majic-ansible-roles Changeset

Changeset - 5e15f8ca16fc

Parent rev.

Child rev.

[Not reviewed]

0 4 3

Branko Majic (branko) - 8 years ago 2016-01-08 01:15:03
branko@majic.rs

MAR-44: Moved away from crontab for database backups to pre-backup commands for better reliability. Fixed command for collecting the encryption keys.

7 files changed with 40 insertions and 10 deletions:

docs/rolereference.rst

roles/backup_client/files/duply_pre

roles/backup_client/tasks/main.yml

roles/database/tasks/backup.yml

roles/database/templates/dump_db.sh.j2

roles/ldap_server/files/ldapdump.sh

roles/ldap_server/tasks/backup.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -1339,6 +1339,8 @@ The role implements the following: @@
 * Creates MariaDB database.
 * Creates a dedicated user capable of performing any operation on the created
   database. Username is set to be same as the name of database.
 * Sets-up pre-backup task that creates database dump in location
   ``/srv/backup/mariadb/{{ db_name }}.sql``.
 Backups
@@ @@ -1497,7 +1499,8 @@ The role implements the following: @@
   locally-available keyring, deploys them to the server, and imports them.
 * Deploys private SSH key for logging-in into the backup server over SFTP.
 * Deploys ``known_hosts`` file for SFTP fingerprint verification.
 * Sets-up crontab task that runs backups every day at 02:00 in the morning.
 * Sets-up pre-backup task that creates LDAP database dump in location
   ``/srv/backup/slapd.bak``.
 Duply is configured as follows:

roles/backup_client/files/duply_pre

➞

Show inline comments

@@ new file 100644 @@
 #!/bin/bash
 result=0
 for binary in /etc/duply/main/pre.d/*; do
     if [[ -f "$binary" && -x "$binary" ]]; then
         if ! "$binary"; then
             echo "Failed running pre-task '$binary'" >&2
             result=1
         fi
     fi
 done
 exit "$result"

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -18,9 +18,11 @@ @@
     - "/var/cache/duply/main"
 - name: Extract encryption keys
-  local_action: command gpg2 --homedir "{{ backup_gnupg_keyring }}" --armor --export "{{ backup_encryption_keys | join(',') }}"
+  local_action: "command gpg2 --homedir '{{ backup_gnupg_keyring }}' --armor --export {{ backup_encryption_keys | join(' ') }}"
   become: no
   register: encryption_keys
   tags:
     - debug
   changed_when: False
 - name: Extract signing key
@@ @@ -80,6 +82,14 @@ @@
   assemble: src="/etc/duply/main/patterns" dest="/etc/duply/main/include"
             owner="root" group="root" mode="600"
 - name: Set-up directory for storing pre-backup scripts
   file: path="/etc/duply/main/pre.d/" state=directory
         owner="root" group="root" mode="700"
 - name: Set-up script for running all pre-backup scripts
   copy: src="duply_pre" dest="/etc/duply/main/pre"
         owner="root" group="root" mode="700"
 - name: Deploy crontab entry for running backups
   cron: name=backup cron_file=backup hour=2 minute=0 job="/usr/bin/duply main backup"
         state=present user=root
@@ \ No newline at end of file @@

roles/database/tasks/backup.yml

➞

Show inline comments

@@ @@ -14,7 +14,6 @@ @@
   notify:
     - Assemble Duply include patterns
 - name: Create crontab entry for creating MariaDB database dumps every day at 01:45
   cron: name="mariadb_{{ db_name }}" cron_file="mariadb_{{ db_name }}" hour=1 minute=45
         job="/usr/bin/mysqldump \"{{ db_name }}\" > /srv/backup/mariadb/\"{{ db_name }}\".sql"
         state=present user=root
 - name: Deploy script for creating database backup dumps
   template: src="dump_db.sh.j2" dest="/etc/duply/main/pre.d/dump_{{ db_name }}.sh"
             owner=root group=root mode=700

roles/database/templates/dump_db.sh.j2

➞

Show inline comments

		new file 100644
		#!/bin/bash

		/usr/bin/mysqldump "{{ db_name }}" > "/srv/backup/mariadb/{{ db_name }}.sql"

roles/ldap_server/files/ldapdump.sh

➞

Show inline comments

		new file 100644
		#!/bin/bash

		/usr/sbin/slapcat > /srv/backup/slapd.bak

roles/ldap_server/tasks/backup.yml

➞

Show inline comments

@@ @@ -13,7 +13,6 @@ @@
   notify:
     - Assemble Duply include patterns
 - name: Create crontab entry for creating LDAP database dumps every day at 01:45
   cron: name=ldapdump cron_file=ldapdump hour=1 minute=45
         job="/usr/sbin/slapcat > /srv/backup/slapd.bak"
         state=present user=root
 - name: Deploy script for creating LDAP database backup dumps
   copy: src="ldapdump.sh" dest="/etc/duply/main/pre.d/ldapdump.sh"
         owner=root group=root mode=700

0 comments (0 inline, 0 general)