majic-ansible-roles Changeset

Changeset - dbc3381e1ff3

Parent rev.

Child rev.

[Not reviewed]

0 3 3

Branko Majic (branko) - 10 years ago 2016-01-06 01:01:47
branko@majic.rs

MAR-44: Implemented backup support for the XMPP server role. Updated test site to include XMPP server as one of the backup clients.

6 files changed with 32 insertions and 1 deletions:

docs/rolereference.rst

roles/xmpp_server/files/backup_patterns

roles/xmpp_server/meta/main.yml

roles/xmpp_server/tasks/backup.yml

roles/xmpp_server/tasks/main.yml

testsite/group_vars/backup.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

 * User entries are read from sub-tree (first-level only)
   ``ou=people,XMPP_LDAP_BASE_DN``. Query filter used for finding users is
   ``(&(mail=$user@$host)(memberOf=cn=xmpp,ou=groups,XMPP_LDAP_BASE_DN))``. This
   allows group-based granting of XMPP service to users.
 Backups
 ~~~~~~~
 If the backup for this role has been enabled, the following paths are backed-up:
 **/var/lib/prosody/**
   Roster information, as well as undelivered (offline) messages for all XMPP
   users. Keep in mind that list of available users and their credentials are
   stored in the LDAP directory (which is backed-up via LDAP server role).
 Parameters
 ~~~~~~~~~~
 **xmpp_administrators** (list, mandatory)
   List of Prosody users that should be granted administrator privileges over
   Prosody. Each item is a string with value equal to XMPP user ID

roles/xmpp_server/files/backup_patterns

➞

Show inline comments

roles/xmpp_server/meta/main.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 dependencies:
   - role: backup_client
     when: enable_backup
@@ \ No newline at end of file @@

roles/xmpp_server/tasks/backup.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Deploy include patterns to backup
   copy: src="backup_patterns" dest="/etc/duply/main/patterns/xmpp_server"
         owner="root" group="root" mode="700"
   notify:
     - Assemble Duply include patterns
@@ \ No newline at end of file @@

roles/xmpp_server/tasks/main.yml

➞

Show inline comments

@@ @@ -53,7 +53,11 @@ @@
 - name: Enable and start Prosody service
   service: name=prosody enabled=yes state=started
 - name: Deploy firewall configuration for XMPP server
   copy: src="ferm_xmpp.conf" dest="/etc/ferm/conf.d/30-xmpp.conf" owner=root group=root mode=640
   notify:
     - Restart ferm
@@ \ No newline at end of file @@
     - Restart ferm
 - name: Enable backup
   include: backup.yml
   when: enable_backup
@@ \ No newline at end of file @@

testsite/group_vars/backup.yml

➞

Show inline comments

@@ @@ -14,12 +14,15 @@ backup_clients: @@
   - server: mail.{{ testsite_domain }}
     public_key: "{{ lookup('file', inventory_dir + '/ssh/mail.' + testsite_domain + '.pub') }}"
     ip: 10.32.64.15
   - server: ldap.{{ testsite_domain }}
     public_key: "{{ lookup('file', inventory_dir + '/ssh/ldap.' + testsite_domain + '.pub') }}"
     ip: 10.32.64.12
   - server: xmpp.{{ testsite_domain }}
     public_key: "{{ lookup('file', inventory_dir + '/ssh/xmpp.' + testsite_domain + '.pub') }}"
     ip: 10.32.64.16
 backup_host_ssh_private_keys:
   dsa: "{{ lookup('file', inventory_dir + '/ssh/backup_server_dsa_key') }}"
   rsa: "{{ lookup('file', inventory_dir + '/ssh/backup_server_rsa_key') }}"
   ed25519: "{{ lookup('file', inventory_dir + '/ssh/backup_server_ed25519_key') }}"
   ecdsa: "{{ lookup('file', inventory_dir + '/ssh/backup_server_ecdsa_key') }}"

0 comments (0 inline, 0 general)