dfg
Some checks failed
ansible-lint / gitleaks (pull_request) Successful in 8s
ansible-lint / Ansible Lint (pull_request) Failing after 1m8s

This commit is contained in:
Michael Grote 2024-10-28 18:32:18 +01:00
parent b76ff5624e
commit f52aa4384b
4 changed files with 25 additions and 36 deletions

View file

@ -1,8 +1,6 @@
---
### when should rsync_mirror be run (every 5 minutes)
rsync_mirror_timer: '*-*-* *:00/5'
rsync_mirror_user: rsync_mirror
rsync_mirror_user_group: rsync_mirror
### mgrote_rsync_mirror
#rsync_mirror_syncoid_datasets_sync:
@ -10,3 +8,9 @@ rsync_mirror_user_group: rsync_mirror
# source_dataset: hdd_data/tmp
# destination_mount_check: hdd_data/tmp # zielpool
# destination_dataset: backup/pve5/tmp
------
rsync_mirror_user_group: "{{ rsync_mirror_user }}"
rsync_mirror_user: rsync_mirror

View file

@ -1,17 +1,5 @@
---
- name: template ssh private key
become: true
ansible.builtin.template:
src: private_key.j2
dest: "/etc/rsync_mirror/.ssh/id_rsync_mirror"
owner: "{{ rsync_mirror_user }}"
group: "{{ rsync_mirror_user_group }}"
mode: "0400"
no_log: true
when:
- rsync_mirror_syncoid_destination_host
- name: template ssh public key
- name: Ensure SSH-Public-Key is templated
ansible.posix.authorized_key:
user: "{{ rsync_mirror_user }}"
key: "{{ rsync_mirror_syncoid_ssh_pubkey }}"

View file

@ -18,16 +18,24 @@
- "/etc/rsync_mirror/"
- "/etc/rsync_mirror/.ssh"
- name: template syncoid.sh
- name: Ensure SSH-Private-Key is templated
become: true
ansible.builtin.template:
src: "syncoid.sh.j2"
dest: /usr/bin/syncoid.sh
src: private_key.j2
dest: "/etc/rsync_mirror/.ssh/id_rsync_mirror"
owner: "{{ rsync_mirror_user }}"
group: "{{ rsync_mirror_user_group }}"
mode: "0400"
no_log: true
- name: Ensure rsync_mirror-Script is templated
become: true
ansible.builtin.template:
src: "rsync_mirror.sh.j2"
dest: "/usr/bin/rsync_mirror.sh"
owner: root
group: root
mode: "0755"
when:
- rsync_mirror_syncoid_destination_host
mode: "0750"
- name: Ensure services are present
become: true
@ -43,7 +51,6 @@
- rsync_mirror.service
- rsync_mirror.timer
- rsync_mirror_mail.service
when: ytdl_active
- name: Ensure timer unit is enabled
become: true
@ -54,7 +61,6 @@
state: started
notify:
- systemctl daemon-reload
when: ytdl_active
- name: Ensure service units are enabled
become: true
@ -66,4 +72,3 @@
- rsync_mirror.service
- rsync_mirror.timer
- rsync_mirror_mail.service
when: ytdl_active

View file

@ -1,22 +1,16 @@
---
- name: ensure group exists
- name: Ensure group exists
become: true
ansible.builtin.group:
name: "{{ rsync_mirror_user_group }}"
state: present
when:
- rsync_mirror_user_group is defined
- rsync_mirror_user is defined
- name: ensure user exists
- name: Ensure user exists
become: true
ansible.builtin.user:
name: "{{ rsync_mirror_user }}"
group: "{{ rsync_mirror_user_group }}"
create_home: true
when:
- rsync_mirror_user_group is defined
- rsync_mirror_user is defined
create_home: false
- name: Ensure user is added to sudoers
become: true
@ -24,7 +18,5 @@
name: "users-sudo-{{ rsync_mirror_user }}"
state: present
user: "{{ rsync_mirror_user }}"
commands: ALL
commands: ALL # TODO einschränken?
nopassword: true
when:
- rsync_mirror_syncoid_destination_host