mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

sdfgds
Some checks failed
ansible-lint / gitleaks (pull_request) Successful in 8s
Details
ansible-lint / Ansible Lint (pull_request) Failing after 1m15s
Details

Browse source
This commit is contained in:
Michael Grote 2024-10-28 18:24:29 +01:00
parent 6bcf3cb539
commit 2cb7390f5b
6 changed files with 86 additions and 169 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
roles/mgrote_rsync/tasks/destination.yml
View file

@ -11,75 +11,7 @@
when: when:
- sanoid_syncoid_destination_host - sanoid_syncoid_destination_host
- name: Ensure user is added to sudoers - name: template ssh public key
become: true ansible.posix.authorized_key:
community.general.sudoers:
name: "users-sudo-{{ sanoid_user }}"
state: present
user: "{{ sanoid_user }}" user: "{{ sanoid_user }}"
commands: ALL key: "{{ sanoid_syncoid_ssh_pubkey }}"
nopassword: true
when:
- sanoid_syncoid_destination_host
- name: template syncoid.service
become: true
ansible.builtin.template:
src: "syncoid.service.j2"
dest: /etc/systemd/system/syncoid.service
owner: root
group: root
mode: "0644"
notify:
- systemctl daemon-reload
when:
- sanoid_syncoid_destination_host
- name: template syncoid.sh
become: true
ansible.builtin.template:
src: "syncoid.sh.j2"
dest: /usr/bin/syncoid.sh
owner: root
group: root
mode: "0755"
when:
- sanoid_syncoid_destination_host
- name: template syncoid_mail.service
become: true
ansible.builtin.template:
src: "syncoid_mail.service.j2"
dest: /etc/systemd/system/syncoid_mail.service
owner: root
group: root
mode: "0644"
notify:
- systemctl daemon-reload
when:
- sanoid_syncoid_destination_host
- name: template syncoid.timer
become: true
ansible.builtin.template:
src: "syncoid.timer.j2"
dest: "/etc/systemd/system/syncoid.timer"
owner: root
group: root
mode: "0644"
notify:
- systemctl daemon-reload
when:
- sanoid_syncoid_destination_host
- name: enable syncoid.timer
become: true
ansible.builtin.systemd:
name: "syncoid.timer"
enabled: true
masked: false
state: started
notify:
- systemctl daemon-reload
when:
- sanoid_syncoid_destination_host

77
roles/mgrote_rsync/tasks/main.yml
View file

@ -1,78 +1,11 @@
--- ---
- name: include user tasks - name: Include user tasks
ansible.builtin.include_tasks: user.yml ansible.builtin.include_tasks: user.yml
- name: install packages from repo - name: Include source tasks
become: true
ansible.builtin.apt:
name:
- mbuffer
- lzop
- libcapture-tiny-perl
- pv
- libconfig-ini-perl
- sanoid
state: present
- name: Overwrite syncoid script from package
become: true
ansible.builtin.get_url:
url: https://raw.githubusercontent.com/jimsalterjrs/sanoid/master/syncoid
dest: /usr/bin/syncoid
mode: '0755'
owner: root
group: root
force: true
- name: create sanoid directories
become: true
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ sanoid_user }}"
group: "{{ sanoid_user_group }}"
mode: "0700"
with_items:
- "/etc/sanoid"
- "/etc/sanoid/.ssh"
- name: include snaps tasks
ansible.builtin.include_tasks: snaps.yml
when:
- sanoid_datasets is defined
- sanoid_templates is defined
- sanoid_snaps_enable is defined
- sanoid_snaps_enable
- name: ensure timers are enabled
become: true
ansible.builtin.systemd:
state: started
name: "{{ item }}"
daemon_reload: true
masked: false
enabled: true
loop:
- sanoid.timer
- name: ensure services are enabled
become: true
ansible.builtin.systemd:
name: "{{ item }}"
masked: false
enabled: true
loop:
- sanoid.service
- sanoid-prune.service
- name: include source-host tasks
ansible.builtin.include_tasks: source.yml ansible.builtin.include_tasks: source.yml
when: when: "source" in rsync_host
- sanoid_syncoid_source_host is defined and sanoid_syncoid_source_host is true
- sanoid_syncoid_ssh_pubkey is defined
- name: include destination-host tasks - name: Include destination tasks
ansible.builtin.include_tasks: destination.yml ansible.builtin.include_tasks: destination.yml
when: when: "destination" in rsync_host
- sanoid_syncoid_destination_host is defined and sanoid_syncoid_destination_host is true
- sanoid_syncoid_ssh_privkey is defined

77
roles/mgrote_rsync/tasks/source.yml
View file

@ -1,20 +1,69 @@
--- ---
- name: template ssh public key - name: Ensure packages are present
become: true become: true
ansible.posix.authorized_key: ansible.builtin.package:
user: "{{ sanoid_user }}" name:
key: "{{ sanoid_syncoid_ssh_pubkey }}" - rsync
state: present state: present
when:
- sanoid_syncoid_source_host
- name: Ensure user is added to sudoers - name: Ensure needed dirs exist
become: true become: true
community.general.sudoers: ansible.builtin.file:
name: "users-sudo-{{ sanoid_user }}" path: "{{ item }}"
state: present state: directory
user: "{{ sanoid_user }}" owner: "{{ sanoid_user }}"
commands: ALL group: "{{ sanoid_user_group }}"
nopassword: true mode: "0600"
with_items:
- "/etc/rsync_mirror/"
- "/etc/rsync_mirror/.ssh"
- name: template syncoid.sh
become: true
ansible.builtin.template:
src: "syncoid.sh.j2"
dest: /usr/bin/syncoid.sh
owner: root
group: root
mode: "0755"
when: when:
- sanoid_syncoid_source_host - sanoid_syncoid_destination_host
- name: Ensure services are present
become: true
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}"
owner: root
group: root
mode: "0644"
notify:
- systemctl daemon-reload
loop:
- youtubedl.service
- youtubedl.timer
- youtubedl_mail.service
when: ytdl_active
- name: Ensure timer unit is enabled
become: true
ansible.builtin.systemd:
name: youtubedl.timer
enabled: true
masked: false
state: started
notify:
- systemctl daemon-reload
when: ytdl_active
- name: Ensure service units are enabled
become: true
ansible.builtin.systemd:
name: "{{ item }}"
masked: false
enabled: true
loop:
- youtubedl.service
- youtubedl.timer
- youtubedl_mail.service
when: ytdl_active

11
roles/mgrote_rsync/tasks/user.yml
View file

@ -17,3 +17,14 @@
when: when:
- sanoid_user_group is defined - sanoid_user_group is defined
- sanoid_user is defined - sanoid_user is defined
- name: Ensure user is added to sudoers
become: true
community.general.sudoers:
name: "users-sudo-{{ sanoid_user }}"
state: present
user: "{{ sanoid_user }}"
commands: ALL
nopassword: true
when:
- sanoid_syncoid_destination_host

4
roles/mgrote_rsync/templates/rsync_mirror.sh.j2 Normal file
View file

@ -0,0 +1,4 @@
#!/bin/bash
{{ file_header | default () }}
rsync befehle....

12
roles/mgrote_rsync/templates/syncoid.sh.j2
View file

@ -1,12 +0,0 @@
#!/bin/bash
{{ file_header | default () }}
# check if dest-dataset is mounted (sed: entferne 1. Zeile; awk: zeige nur yes/no; grep: RC1 when != yes)
{% for item in sanoid_syncoid_datasets_sync %}
# check if target dataset is mounted
/usr/sbin/zfs get mounted -H {{ item.destination_mount_check }} 2>&1 > /dev/null || echo "Pool not mounted!"
# check if source host is reachable
ping -c1 -W1 {{ item.source_host }} > /dev/null || {{ item.source_host }} not reachable!
# syncoid
export HOME=/root ; /usr/bin/syncoid --compress=zstd-fast --sshoption=StrictHostKeyChecking=no --delete-target-snapshots --use-hold --preserve-recordsize --sshkey "/etc/sanoid/.ssh/id_sanoid" --source-bwlimit {{ sanoid_syncoid_bwlimit }} {{ sanoid_user }}@{{ item.source_host }}:{{ item.source_dataset }} {{ item.destination_dataset }}
{% endfor %}