update cv4pve autosnap role (#20)

Reviewed-on: #20 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
2024-04-14 21:40:43 +02:00 · 2024-04-14 21:40:43 +02:00 · 1763fdf1b6
parent d255126da5
commit 1763fdf1b6
13 changed files with 104 additions and 102 deletions
--- a/group_vars/pve.yml
+++ b/group_vars/pve.yml
@ -28,6 +28,14 @@ users:
    allow_sudo: true
    allow_passwordless_sudo: true

+
+### mgrote_cv4pve_autosnap
+cv4pve_api_user: root@pam!cv4pve-autosnap
+cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
+cv4pve_vmid: all,-115
+cv4pve_keep_snapshots: 5
+cv4pve_version: "v1.14.8"
+
 ### mgrote_apt_manage_packages
 apt_packages_extra:
  - ifupdown2
--- a/host_vars/pve5-test.mgrote.net.yml
+++ b/host_vars/pve5-test.mgrote.net.yml
@ -153,13 +153,6 @@ sanoid_datasets:
    snapshots: true
    template: '3tage'

-### mgrote_cv4pve-autosnap
-cv4pve_api_user: root@pam!cv4pve-autosnap
-cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
-cv4pve_vmid: all
-cv4pve_keep_snapshots: 5
-cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip"
-
 ### mgrote_proxmox_bind_mounts
 pve_bind_mounts:
  - vmid: 100
--- a/host_vars/pve5.mgrote.net.yml
+++ b/host_vars/pve5.mgrote.net.yml
@ -170,13 +170,6 @@ sanoid_datasets:
    snapshots: true
    template: 'pve3tage'

-### mgrote_cv4pve-autosnap
-cv4pve_api_user: root@pam!cv4pve-autosnap
-cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
-cv4pve_vmid: all,-115
-cv4pve_keep_snapshots: 5
-cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.14.7/cv4pve-autosnap-linux-x64.zip"
-
 ### mgrote_proxmox_bind_mounts
 pve_bind_mounts:
  ### fileserver3
--- a/playbooks/3_service/pve.yml
+++ b/playbooks/3_service/pve.yml
@ -16,7 +16,8 @@
    - role: mgrote_smart
      tags: "smart"
    - role: mgrote_cv4pve_autosnap
-      tags: "cv4pve"
+      tags: cv4pve
+      become: true
    - role: mgrote_proxmox_bind_mounts
      tags: "bindmounts"
    - role: mgrote_proxmox_lxc_profiles
--- a/roles/mgrote_cv4pve_autosnap/README.md
+++ b/roles/mgrote_cv4pve_autosnap/README.md
@ -1,11 +0,0 @@
-## mgrote.cv4pve
-
-### Beschreibung
-Installiert [cv4pve-autosnap](https://github.com/Corsinvest/cv4pve-autosnap).
-Legt einen systemd-timer.
-
-### getestet auf
- [x] ProxMox 7*
-
-### Variablen + Defaults
- see [defaults](./defaults/main.yml)
--- a/roles/mgrote_cv4pve_autosnap/defaults/main.yml
+++ b/roles/mgrote_cv4pve_autosnap/defaults/main.yml
@ -3,7 +3,7 @@
 cv4pve_cron_minute: "39"
 cv4pve_cron_hour: "5"
 # proxmox api-token and user
-cv4pve_api_token: "XXXXXXXXXXXXXXXXXXXXXX"
+cv4pve_api_token: "supersecret"
 cv4pve_api_user: "root@pam!test2"
 # which vm to snapshot
 cv4pve_vmid: all
@ -12,3 +12,7 @@ cv4pve_keep_snapshots: 3
 # under which user the script is run
 cv4pve_user_group: cv4pve
 cv4pve_user: cv4pve
+# url
+cv4pve_dl_link: https://github.com/Corsinvest/cv4pve-autosnap/releases/download/{{ cv4pve_version }}/cv4pve-autosnap-linux-x64.zip
+cv4pve_version: "v1.14.8"
+cv4pve_base_path: /usr/local/bin/cv4pve
--- a/roles/mgrote_cv4pve_autosnap/tasks/install.yml
+++ b/roles/mgrote_cv4pve_autosnap/tasks/install.yml
@ -0,0 +1,42 @@
+---
+- name: Ensure needed directories exist
+  ansible.builtin.file:
+    path: "{{ cv4pve_base_path }}"
+    state: directory
+    owner: "{{ cv4pve_user }}"
+    group: "{{ cv4pve_user_group }}"
+    mode: "0644"
+
+- name: Download specified version
+  ansible.builtin.unarchive:
+    src: "{{ cv4pve_dl_link }}"
+    dest: "{{ cv4pve_base_path }}"
+    mode: '0755'
+    owner: "{{ cv4pve_user }}"
+    group: "{{ cv4pve_user_group }}"
+    remote_src: true
+    creates: "{{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }}"
+    list_files: true
+  register: download
+
+- name: Rename binary # noqa no-changed-when no-handler
+  ansible.builtin.command: |
+    mv "{{ cv4pve_base_path }}/cv4pve-autosnap" "{{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }}"
+  when: download.changed
+
+# https://stackoverflow.com/questions/20252057/using-ansible-how-would-i-delete-all-items-except-for-a-specified-set-in-a-dire
+- name: Find old versions
+  ansible.builtin.find:
+    paths: "{{ cv4pve_base_path }}"
+    file_type: file
+    use_regex: false
+    excludes:
+      - "cv4pve-autosnap-{{ cv4pve_version }}"
+  register: found_files
+
+- name: Ensure old versions are absent
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: absent
+  with_items: "{{ found_files['files'] }}"
+...
--- a/roles/mgrote_cv4pve_autosnap/tasks/main.yml
+++ b/roles/mgrote_cv4pve_autosnap/tasks/main.yml
@ -2,74 +2,9 @@
 - name: include user tasks
  ansible.builtin.include_tasks: user.yml

+- name: include install tasks
+  ansible.builtin.include_tasks: install.yml

- name: create directories
-  become: true
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: directory
-    owner: "{{ cv4pve_user }}"
-    group: "{{ cv4pve_user_group }}"
-    mode: "0644"
-  loop:
-    - '/tmp/cv4pve'
-    - '/usr/local/bin/cv4pve'
-
- name: download archives
-  become: true
-  ansible.builtin.get_url:
-    url: "{{ cv4pve_dl_link }}"
-    dest: /tmp/cv4pve/cv4pve-autosnap-linux-x64.zip
-    mode: '0775'
-    owner: "{{ cv4pve_user }}"
-    group: "{{ cv4pve_user_group }}"
-
- name: extract archives
-  become: true
-  ansible.builtin.unarchive:
-    src: /tmp/cv4pve/cv4pve-autosnap-linux-x64.zip
-    dest: /usr/local/bin/cv4pve
-    remote_src: true
-    mode: a+x
-    owner: "{{ cv4pve_user }}"
-    group: "{{ cv4pve_user_group }}"
-
- name: template cv4pve.service
-  become: true
-  ansible.builtin.template:
-    src: cv4pve.service.j2
-    dest: /etc/systemd/system/cv4pve.service
-    owner: root
-    group: root
-    mode: "0644"
-  notify:
-    - systemctl daemon-reload
-
- name: template cv4pve_mail.service
-  become: true
-  ansible.builtin.template:
-    src: cv4pve_mail.service.j2
-    dest: /etc/systemd/system/cv4pve_mail.service
-    owner: root
-    group: root
-    mode: "0644"
-  notify:
-    - systemctl daemon-reload
-
- name: template cv4pve.timer
-  become: true
-  ansible.builtin.template:
-    src: cv4pve.timer.j2
-    dest: /etc/systemd/system/cv4pve.timer
-    owner: root
-    group: root
-    mode: "0644"
-  notify:
-    - systemctl daemon-reload
-
- name: systemctl start cv4pve.timer
-  become: true
-  ansible.builtin.systemd:
-    name: cv4pve.timer
-    state: started
-    enabled: true
+- name: include systemd tasks
+  ansible.builtin.include_tasks: systemd.yml
+...
--- a/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml
+++ b/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml
@ -0,0 +1,38 @@
+---
+- name: Ensure service-unit (cv4pve) is templated
+  ansible.builtin.template:
+    src: cv4pve.service.j2
+    dest: /etc/systemd/system/cv4pve.service
+    owner: root
+    group: root
+    mode: "0644"
+  no_log: true
+  notify:
+    - systemctl daemon-reload
+
+- name: Ensure service-unit (mail) is templated
+  ansible.builtin.template:
+    src: cv4pve_mail.service.j2
+    dest: /etc/systemd/system/cv4pve_mail.service
+    owner: root
+    group: root
+    mode: "0644"
+  notify:
+    - systemctl daemon-reload
+
+- name: Ensure service-unit (timer) is templated
+  ansible.builtin.template:
+    src: cv4pve.timer.j2
+    dest: /etc/systemd/system/cv4pve.timer
+    owner: root
+    group: root
+    mode: "0644"
+  notify:
+    - systemctl daemon-reload
+
+- name: Ensure timer is started is templated
+  ansible.builtin.systemd:
+    name: cv4pve.timer
+    state: started
+    enabled: true
+...
--- a/roles/mgrote_cv4pve_autosnap/tasks/user.yml
+++ b/roles/mgrote_cv4pve_autosnap/tasks/user.yml
@ -1,5 +1,5 @@
 ---
- name: ensure group exists
+- name: Ensure group exists
  become: true
  ansible.builtin.group:
    name: "{{ cv4pve_user_group }}"
@ -7,7 +7,7 @@
  when:
    - cv4pve_user_group is defined

- name: ensure user exists
+- name: Ensure user exists
  become: true
  ansible.builtin.user:
    name: "{{ cv4pve_user }}"
@ -17,3 +17,4 @@
  when:
    - cv4pve_user_group is defined
    - cv4pve_user is defined
+...
--- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2
+++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2
@ -6,4 +6,4 @@ OnFailure=cv4pve_mail.service

 [Service]
 Type=simple
-ExecStart=/usr/local/bin/cv4pve/cv4pve-autosnap --host=127.0.0.1 --api-token {{ cv4pve_api_user }}={{ cv4pve_api_token }} --vmid="{{ cv4pve_vmid }}" snap --label='daily' --keep="{{ cv4pve_keep_snapshots }}" --state
+ExecStart={{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }} --host=127.0.0.1 --api-token {{ cv4pve_api_user }}={{ cv4pve_api_token }} --vmid="{{ cv4pve_vmid }}" snap --label='daily' --keep="{{ cv4pve_keep_snapshots }}" --state
--- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2
+++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2
@ -6,6 +6,5 @@ Description=Timer: Trigger VM-Snapshots in PVE with cv4pve.
 OnCalendar=*-*-* {{ cv4pve_cron_hour }}:{{ cv4pve_cron_minute }}:00
 RandomizedDelaySec=10 min

-
 [Install]
 WantedBy=timers.target multi-user.target
--- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2
+++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2
@ -1,5 +1,4 @@
 {{ file_header | default () }}
-
 [Unit]
 Description=Send a Mail in case of an error in cv4pve.service.