From 59ada5470793d52460128055f0954769345a4ecf Mon Sep 17 00:00:00 2001
From: yohan <783b8c87@scimetis.net>
Date: Sat, 21 Oct 2023 23:12:39 +0200
Subject: [PATCH] Improve gen_bootstrap.yml.

---
 gen_bootstrap.yml | 71 +++++++++++++++++++++++++++++++++++------------
 tasks/start.yml   |  8 +++---
 vars/main.yml     |  1 +
 3 files changed, 59 insertions(+), 21 deletions(-)

diff --git a/gen_bootstrap.yml b/gen_bootstrap.yml
index 2f066a8..0d0e1c7 100755
--- a/gen_bootstrap.yml
+++ b/gen_bootstrap.yml
@@ -106,21 +106,58 @@
         ansible_ssh_port: 2224
       delegate_to: chez-yohan.scimetis.net
 
-#for name in docker-nextcloud-stack docker-reverse-proxy-stack docker-reverse-proxy docker-gogs-stack docker-mysql-stack docker-mysql systemd-mount-cinder-volume
-#do  
-#    git clone https://git.scimetis.net/yohan/${name}.git ${DIRECTORY}/${name}
-#    tar -czf ${DIRECTORY}/${name}.tar.gz -C ${DIRECTORY} ${name}
-#    rm -rf ${DIRECTORY}/${name}
-#done
-#
-#ARCHIVE_DIR=/mnt/volumes/duplicity_cache/data
-#export SWIFT_USERNAME=$OS_USERNAME
-#export SWIFT_PASSWORD=$OS_PASSWORD
-#export SWIFT_AUTHURL=$OS_AUTH_URL
-#export SWIFT_AUTHVERSION=$OS_IDENTITY_API_VERSION
-#export SWIFT_TENANTNAME=$OS_TENANT_NAME
-#export SWIFT_REGIONNAME=$OS_REGION_NAME
-#export PASSPHRASE=$DUPLICITY_PASSPHRASE
-#duplicity --num-retries 3 --full-if-older-than 1M --progress --archive-dir ${ARCHIVE_DIR} --name bootstrap --allow-source-mismatch "${DIRECTORY}" swift://bootstrap
-#duplicity remove-older-than 2M --archive-dir ${ARCHIVE_DIR} --name bootstrap --allow-source-mismatch --force swift://bootstrap
+    - name: Clone repo
+      ansible.builtin.git:
+        repo: 'https://{{ GIT_SERVER }}/yohan/{{ item }}.git'
+        dest: "{{ WORKDIR }}/{{ item }}"
+      with_items:
+        - docker-nextcloud-stack
+        - docker-reverse-proxy-stack
+        - docker-reverse-proxy
+        - docker-gogs-stack
+        - docker-mysql-stack
+        - docker-mysql
+        - systemd-mount-cinder-volume
 
+    - name: Create backup directory
+      ansible.builtin.file:
+        path: "{{ WORKDIR }}/backup"
+        state: directory
+
+    - name: Archive Git repository
+      ansible.builtin.command: "tar -czf {{ WORKDIR }}/backup/{{ item }}.tar.gz -C {{ WORKDIR }} {{ item }}"
+      with_items:
+        - docker-nextcloud-stack
+        - docker-reverse-proxy-stack
+        - docker-reverse-proxy
+        - docker-gogs-stack
+        - docker-mysql-stack
+        - docker-mysql
+        - systemd-mount-cinder-volume
+
+    - name: Copy secrets in backup directory
+      ansible.builtin.copy:
+        src: "{{ WORKDIR }}/secrets.tar.gz.enc"
+        dest: "{{ WORKDIR }}/backup/secrets.tar.gz.enc"
+
+    - name: Backup with duplicity
+      ansible.builtin.command: "duplicity --num-retries 3 --full-if-older-than 1M --progress --archive-dir {{ ARCHIVE_DIR }} --name bootstrap --allow-source-mismatch '{{ WORKDIR }}/backup' swift://bootstrap"
+      env:
+        SWIFT_AUTHURL: "{{ OS_AUTH_URL }}"
+        SWIFT_AUTHVERSION: "{{ OS_IDENTITY_API_VERSION }}"
+        SWIFT_TENANTNAME: "{{ OS_TENANT_NAME }}"
+        SWIFT_USERNAME: "{{ OS_USERNAME }}"
+        SWIFT_PASSWORD: "{{ OS_PASSWORD }}"
+        SWIFT_REGION_NAME: "{{ OS_REGION_NAME }}"
+        PASSPHRASE: "{{ DUPLICITY_PASSPHRASE }}"
+
+    - name: Clean old duplicity backups
+      ansible.builtin.command: "duplicity remove-older-than 2M --archive-dir {{ ARCHIVE_DIR }} --name bootstrap --allow-source-mismatch --force swift://bootstrap"
+      env:
+        SWIFT_AUTHURL: "{{ OS_AUTH_URL }}"
+        SWIFT_AUTHVERSION: "{{ OS_IDENTITY_API_VERSION }}"
+        SWIFT_TENANTNAME: "{{ OS_TENANT_NAME }}"
+        SWIFT_USERNAME: "{{ OS_USERNAME }}"
+        SWIFT_PASSWORD: "{{ OS_PASSWORD }}"
+        SWIFT_REGION_NAME: "{{ OS_REGION_NAME }}"
+        PASSPHRASE: "{{ DUPLICITY_PASSPHRASE }}"
diff --git a/tasks/start.yml b/tasks/start.yml
index e482229..828454f 100755
--- a/tasks/start.yml
+++ b/tasks/start.yml
@@ -59,7 +59,7 @@
 
 - name: Clone docker-duplicity-stack repo
   ansible.builtin.git:
-    repo: 'https://git.scimetis.net/yohan/docker-duplicity-stack.git'
+    repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity-stack.git'
     dest: "/home/{{ user }}/repository/docker-duplicity-stack"
     clone: yes
     update: no
@@ -155,7 +155,7 @@
 
 - name: Get docker-duplicity repo's last commit
   ansible.builtin.git:
-    repo: 'https://git.scimetis.net/yohan/docker-duplicity.git'
+    repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity.git'
     clone: no
     update: no
     version: dev
@@ -186,7 +186,7 @@
 
 - name: Clone docker-duplicity repo
   ansible.builtin.git:
-    repo: 'https://git.scimetis.net/yohan/docker-duplicity.git'
+    repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity.git'
     dest: "/home/{{ user }}/build_docker-duplicity"
     clone: yes
     version: dev
@@ -230,7 +230,7 @@
 
 - name: Clone duplicity_playbooks repo
   ansible.builtin.git:
-    repo: 'https://git.scimetis.net/yohan/duplicity_playbooks.git'
+    repo: 'https://{{ GIT_SERVER }}/yohan/duplicity_playbooks.git'
     dest: "/home/{{ user }}/repository/duplicity_playbooks_temp"
     clone: yes
     version: dev
diff --git a/vars/main.yml b/vars/main.yml
index 3e42315..f98ae8a 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -7,3 +7,4 @@ DUPLICITY_PASSPHRASE: "{{ lookup('env','DUPLICITY_PASSPHRASE') }}"
 SCRIPT: "{{ lookup('env','SCRIPT') }}"
 OS_SWIFT_REGION_NAME: GRA
 WORKDIR: /mnt/volumes/tmp_duplicity_workdir/data
+ARCHIVE_DIR: /mnt/volumes/duplicity_cache/data