docker-compose/navidrome/docker-compose.yml.j2

@@ -71,7 +71,7 @@ volumes:
     driver_opts:
       type: "cifs"
       o: "user=navidrome,password={{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_navidrome', 'password') }}"
-      device: "//192.168.2.54/musik/Musik"
+      device: "//192.168.2.54/music/Musik"
 ######## Networks ########
 networks:
   traefik:

group_vars/all.yml

@@ -248,15 +248,6 @@ munin_node_plugins:
       env.config_dir /etc/fail2ban
       user root
 
-### mgrote_sync (für pbs + pve)
-rsync_mirror_user_group: "{{ rsync_mirror_user }}"
-rsync_mirror_user: rsync_mirror
-rsync_mirror_bw_limit: "4m" # 4 Megabytes
-rsync_mirror_timer: '*-*-* 0/8:5:0' # alle 8 h
-
-rsync_mirror_private_key: "{{ lookup('viczem.keepass.keepass', 'rsync_mirror_private_key', 'notes') }}"
-rsync_mirror_public_key: "{{ lookup('viczem.keepass.keepass', 'rsync_mirror_public_key', 'notes') }}"
-
 # Ansible Variablen
 ### User
 ansible_user: "ansible-user"

group_vars/pbs.yml

@@ -1,4 +1,12 @@
 ---
+### mgrote_fileserver_smb
+smb_workgroup: WORKGROUP
+smb_min_protocol: "SMB2"
+smb_client_min_protocol: "SMB2"
+smb_client_max_protocol: "SMB3_11"
+smb_enable_snapshots_dir: true
+smb_enable_snapshots_shadow: true
+
 ### mgrote_netplan
 netplan_configure: false
 

host_vars/fileserver3.mgrote.net.yml

@@ -3,8 +3,8 @@
 smb_users:
   - name: 'restic'
     password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_restic', 'password') }}"
-  - name: 'win10'
+  - name: 'win3'
-    password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_win10', 'password') }}"
+    password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_win3', 'password') }}"
   - name: 'kodi'
     password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_kodi', 'password') }}"
   - name: 'michaelgrote'
@@ -22,51 +22,51 @@ smb_shares:
   - name: 'videos'
     path: '/shares_videos'
     users_ro: 'kodi'
-    users_rw: 'michaelgrote win10'
+    users_rw: 'michaelgrote win3'
   - name: 'scans'
     path: '/shares_scans'
     users_ro: ' michaelgrote'
-    users_rw: 'brother_ads2700w'
+    users_rw: 'brother_ads2700w win3'
   - name: 'papa_backup'
     path: '/shares_papa_backup'
     users_ro: 'michaelgrote'
-    users_rw: 'win10'
+    users_rw: 'win3'
   - name: 'backup'
     path: '/shares_backup'
     users_ro: ''
-    users_rw: 'win10 michaelgrote'
+    users_rw: 'win3 michaelgrote'
   - name: 'archiv'
     path: '/shares_archiv'
     users_ro: ''
-    users_rw: 'michaelgrote win10'
+    users_rw: 'michaelgrote win3'
-  - name: 'musik'
+  - name: 'music'
     path: '/shares_music'
     users_ro: 'navidrome kodi  '
-    users_rw: 'win10 michaelgrote'
+    users_rw: 'win3 michaelgrote'
   - name: 'tmp'
     path: '/shares_tmp'
-    users_ro: 'win10'
+    users_ro: ''
-    users_rw: 'kodi win10 michaelgrote'
+    users_rw: 'kodi win3 michaelgrote'
   - name: 'bilder'
     path: '/shares_bilder'
     users_ro: ''
-    users_rw: ' michaelgrote win10'
+    users_rw: ' michaelgrote win3'
   - name: 'proxmox'
-    path: '/shares_pve_backup'
+    path: '/shares_proxmox'
     users_ro: 'michaelgrote'
-    users_rw: 'pve win10'
+    users_rw: 'pve win3'
   - name: 'restic'
     path: '/shares_restic'
     users_ro: ''
-    users_rw: 'restic win10 michaelgrote'
+    users_rw: 'restic win3 michaelgrote'
   - name: 'buecher'
     path: '/shares_buecher'
     users_ro: ''
-    users_rw: 'michaelgrote win10'
+    users_rw: 'michaelgrote win3'
   - name: 'programme'
     path: '/shares_programme'
     users_ro: ''
-    users_rw: 'michaelgrote win10'
+    users_rw: 'michaelgrote win3'
   - name: 'vm'
     path: '/shares_vm'
     users_ro: ''

host_vars/pbs.mgrote.net.yml

@@ -1,4 +1,60 @@
 ---
+# smb, warum smb auf dem Backup-Server?
+# Damit der Sync über FFS laufen kann...
+
+### mgrote_fileserver_smb
+smb_users:
+  - name: 'win3'
+    password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_win3', 'password') }}"
+  - name: 'michaelgrote'
+    password: "{{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_michaelgrote', 'password') }}"
+
+smb_shares:
+  - name: 'videos'
+    path: '/backup/pve5/videos'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'scans'
+    path: '/backup/pve5/scans'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'backup'
+    path: '/backup/pve5/backup'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'archiv'
+    path: '/backup/pve5/archiv'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'music'
+    path: '/backup/pve5/music'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'tmp'
+    path: '/backup/pve5/tmp'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'bilder'
+    path: '/backup/pve5/bilder'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'restic'
+    path: '/backup/pve5/restic'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'buecher'
+    path: '/backup/pve5/buecher'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'programme'
+    path: '/backup/pve5/programme'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+  - name: 'proxmox'
+    path: '/backup/pve5/proxmox'
+    users_ro: 'michaelgrote'
+    users_rw: 'win3'
+
 # pbs_*
 pbs_datastores:
   - name: zfs_backup
@@ -66,7 +122,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
     snapdir: hidden
     reservation: 1G
     acltype: posix # https:///docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
-  - dataset: backup/pve5/pve_backup
+  - dataset: backup/pve5/proxmox
     state: present
     recordsize: 1M
   - dataset: backup/pve5/videos
@@ -135,7 +191,7 @@ sanoid_datasets:
     template: '14tage'
     recursive: 'yes'
     snapshots: true
-  - path: 'backup/pve5/pve_backup'
+  - path: 'backup/pve5/proxmox'
     template: '14tage'
     recursive: 'yes'
     snapshots: true
@@ -167,6 +223,3 @@ sanoid_datasets:
     recursive: 'no' # noqa yaml[truthy]
     snapshots: true
     template: '14tage'
-
-### mgrote_rsync
-rsync_host_role: destination

host_vars/pve5.mgrote.net.yml

@@ -60,7 +60,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
     acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
   - dataset: hdd_data/papa_backup
     state: present
-  - dataset: hdd_data/pve_backup
+  - dataset: hdd_data/proxmox
     state: present
     recordsize: 1M
   - dataset: hdd_data/videos
@@ -116,7 +116,7 @@ sanoid_datasets:
     template: '14tage'
     recursive: 'yes'
     snapshots: true
-  - path: 'hdd_data/pve_backup'
+  - path: 'hdd_data/proxmox'
     template: '14tage'
     recursive: 'yes'
     snapshots: true
@@ -171,8 +171,8 @@ pve_bind_mounts:
     mp_path_guest: /shares_videos
   - vmid: 107
     mp_nr: 2
-    mp_path_host: /hdd_data/pve_backup
+    mp_path_host: /hdd_data/proxmox
-    mp_path_guest: /shares_pve_backup
+    mp_path_guest: /shares_proxmox
   - vmid: 107
     mp_nr: 3
     mp_path_host: /hdd_data/papa_backup
@@ -226,30 +226,3 @@ pve_pbs_datastore:
     username: user_pve5@pbs
     password: "{{ lookup('viczem.keepass.keepass', 'pbs_pve_user', 'password') }}"
     fingerprint: "7F:AC:54:75:1C:33:55:84:1E:1E:3A:15:5A:5E:AF:79:33:C9:D4:E1:C0:A0:1C:0D:9E:6A:EA:82:F9:27:57:79"
-
-### mgrote_sync
-rsync_host_role: source
-rsync_mirror_dirs: # bei Src+Dest KEIN "/" am Ende
-  - src: /hdd_data/archiv
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/archiv"
-  - src: /hdd_data/backup
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/backup"
-  - src: /hdd_data/bilder
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/bilder"
-  - src: /hdd_data/buecher
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/buecher"
-  - src: /hdd_data/music
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/music"
-  - src: /hdd_data/programme
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/programme"
-  - src: /hdd_data/pve_backup
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/pve_backup"
-  - src: /hdd_data/restic
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/restic"
-  - src: /hdd_data/scans
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/scans"
-  - src: /hdd_data/tmp
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/tmp"
-  - src: /hdd_data/videos
-    dest: "{{ rsync_mirror_user }}@pbs.mgrote.net:/backup/pve5/videos"
-# hdd_data/vm ist mit Absicht nicht dabei, zu groß

playbooks/3_service/pbs.yml

@@ -19,5 +19,5 @@
       tags: "pbs_users"
     - role: mgrote_pbs_datastores
       tags: "pbs_datastores"
-    - role: mgrote_rsync
+    - role: mgrote_fileserver_smb
-      tags: "rsync"
+      tags: "smb"

playbooks/3_service/pve.yml

@@ -24,5 +24,3 @@
       tags: "lxc-profile"
     - role: mgrote_pbs_pve_integration
       tags: "pbs"
-    - role: mgrote_rsync
-      tags: "rsync"