diff --git a/group_vars/pve.yml b/group_vars/pve.yml index 6e8aa92b..fbf1917f 100644 --- a/group_vars/pve.yml +++ b/group_vars/pve.yml @@ -28,6 +28,14 @@ users: allow_sudo: true allow_passwordless_sudo: true + +### mgrote_cv4pve_autosnap +cv4pve_api_user: root@pam!cv4pve-autosnap +cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}" +cv4pve_vmid: all,-115 +cv4pve_keep_snapshots: 5 +cv4pve_version: "v1.14.8" + ### mgrote_apt_manage_packages apt_packages_extra: - ifupdown2 diff --git a/host_vars/pve5-test.mgrote.net.yml b/host_vars/pve5-test.mgrote.net.yml index fa97a4c2..41f8eeec 100644 --- a/host_vars/pve5-test.mgrote.net.yml +++ b/host_vars/pve5-test.mgrote.net.yml @@ -153,13 +153,6 @@ sanoid_datasets: snapshots: true template: '3tage' -### mgrote_cv4pve-autosnap -cv4pve_api_user: root@pam!cv4pve-autosnap -cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}" -cv4pve_vmid: all -cv4pve_keep_snapshots: 5 -cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip" - ### mgrote_proxmox_bind_mounts pve_bind_mounts: - vmid: 100 diff --git a/host_vars/pve5.mgrote.net.yml b/host_vars/pve5.mgrote.net.yml index 6c0618bc..c51eacec 100644 --- a/host_vars/pve5.mgrote.net.yml +++ b/host_vars/pve5.mgrote.net.yml @@ -170,13 +170,6 @@ sanoid_datasets: snapshots: true template: 'pve3tage' -### mgrote_cv4pve-autosnap -cv4pve_api_user: root@pam!cv4pve-autosnap -cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}" -cv4pve_vmid: all,-115 -cv4pve_keep_snapshots: 5 -cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.14.7/cv4pve-autosnap-linux-x64.zip" - ### mgrote_proxmox_bind_mounts pve_bind_mounts: ### fileserver3 diff --git a/playbooks/3_service/pve.yml b/playbooks/3_service/pve.yml index 3e5b3a4d..1304eed7 100644 --- a/playbooks/3_service/pve.yml +++ b/playbooks/3_service/pve.yml @@ -16,7 +16,8 @@ - role: mgrote_smart tags: "smart" - role: mgrote_cv4pve_autosnap - tags: "cv4pve" + tags: cv4pve + become: true - role: mgrote_proxmox_bind_mounts tags: "bindmounts" - role: mgrote_proxmox_lxc_profiles diff --git a/roles/mgrote_cv4pve_autosnap/README.md b/roles/mgrote_cv4pve_autosnap/README.md deleted file mode 100644 index 2238a007..00000000 --- a/roles/mgrote_cv4pve_autosnap/README.md +++ /dev/null @@ -1,11 +0,0 @@ -## mgrote.cv4pve - -### Beschreibung -Installiert [cv4pve-autosnap](https://github.com/Corsinvest/cv4pve-autosnap). -Legt einen systemd-timer. - -### getestet auf -- [x] ProxMox 7* - -### Variablen + Defaults -- see [defaults](./defaults/main.yml) diff --git a/roles/mgrote_cv4pve_autosnap/defaults/main.yml b/roles/mgrote_cv4pve_autosnap/defaults/main.yml index 7445698c..fe29f131 100644 --- a/roles/mgrote_cv4pve_autosnap/defaults/main.yml +++ b/roles/mgrote_cv4pve_autosnap/defaults/main.yml @@ -3,7 +3,7 @@ cv4pve_cron_minute: "39" cv4pve_cron_hour: "5" # proxmox api-token and user -cv4pve_api_token: "XXXXXXXXXXXXXXXXXXXXXX" +cv4pve_api_token: "supersecret" cv4pve_api_user: "root@pam!test2" # which vm to snapshot cv4pve_vmid: all @@ -12,3 +12,7 @@ cv4pve_keep_snapshots: 3 # under which user the script is run cv4pve_user_group: cv4pve cv4pve_user: cv4pve +# url +cv4pve_dl_link: https://github.com/Corsinvest/cv4pve-autosnap/releases/download/{{ cv4pve_version }}/cv4pve-autosnap-linux-x64.zip +cv4pve_version: "v1.14.8" +cv4pve_base_path: /usr/local/bin/cv4pve diff --git a/roles/mgrote_cv4pve_autosnap/tasks/install.yml b/roles/mgrote_cv4pve_autosnap/tasks/install.yml new file mode 100644 index 00000000..f2497907 --- /dev/null +++ b/roles/mgrote_cv4pve_autosnap/tasks/install.yml @@ -0,0 +1,42 @@ +--- +- name: Ensure needed directories exist + ansible.builtin.file: + path: "{{ cv4pve_base_path }}" + state: directory + owner: "{{ cv4pve_user }}" + group: "{{ cv4pve_user_group }}" + mode: "0644" + +- name: Download specified version + ansible.builtin.unarchive: + src: "{{ cv4pve_dl_link }}" + dest: "{{ cv4pve_base_path }}" + mode: '0755' + owner: "{{ cv4pve_user }}" + group: "{{ cv4pve_user_group }}" + remote_src: true + creates: "{{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }}" + list_files: true + register: download + +- name: Rename binary # noqa no-changed-when no-handler + ansible.builtin.command: | + mv "{{ cv4pve_base_path }}/cv4pve-autosnap" "{{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }}" + when: download.changed + +# https://stackoverflow.com/questions/20252057/using-ansible-how-would-i-delete-all-items-except-for-a-specified-set-in-a-dire +- name: Find old versions + ansible.builtin.find: + paths: "{{ cv4pve_base_path }}" + file_type: file + use_regex: false + excludes: + - "cv4pve-autosnap-{{ cv4pve_version }}" + register: found_files + +- name: Ensure old versions are absent + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + with_items: "{{ found_files['files'] }}" +... diff --git a/roles/mgrote_cv4pve_autosnap/tasks/main.yml b/roles/mgrote_cv4pve_autosnap/tasks/main.yml index 9c9c6f6f..e9d2f9dc 100644 --- a/roles/mgrote_cv4pve_autosnap/tasks/main.yml +++ b/roles/mgrote_cv4pve_autosnap/tasks/main.yml @@ -2,74 +2,9 @@ - name: include user tasks ansible.builtin.include_tasks: user.yml +- name: include install tasks + ansible.builtin.include_tasks: install.yml -- name: create directories - become: true - ansible.builtin.file: - path: "{{ item }}" - state: directory - owner: "{{ cv4pve_user }}" - group: "{{ cv4pve_user_group }}" - mode: "0644" - loop: - - '/tmp/cv4pve' - - '/usr/local/bin/cv4pve' - -- name: download archives - become: true - ansible.builtin.get_url: - url: "{{ cv4pve_dl_link }}" - dest: /tmp/cv4pve/cv4pve-autosnap-linux-x64.zip - mode: '0775' - owner: "{{ cv4pve_user }}" - group: "{{ cv4pve_user_group }}" - -- name: extract archives - become: true - ansible.builtin.unarchive: - src: /tmp/cv4pve/cv4pve-autosnap-linux-x64.zip - dest: /usr/local/bin/cv4pve - remote_src: true - mode: a+x - owner: "{{ cv4pve_user }}" - group: "{{ cv4pve_user_group }}" - -- name: template cv4pve.service - become: true - ansible.builtin.template: - src: cv4pve.service.j2 - dest: /etc/systemd/system/cv4pve.service - owner: root - group: root - mode: "0644" - notify: - - systemctl daemon-reload - -- name: template cv4pve_mail.service - become: true - ansible.builtin.template: - src: cv4pve_mail.service.j2 - dest: /etc/systemd/system/cv4pve_mail.service - owner: root - group: root - mode: "0644" - notify: - - systemctl daemon-reload - -- name: template cv4pve.timer - become: true - ansible.builtin.template: - src: cv4pve.timer.j2 - dest: /etc/systemd/system/cv4pve.timer - owner: root - group: root - mode: "0644" - notify: - - systemctl daemon-reload - -- name: systemctl start cv4pve.timer - become: true - ansible.builtin.systemd: - name: cv4pve.timer - state: started - enabled: true +- name: include systemd tasks + ansible.builtin.include_tasks: systemd.yml +... diff --git a/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml b/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml new file mode 100644 index 00000000..d089d485 --- /dev/null +++ b/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml @@ -0,0 +1,38 @@ +--- +- name: Ensure service-unit (cv4pve) is templated + ansible.builtin.template: + src: cv4pve.service.j2 + dest: /etc/systemd/system/cv4pve.service + owner: root + group: root + mode: "0644" + no_log: true + notify: + - systemctl daemon-reload + +- name: Ensure service-unit (mail) is templated + ansible.builtin.template: + src: cv4pve_mail.service.j2 + dest: /etc/systemd/system/cv4pve_mail.service + owner: root + group: root + mode: "0644" + notify: + - systemctl daemon-reload + +- name: Ensure service-unit (timer) is templated + ansible.builtin.template: + src: cv4pve.timer.j2 + dest: /etc/systemd/system/cv4pve.timer + owner: root + group: root + mode: "0644" + notify: + - systemctl daemon-reload + +- name: Ensure timer is started is templated + ansible.builtin.systemd: + name: cv4pve.timer + state: started + enabled: true +... diff --git a/roles/mgrote_cv4pve_autosnap/tasks/user.yml b/roles/mgrote_cv4pve_autosnap/tasks/user.yml index f304dc92..505dfbbd 100644 --- a/roles/mgrote_cv4pve_autosnap/tasks/user.yml +++ b/roles/mgrote_cv4pve_autosnap/tasks/user.yml @@ -1,5 +1,5 @@ --- -- name: ensure group exists +- name: Ensure group exists become: true ansible.builtin.group: name: "{{ cv4pve_user_group }}" @@ -7,7 +7,7 @@ when: - cv4pve_user_group is defined -- name: ensure user exists +- name: Ensure user exists become: true ansible.builtin.user: name: "{{ cv4pve_user }}" @@ -17,3 +17,4 @@ when: - cv4pve_user_group is defined - cv4pve_user is defined +... diff --git a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2 b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2 index d6eee5ab..11490cf1 100644 --- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2 +++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.service.j2 @@ -6,4 +6,4 @@ OnFailure=cv4pve_mail.service [Service] Type=simple -ExecStart=/usr/local/bin/cv4pve/cv4pve-autosnap --host=127.0.0.1 --api-token {{ cv4pve_api_user }}={{ cv4pve_api_token }} --vmid="{{ cv4pve_vmid }}" snap --label='daily' --keep="{{ cv4pve_keep_snapshots }}" --state +ExecStart={{ cv4pve_base_path }}/cv4pve-autosnap-{{ cv4pve_version }} --host=127.0.0.1 --api-token {{ cv4pve_api_user }}={{ cv4pve_api_token }} --vmid="{{ cv4pve_vmid }}" snap --label='daily' --keep="{{ cv4pve_keep_snapshots }}" --state diff --git a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2 b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2 index ed002a77..81b1d5e3 100644 --- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2 +++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve.timer.j2 @@ -6,6 +6,5 @@ Description=Timer: Trigger VM-Snapshots in PVE with cv4pve. OnCalendar=*-*-* {{ cv4pve_cron_hour }}:{{ cv4pve_cron_minute }}:00 RandomizedDelaySec=10 min - [Install] WantedBy=timers.target multi-user.target diff --git a/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2 b/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2 index 89a32874..691cc4e6 100644 --- a/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2 +++ b/roles/mgrote_cv4pve_autosnap/templates/cv4pve_mail.service.j2 @@ -1,5 +1,4 @@ {{ file_header | default () }} - [Unit] Description=Send a Mail in case of an error in cv4pve.service.