Add Roles for preparing the Backup Location and for the Environment Variables for Backups

This commit is contained in:
erebion 2023-09-05 13:15:13 +02:00
parent 3b9f2eea33
commit 335bf6ad0b
8 changed files with 67 additions and 0 deletions

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+PKk36CATvlCTByaTUjVUrYtZsTLZhqAUx/n2X/GnF root@neuromancer.unhb.de

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKJc4RQfDo6jzYZY2w9UUjsCFqPYHSRr7ClSRDVaijv root@server4

View file

@ -0,0 +1,38 @@
---
- name: "Ensure the groups for the backups users exists"
ansible.builtin.group:
name: "{{ item }}"
state: present
with_items:
- restic_unhb2
- restic_unhb4
- name: "Ensure the backup users for restic exist"
ansible.builtin.user:
name: "{{ item }}"
groups: "{{ item }}"
append: yes
with_items:
- restic_unhb2
- restic_unhb4
- name: "Set authorized keys for restic_unhb2"
ansible.posix.authorized_key:
user: "restic_unhb2"
state: present
key: "{{ lookup('file', '{{ keys_item }}') }}"
with_fileglob:
- ../ssh_pub_keys/*.pub
loop_control:
loop_var: keys_item
- name: "Set authorized keys for restic_unhb4"
ansible.posix.authorized_key:
user: "restic_unhb4"
state: present
key: "{{ lookup('file', '{{ keys_item }}') }}"
with_fileglob:
- ../ssh_pub_keys/*.pub
loop_control:
loop_var: keys_item

View file

@ -0,0 +1,6 @@
MARIADB_ROOT_PASSWORD_NEXTCLOUD={{ unhb4_mariadb_containers['nextcloud'].password }}
MARIADB_ROOT_PASSWORD_ETHERPAD={{ unhb4_mariadb_containers['etherpad'].password }}
MARIADB_ROOT_PASSWORD_JVEREIN={{ unhb4_mariadb_containers['jverein'].password }}
MARIADB_ROOT_PASSWORD_URLSHORTENER={{ unhb4_mariadb_containers['urlshortener'].password }}
MARIADB_ROOT_PASSWORD_WIKI={{ unhb4_mariadb_containers['wiki'].password }}
MARIADB_ROOT_PASSWORD_WORDPRESS={{ unhb4_mariadb_containers['wordpress'].password }}

View file

@ -0,0 +1,10 @@
---
- name: "Template restic_db_passwords.env"
ansible.builtin.template:
src: "restic_db_passwords.env_{{ inventory_hostname }}.j2"
dest: /opt/scripts/restic/restic_db_passwords.env
owner: root
group: root
mode: '0440'
force: true

View file

@ -0,0 +1,3 @@
MARIADB_PASSWORD_PARTKEEPR={{ unhb2_mariadb_containers['partkeepr'].password }}
MARIADB_PASSWORD_ENGELSYSTEM={{ unhb2_mariadb_containers['engelsystem'].password }}

View file

@ -0,0 +1,6 @@
MARIADB_PASSWORD_NEXTCLOUD={{ unhb4_mariadb_containers['nextcloud'].password }}
MARIADB_PASSWORD_ETHERPAD={{ unhb4_mariadb_containers['etherpad'].password }}
MARIADB_PASSWORD_JVEREIN={{ unhb4_mariadb_containers['jverein'].password }}
MARIADB_PASSWORD_URLSHORTENER={{ unhb4_mariadb_containers['urlshortener'].password }}
MARIADB_PASSWORD_WIKI={{ unhb4_mariadb_containers['wiki'].password }}
MARIADB_PASSWORD_WORDPRESS={{ unhb4_mariadb_containers['wordpress'].password }}

View file

@ -10,6 +10,8 @@
- apt_listchanges
- basic_common_settings
- firewalld
- unhb_backup_location
- unhb_backup_scripts
- name: Set up roles on unhb4
hosts: unhb2