Improve gen_bootstrap.yml.

This commit is contained in:
yohan 2023-10-21 23:12:39 +02:00
parent 499f2a83c5
commit 59ada54707
3 changed files with 59 additions and 21 deletions

View File

@ -106,21 +106,58 @@
ansible_ssh_port: 2224 ansible_ssh_port: 2224
delegate_to: chez-yohan.scimetis.net delegate_to: chez-yohan.scimetis.net
#for name in docker-nextcloud-stack docker-reverse-proxy-stack docker-reverse-proxy docker-gogs-stack docker-mysql-stack docker-mysql systemd-mount-cinder-volume - name: Clone repo
#do ansible.builtin.git:
# git clone https://git.scimetis.net/yohan/${name}.git ${DIRECTORY}/${name} repo: 'https://{{ GIT_SERVER }}/yohan/{{ item }}.git'
# tar -czf ${DIRECTORY}/${name}.tar.gz -C ${DIRECTORY} ${name} dest: "{{ WORKDIR }}/{{ item }}"
# rm -rf ${DIRECTORY}/${name} with_items:
#done - docker-nextcloud-stack
# - docker-reverse-proxy-stack
#ARCHIVE_DIR=/mnt/volumes/duplicity_cache/data - docker-reverse-proxy
#export SWIFT_USERNAME=$OS_USERNAME - docker-gogs-stack
#export SWIFT_PASSWORD=$OS_PASSWORD - docker-mysql-stack
#export SWIFT_AUTHURL=$OS_AUTH_URL - docker-mysql
#export SWIFT_AUTHVERSION=$OS_IDENTITY_API_VERSION - systemd-mount-cinder-volume
#export SWIFT_TENANTNAME=$OS_TENANT_NAME
#export SWIFT_REGIONNAME=$OS_REGION_NAME
#export PASSPHRASE=$DUPLICITY_PASSPHRASE
#duplicity --num-retries 3 --full-if-older-than 1M --progress --archive-dir ${ARCHIVE_DIR} --name bootstrap --allow-source-mismatch "${DIRECTORY}" swift://bootstrap
#duplicity remove-older-than 2M --archive-dir ${ARCHIVE_DIR} --name bootstrap --allow-source-mismatch --force swift://bootstrap
- name: Create backup directory
ansible.builtin.file:
path: "{{ WORKDIR }}/backup"
state: directory
- name: Archive Git repository
ansible.builtin.command: "tar -czf {{ WORKDIR }}/backup/{{ item }}.tar.gz -C {{ WORKDIR }} {{ item }}"
with_items:
- docker-nextcloud-stack
- docker-reverse-proxy-stack
- docker-reverse-proxy
- docker-gogs-stack
- docker-mysql-stack
- docker-mysql
- systemd-mount-cinder-volume
- name: Copy secrets in backup directory
ansible.builtin.copy:
src: "{{ WORKDIR }}/secrets.tar.gz.enc"
dest: "{{ WORKDIR }}/backup/secrets.tar.gz.enc"
- name: Backup with duplicity
ansible.builtin.command: "duplicity --num-retries 3 --full-if-older-than 1M --progress --archive-dir {{ ARCHIVE_DIR }} --name bootstrap --allow-source-mismatch '{{ WORKDIR }}/backup' swift://bootstrap"
env:
SWIFT_AUTHURL: "{{ OS_AUTH_URL }}"
SWIFT_AUTHVERSION: "{{ OS_IDENTITY_API_VERSION }}"
SWIFT_TENANTNAME: "{{ OS_TENANT_NAME }}"
SWIFT_USERNAME: "{{ OS_USERNAME }}"
SWIFT_PASSWORD: "{{ OS_PASSWORD }}"
SWIFT_REGION_NAME: "{{ OS_REGION_NAME }}"
PASSPHRASE: "{{ DUPLICITY_PASSPHRASE }}"
- name: Clean old duplicity backups
ansible.builtin.command: "duplicity remove-older-than 2M --archive-dir {{ ARCHIVE_DIR }} --name bootstrap --allow-source-mismatch --force swift://bootstrap"
env:
SWIFT_AUTHURL: "{{ OS_AUTH_URL }}"
SWIFT_AUTHVERSION: "{{ OS_IDENTITY_API_VERSION }}"
SWIFT_TENANTNAME: "{{ OS_TENANT_NAME }}"
SWIFT_USERNAME: "{{ OS_USERNAME }}"
SWIFT_PASSWORD: "{{ OS_PASSWORD }}"
SWIFT_REGION_NAME: "{{ OS_REGION_NAME }}"
PASSPHRASE: "{{ DUPLICITY_PASSPHRASE }}"

View File

@ -59,7 +59,7 @@
- name: Clone docker-duplicity-stack repo - name: Clone docker-duplicity-stack repo
ansible.builtin.git: ansible.builtin.git:
repo: 'https://git.scimetis.net/yohan/docker-duplicity-stack.git' repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity-stack.git'
dest: "/home/{{ user }}/repository/docker-duplicity-stack" dest: "/home/{{ user }}/repository/docker-duplicity-stack"
clone: yes clone: yes
update: no update: no
@ -155,7 +155,7 @@
- name: Get docker-duplicity repo's last commit - name: Get docker-duplicity repo's last commit
ansible.builtin.git: ansible.builtin.git:
repo: 'https://git.scimetis.net/yohan/docker-duplicity.git' repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity.git'
clone: no clone: no
update: no update: no
version: dev version: dev
@ -186,7 +186,7 @@
- name: Clone docker-duplicity repo - name: Clone docker-duplicity repo
ansible.builtin.git: ansible.builtin.git:
repo: 'https://git.scimetis.net/yohan/docker-duplicity.git' repo: 'https://{{ GIT_SERVER }}/yohan/docker-duplicity.git'
dest: "/home/{{ user }}/build_docker-duplicity" dest: "/home/{{ user }}/build_docker-duplicity"
clone: yes clone: yes
version: dev version: dev
@ -230,7 +230,7 @@
- name: Clone duplicity_playbooks repo - name: Clone duplicity_playbooks repo
ansible.builtin.git: ansible.builtin.git:
repo: 'https://git.scimetis.net/yohan/duplicity_playbooks.git' repo: 'https://{{ GIT_SERVER }}/yohan/duplicity_playbooks.git'
dest: "/home/{{ user }}/repository/duplicity_playbooks_temp" dest: "/home/{{ user }}/repository/duplicity_playbooks_temp"
clone: yes clone: yes
version: dev version: dev

View File

@ -7,3 +7,4 @@ DUPLICITY_PASSPHRASE: "{{ lookup('env','DUPLICITY_PASSPHRASE') }}"
SCRIPT: "{{ lookup('env','SCRIPT') }}" SCRIPT: "{{ lookup('env','SCRIPT') }}"
OS_SWIFT_REGION_NAME: GRA OS_SWIFT_REGION_NAME: GRA
WORKDIR: /mnt/volumes/tmp_duplicity_workdir/data WORKDIR: /mnt/volumes/tmp_duplicity_workdir/data
ARCHIVE_DIR: /mnt/volumes/duplicity_cache/data