Files
@ ea69b2719d8e
Branch filter:
Location: majic-ansible-roles/roles/backup_client/tasks/main.yml - annotation
ea69b2719d8e
3.3 KiB
text/x-yaml
MAR-22: Implemented tests for the common role:
- Added missing documentation for pipreqcheck_uid and pipreqcheck_gid
parameters.
- Use static-hashed passwords for reproducibility during testing in test
playbook.
- Install Emacs and libmariadb-client-lgpl-dev-compat via test playbook on one
of the testing instances in order to test related tasks.
- Fixed parameter for connection limitting in test playbook.
- Added explicit parameters to test playbook for pipreqcheck_gid and
pipreqcheck_uid.
- Fixed deployment of ferm configuration file ot include setting user/group and
mode.
- Added tests covering common deployment, deployment when only mandatory
parameters are provided, and deployment when optional parameters are set as
well.
- Added missing documentation for pipreqcheck_uid and pipreqcheck_gid
parameters.
- Use static-hashed passwords for reproducibility during testing in test
playbook.
- Install Emacs and libmariadb-client-lgpl-dev-compat via test playbook on one
of the testing instances in order to test related tasks.
- Fixed parameter for connection limitting in test playbook.
- Added explicit parameters to test playbook for pipreqcheck_gid and
pipreqcheck_uid.
- Fixed deployment of ferm configuration file ot include setting user/group and
mode.
- Added tests covering common deployment, deployment when only mandatory
parameters are provided, and deployment when optional parameters are set as
well.
a45dcc06530a a45dcc06530a 66da094b2fca 66da094b2fca 66da094b2fca 6b87dd13b24c 6b87dd13b24c 6b87dd13b24c 6b87dd13b24c 6b87dd13b24c a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a d61d01c00362 c6f217756635 a45dcc06530a a45dcc06530a d61d01c00362 d61d01c00362 d61d01c00362 a45dcc06530a d61d01c00362 c6f217756635 a45dcc06530a a45dcc06530a d61d01c00362 d61d01c00362 d61d01c00362 a45dcc06530a c6f217756635 6b87dd13b24c c6f217756635 c6f217756635 61e6cfb81789 c6f217756635 c6f217756635 6b87dd13b24c c6f217756635 c6f217756635 c6f217756635 61e6cfb81789 c6f217756635 a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a 3498d77cad32 3498d77cad32 3498d77cad32 3498d77cad32 a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 5e15f8ca16fc 3686169e9565 3686169e9565 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 | ---
- include: facts.yml
tags:
- handlers
- name: Install pexpect for pexpect+sftp Duplicity backend (only on Stretch)
apt: name="python-pexpect" state=installed
when: "ansible_distribution == 'Debian' and ansible_distribution_release == 'stretch'"
- name: Install backup software
apt: name="{{ item }}" state=installed
with_items:
- duplicity
- duply
- name: Set-up Duply directories
file: path="{{ item }}" state=directory owner=root group=root mode=700
with_items:
- "/etc/duply"
- "/etc/duply/main"
- "/etc/duply/main/patterns"
- "/etc/duply/main/gnupg"
- "/etc/duply/main/ssh"
- "/var/cache/duply"
- "/var/cache/duply/main"
- name: Deploy GnuPG private keys
copy: content="{{ backup_encryption_key }}" dest="/etc/duply/main/private_keys.asc"
owner=root group=root mode=600
notify:
- Clean-up GnuPG keyring for import of new keys
- Import private keys
- Import public keys
- name: Deploy GnuPG public keys
copy: content="{{ backup_additional_encryption_keys | join('\n') }}" dest="/etc/duply/main/public_keys.asc"
owner=root group=root mode=600
notify:
- Clean-up GnuPG keyring for import of new keys
- Import private keys
- Import public keys
- name: Extract encryption key identifier (Duplicty requires key ID in hexadecimal format)
shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/private_keys.asc | grep keyid: | head -n1 | sed -e 's/.*: //' | sed -re 's/^.{{gnupg_key_cutoff}}//'"
register: backup_encryption_key_id
changed_when: False
failed_when: backup_encryption_key_id.stdout == ""
- name: Extract additional encryption keys identifiers (Duplicty requires key ID in hexadecimal format)
shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: | head -n1 | sed -e 's/.*: //' | sort -u | sed -re 's/^.{{gnupg_key_cutoff}}//' | tr '\n' ',' | sed -e 's/,$//'"
register: backup_additional_encryption_keys_ids
when: backup_additional_encryption_keys
changed_when: False
failed_when: backup_additional_encryption_keys_ids.stdout == ""
- name: Deploy private SSH key for logging-in into backup server
copy: content="{{ backup_ssh_key }}" dest="/etc/duply/main/ssh/identity"
owner="root" group="root" mode="600"
no_log: True
- name: Deploy custom known_hosts for backup purposes
template: src="known_hosts.j2" dest="/etc/duply/main/ssh/known_hosts"
owner="root" group="root" mode="600"
- name: Deploy Duply configuration file
template: src="duply_main_conf.j2" dest="/etc/duply/main/conf"
owner=root group=root mode=600
- name: Deploy base exclude pattern (exclude all by default)
copy: content="- **" dest="/etc/duply/main/exclude"
owner="root" group="root" mode="600"
- name: Set-up directory for storing pre-backup scripts
file: path="/etc/duply/main/pre.d/" state=directory
owner="root" group="root" mode="700"
- name: Set-up script for running all pre-backup scripts
copy: src="duply_pre" dest="/etc/duply/main/pre"
owner="root" group="root" mode="700"
- name: Deploy crontab entry for running backups
cron: name=backup cron_file=backup hour=2 minute=0 job="/usr/bin/duply main backup"
state=present user=root
- name: Explicitly run all handlers
include: ../handlers/main.yml
when: "handlers | default(False) | bool() == True"
tags:
- handlers
|