve backup list every day
ansible.builtin.cron:
name: "{{ item.name }}"
minute: "{{ item.minute }}"
hour: "{{ item.hour }}"
......
......@@ -10,6 +10,22 @@ if [ -f /backup/sftp/{{ host|lower }}/{{ host|lower }}.$TODAY ]
then
mv /backup/sftp/{{ host|lower }}/{{ host|lower }}.$TODAY /backup/versions/
fi
if [ -f /backup/sftp/{{ host|lower }}/apt_{{ host|lower }}.$TODAY ]
then
mv /backup/sftp/{{ host|lower }}/apt_{{ host|lower }}.$TODAY /backup/versions/
fi
if [ -f /backup/sftp/{{ host|lower }}/apt-hr_{{ host|lower }}.$TODAY ]
then
mv /backup/sftp/{{ host|lower }}/apt-hr_{{ host|lower }}.$TODAY /backup/versions/
fi
if [ -f /backup/sftp/{{ host|lower }}/pip3_{{ host|lower }}.$TODAY ]
then
mv /backup/sftp/{{ host|lower }}/pip3_{{ host|lower }}.$TODAY /backup/versions/
fi
if [ -f /backup/sftp/{{ host|lower }}/pip3-hr_{{ host|lower }}.$TODAY ]
then
mv /backup/sftp/{{ host|lower }}/pip3-hr_{{ host|lower }}.$TODAY /backup/versions/
fi
{% if host in groups['docker'] %}
if [ -f /backup/sftp/{{ host|lower }}/{{ host|lower }}-docker.$TODAY ]
then
......@@ -21,3 +37,19 @@ if [ -f /home/{{ host_user }}/versions/{{ inventory_hostname|lower }}.$TODAY ]
then
cp -a /home/{{ host_user }}/versions/{{ inventory_hostname|lower }}.$TODAY /backup/versions/
fi
if [ -f /home/{{ host_user }}/versions/apt_{{ inventory_hostname|lower }}.$TODAY ]
then
cp -a /home/{{ host_user }}/versions/apt_{{ inventory_hostname|lower }}.$TODAY /backup/versions/
fi
if [ -f /home/{{ host_user }}/versions/pip3_{{ inventory_hostname|lower }}.$TODAY ]
then
cp -a /home/{{ host_user }}/versions/pip3_{{ inventory_hostname|lower }}.$TODAY /backup/versions/
fi
if [ -f /home/{{ host_user }}/versions/apt-hr_{{ inventory_hostname|lower }}.$TODAY ]
then
cp -a /home/{{ host_user }}/versions/apt-hr_{{ inventory_hostname|lower }}.$TODAY /backup/versions/
fi
if [ -f /home/{{ host_user }}/versions/pip3-hr_{{ inventory_hostname|lower }}.$TODAY ]
then
cp -a /home/{{ host_user }}/versions/pip3-hr_{{ inventory_hostname|lower }}.$TODAY /backup/versions/
fi
......@@ -5,24 +5,27 @@
# Configure variables
export OS_AUTH_URL="{{ swift_cloud_authurl }}"
export OS_IDENTITY_API_VERSION={{ swift_cloud_authversion }}
export OS_TENANT_ID="{{ swift_cloud_tenantid }}"
export OS_TENANT_NAME="{{ swift_cloud_tenantname }}"
export OS_USERNAME="{{ swift_cloud_username }}"
export OS_PASSWORD="{{ swift_cloud_password }}"
export OS_REGION_NAME="{{ swift_cloud_regionname }}"
export OS_AUTH_URL="{{ item.account.authurl }}"
export OS_IDENTITY_API_VERSION={{ item.account.authversion }}
export OS_TENANT_ID="{{ item.account.tenantid }}"
export OS_TENANT_NAME="{{ item.account.tenantname }}"
export OS_USERNAME="{{ item.credential.username }}"
export OS_PASSWORD="{{ item.credential.password }}"
export OS_REGION_NAME="{{ item.account.regionname }}"
TODAY=`date +%F`
TODAY=`date --utc +%F`
for container in `/usr/local/bin/swift list`
do
file="/backup/cloud/$container.$TODAY"
{% if item.type == "cloud" %}
[[ "$container" == *'_segments' ]] && continue
{% endif %}
file="/backup/{{ item.type }}/$container.$TODAY"
printf "DATE = $TODAY" > $file
printf "\n\n-- STATS --\n" >> $file
/usr/local/bin/swift stat --lh $container >> $file
printf "\n\n-- LIST FILES --\n" >> $file
/usr/local/bin/swift list --lh $container >> $file
cp $file /backup/cloud/$container.latest
chmod 644 $file /backup/cloud/$container.latest
cp $file /backup/{{ item.type }}/$container.latest
chmod 644 $file /backup/{{ item.type }}/$container.latest
done
#!/bin/bash
# Copyright © 2019 Le Filament (<http://www.le-filament.com>)
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
# Configure variables
export OS_AUTH_URL="{{ swift_odoo2_authurl }}"
export OS_IDENTITY_API_VERSION={{ swift_odoo2_authversion }}
export OS_TENANT_ID="{{ swift_odoo2_tenantid }}"
export OS_TENANT_NAME="{{ swift_odoo2_tenantname }}"
export OS_USERNAME="{{ swift_odoo2_username }}"
export OS_PASSWORD="{{ swift_odoo2_password }}"
export OS_REGION_NAME="{{ swift_odoo2_regionname }}"
TODAY=`date +%F`
for container in `/usr/local/bin/swift list`
do
file="/backup/odoo2/$container.$TODAY"
printf "DATE = $TODAY" > $file
printf "\n\n-- STATS --\n" >> $file
/usr/local/bin/swift stat --lh $container >> $file
printf "\n\n-- LIST FILES --\n" >> $file
/usr/local/bin/swift list --lh $container >> $file
cp $file /backup/odoo2/$container.latest
chmod 644 $file /backup/odoo2/$container.latest
done
#!/bin/bash
# Copyright © 2019 Le Filament (<http://www.le-filament.com>)
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
# Configure variables
export OS_AUTH_URL="{{ swift_odoo_authurl }}"
export OS_IDENTITY_API_VERSION={{ swift_odoo_authversion }}
export OS_TENANT_ID="{{ swift_odoo_tenantid }}"
export OS_TENANT_NAME="{{ swift_odoo_tenantname }}"
export OS_USERNAME="{{ swift_odoo_username }}"
export OS_PASSWORD="{{ swift_odoo_password }}"
export OS_REGION_NAME="{{ swift_odoo_regionname }}"
TODAY=`date +%F`
for container in `/usr/local/bin/swift list`
do
file="/backup/odoo/$container.$TODAY"
printf "DATE = $TODAY" > $file
printf "\n\n-- STATS --\n" >> $file
/usr/local/bin/swift stat --lh $container >> $file
printf "\n\n-- LIST FILES --\n" >> $file
/usr/local/bin/swift list --lh $container >> $file
cp $file /backup/odoo/$container.latest
chmod 644 $file /backup/odoo/$container.latest
done
......@@ -11,18 +11,31 @@ swift_pip_packages:
collect_backups:
- name: "check openstack cloud facts"
template: retrieve_openstack_facts.sh.j2
script: retrieve_openstack_cloud_facts.sh
hour: 6
minute: 43
type: "cloud"
account: "{{ swift_cloud_accounts.1 }}"
credential: "{{ swift_cloud_credentials.1 }}"
hour: 4
minute: 30
- name: "check openstack odoo facts"
template: retrieve_openstack_facts.sh.j2
script: retrieve_openstack_odoo_facts.sh
hour: 6
minute: 13
type: "odoo"
account: "{{ swift_odoo_accounts.1 }}"
credential: "{{ swift_odoo_credentials.1 }}"
hour: 4
minute: 45
- name: "check openstack odoo2 facts"
template: retrieve_openstack_facts.sh.j2
script: retrieve_openstack_odoo2_facts.sh
hour: 8
minute: 33
type: "odoo2"
account: "{{ swift_odoo_accounts.2 }}"
credential: "{{ swift_odoo_credentials.2 }}"
hour: 2
minute: 0
- name: "move versioned files"
template: move_versioned_files.sh.j2
script: move_versioned_files.sh
hour: 3
minute: 43
hour: 7
minute: 0