majic-ansible-roles Changeset

Changeset - 8d2978c32f31

Parent rev.

Child rev.

[Not reviewed]

0 7 0

Branko Majic (branko) - 2 months ago 2024-02-10 12:42:51
branko@majic.rs

MAR-191: Drop Debian 10 Buster support for the backup_client role:

- Internal parameter for Python's pexpect package is no longer
required - newer versions of Debian have fully switche to using the
Python 3 version of it for duplicity.
- Fix prepare playbook task to iterate over list of backup users
instead of hard-coding the values.
- Drop the directory set-up task that seems to serve no purpose (some
leftover from previous refactoring most likely.
- Update supported version information in docs and metadata.

7 files changed with 5 insertions and 59 deletions:

docs/rolereference.rst

roles/backup_client/defaults/main.yml

roles/backup_client/meta/main.yml

roles/backup_client/molecule/default/molecule.yml

roles/backup_client/molecule/default/prepare.yml

roles/backup_client/molecule/default/tests/test_default.py

roles/backup_client/tasks/main.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -2379,7 +2379,6 @@ Distribution compatibility @@
 Role is compatible with the following distributions:
 - Debian 10 (Buster)
 - Debian 11 (Bullseye)

roles/backup_client/defaults/main.yml

➞

Show inline comments

@@ @@ -4,8 +4,3 @@ backup_additional_encryption_keys: [] @@
 backup_client_username: "bak-{{ ansible_fqdn | replace('.', '_') }}"
 backup_server_destination: /duplicity
 backup_server_port: 2222
 # Internal parameters.
 backup_client_pexpect_package:
   buster: python-pexpect
   bullseye: python3-pexpect

roles/backup_client/meta/main.yml

➞

Show inline comments

@@ @@ -8,5 +8,4 @@ galaxy_info: @@
   platforms:
     - name: Debian
       versions:
         - 10
         - 11

roles/backup_client/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -29,34 +29,6 @@ platforms: @@
         network_name: private_network
         type: static
   - name: param-mandatory-buster
     groups:
       - parameters-mandatory
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     provider_raw_config_args:
       - "customize ['modifyvm', :id, '--paravirtprovider', 'minimal']"
     interfaces:
       - auto_config: true
         ip: 192.168.56.20
         network_name: private_network
         type: static
   - name: param-optional-buster
     groups:
       - parameters-optional
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     provider_raw_config_args:
       - "customize ['modifyvm', :id, '--paravirtprovider', 'minimal']"
     interfaces:
       - auto_config: true
         ip: 192.168.56.21
         network_name: private_network
         type: static
   - name: param-mandatory-bullseye
     groups:
       - parameters-mandatory

roles/backup_client/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -45,7 +45,7 @@ @@
         - /etc/ssh/ssh_host_ed25519_key.pub
         - /etc/ssh/ssh_host_ecdsa_key.pub
-    - name: Force the use of internal-sftp subsystem fro SFTP
+    - name: Force the use of internal-sftp subsystem for SFTP
       lineinfile:
         path: /etc/ssh/sshd_config
         regexp: "^Subsystem.*sftp"
@@ @@ -94,15 +94,12 @@ @@
     - name: Change ownership of home directories for SFTP chroot to work
       file:
         path: "{{ item }}"
+        path: "/home/{{ item.name }}"
         state: directory
         owner: root
         group: root
         mode: 0755
       with_items:
         - /home/backupuser
         - /home/bak-param-mandatory-buster
         - /home/bak-param-mandatory-bullseye
       with_items: "{{ backup_users }}"
     - name: Set-up duplicity backup directories
       file:
@@ @@ -113,17 +110,6 @@ @@
         mode: 0770
       with_items: "{{ backup_users }}"
     - name: Set-up directories for parameters-optional backups
       file:
         path: "~backupuser/duplicity/{{ item }}"
         state: directory
         owner: backupuser
         group: backupuser
         mode: 0700
       with_items:
         - "param-optional-buster"
   handlers:
     - name: Restart ssh
       service:
@@ @@ -132,8 +118,6 @@ @@
   vars:
     backup_users:
       - name: bak-param-mandatory-buster
         key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory.pub') }}"
       - name: bak-param-mandatory-bullseye
         key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory.pub') }}"
       - name: backupuser

roles/backup_client/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -14,10 +14,7 @@ def test_installed_packages(host): @@
     distribution_release = host.ansible("setup")["ansible_facts"]["ansible_distribution_release"]
     if distribution_release == "buster":
         expected_package_name = "python-pexpect"
     else:
         expected_package_name = "python3-pexpect"
     expected_package_name = "python3-pexpect"
     assert host.package(expected_package_name).is_installed
     assert host.package('duply').is_installed

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -5,7 +5,7 @@ @@
 # possible to switch to Paramiko backend.
 - name: Install pexpect for pexpect+sftp Duplicity backend
   apt:
-    name: "{{ backup_client_pexpect_package[ansible_distribution_release] }}"
+    name: python3-pexpect
     state: present
 - name: Install backup software

0 comments (0 inline, 0 general)