Changeset - d2a9e41cd838
Parent rev.
Child rev.
[Not reviewed]
0 2 0
Branko Majic (branko) - 7 years ago 2017-06-11 15:46:54
branko@majic.rs
MAR-108: Applied linting fixes for backup_client role:

- Ignore the two handlers for Ansible lint checks since they are only called via
notify and if user explicitly requested so.
- Simplify the playbook by installing python-pexpect unconditionally on all
versions of Debian.
- Fixed a number of file mode parameters to use leading zero.
2 files changed with 22 insertions and 11 deletions:
roles/backup_client/handlers/main.yml
12
roles/backup_client/tasks/main.yml
10
11
0 comments (0 inline, 0 general)
roles/backup_client/handlers/main.yml
Show inline comments
 
@@ -2,9 +2,21 @@
 

			




	
	
	
		
 
- name: Clean-up GnuPG keyring for import of new keys

			




	
	
	
		
 
  shell: rm -f /etc/duply/main/gnupg/*

			




	
	
	
		
 
  tags:

			




	
	
	
		
 
    # [ANSIBLE0007] rm used in place of argument state=absent to file module

			




	
	
	
		
 
    #   This task is invoked only if user is very specific about requiring to

			




	
	
	
		
 
    #   run the handlers manually as a way to bring the system to consistency

			




	
	
	
		
 
    #   after interrupted runs.

			




	
	
	
		
 
    - skip_ansible_lint

			




	
	
	
		
 

			




	
	
	
		
 
- name: Import private keys

			




	
	
	
		
 
  command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"

			




	
	
	
		
 
  tags:

			




	
	
	
		
 
    # [ANSIBLE0012] Commands should not change things if nothing needs doing

			




	
	
	
		
 
    #   This task is invoked only if user is very specific about requiring to

			




	
	
	
		
 
    #   run the handlers manually as a way to bring the system to consistency

			




	
	
	
		
 
    #   after interrupted runs.

			




	
	
	
		
 
    - skip_ansible_lint

			




	
	
	
		
 

			




	
	
	
		
 
- name: Import public keys

			




	
	
	
		
 
  command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"

			




        

    


    
    

    

        

                

                    roles/backup_client/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install pexpect for pexpect+sftp Duplicity backend (only on Stretch)

			




	
	
	
		
 
- name: Install pexpect for pexpect+sftp Duplicity backend (mainly needed on Stretch)

			




	
	
	
		
 
  apt: name="python-pexpect" state=installed

			




	
	
	
		
 
  when: "ansible_distribution == 'Debian' and ansible_distribution_release == 'stretch'"

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install backup software

			




	
	
	
		
 
  apt: name="{{ item }}" state=installed

			




	
	
		
 
@@ -11,7 +10,7 @@

			




	
	
	
		
 
    - duply

			




	
	
	
		
 

			




	
	
	
		
 
- name: Set-up Duply directories

			




	
	
	
		
 
  file: path="{{ item }}" state=directory owner=root group=root mode=700

			




	
	
	
		
 
  file: path="{{ item }}" state=directory owner=root group=root mode=0700

			




	
	
	
		
 
  with_items:

			




	
	
	
		
 
    - "/etc/duply"

			




	
	
	
		
 
    - "/etc/duply/main"

			




	
	
		
 
@@ -23,7 +22,7 @@

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy GnuPG private keys

			




	
	
	
		
 
  copy: content="{{ backup_encryption_key }}" dest="/etc/duply/main/private_keys.asc"

			




	
	
	
		
 
        owner=root group=root mode=600

			




	
	
	
		
 
        owner=root group=root mode=0600

			




	
	
	
		
 
  notify:

			




	
	
	
		
 
    - Clean-up GnuPG keyring for import of new keys

			




	
	
	
		
 
    - Import private keys

			




	
	
		
 
@@ -31,7 +30,7 @@

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy GnuPG public keys

			




	
	
	
		
 
  copy: content="{{ backup_additional_encryption_keys | join('\n') }}" dest="/etc/duply/main/public_keys.asc"

			




	
	
	
		
 
        owner=root group=root mode=600

			




	
	
	
		
 
        owner=root group=root mode=0600

			




	
	
	
		
 
  notify:

			




	
	
	
		
 
    - Clean-up GnuPG keyring for import of new keys

			




	
	
	
		
 
    - Import private keys

			




	
	
		
 
@@ -52,28 +51,28 @@

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy private SSH key for logging-in into backup server

			




	
	
	
		
 
  copy: content="{{ backup_ssh_key }}" dest="/etc/duply/main/ssh/identity"

			




	
	
	
		
 
        owner="root" group="root" mode="600"

			




	
	
	
		
 
        owner="root" group="root" mode="0600"

			




	
	
	
		
 
  no_log: True

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy custom known_hosts for backup purposes

			




	
	
	
		
 
  template: src="known_hosts.j2" dest="/etc/duply/main/ssh/known_hosts"

			




	
	
	
		
 
            owner="root" group="root" mode="600"

			




	
	
	
		
 
            owner="root" group="root" mode="0600"

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy Duply configuration file

			




	
	
	
		
 
  template: src="duply_main_conf.j2" dest="/etc/duply/main/conf"

			




	
	
	
		
 
            owner=root group=root mode=600

			




	
	
	
		
 
            owner=root group=root mode=0600

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy base exclude pattern (exclude all by default)

			




	
	
	
		
 
  copy: content="- **" dest="/etc/duply/main/exclude"

			




	
	
	
		
 
        owner="root" group="root" mode="600"

			




	
	
	
		
 
        owner="root" group="root" mode="0600"

			




	
	
	
		
 

			




	
	
	
		
 
- name: Set-up directory for storing pre-backup scripts

			




	
	
	
		
 
  file: path="/etc/duply/main/pre.d/" state=directory

			




	
	
	
		
 
        owner="root" group="root" mode="700"

			




	
	
	
		
 
        owner="root" group="root" mode="0700"

			




	
	
	
		
 

			




	
	
	
		
 
- name: Set-up script for running all pre-backup scripts

			




	
	
	
		
 
  copy: src="duply_pre" dest="/etc/duply/main/pre"

			




	
	
	
		
 
        owner="root" group="root" mode="700"

			




	
	
	
		
 
        owner="root" group="root" mode="0700"

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy crontab entry for running backups

			




	
	
	
		
 
  cron: name=backup cron_file=backup hour=2 minute=0 job="/usr/bin/duply main backup"

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.