diff --git a/roles/backup_client/playbook.yml b/roles/backup_client/playbook.yml deleted file mode 100644 index 68d6493dac6bf34c8f3fb1055ad7ee7518ae82a7..0000000000000000000000000000000000000000 --- a/roles/backup_client/playbook.yml +++ /dev/null @@ -1,116 +0,0 @@ ---- - -- hosts: all - tasks: - - - name: Update all caches to avoid errors due to missing remote archives - apt: - update_cache: yes - changed_when: False - -- hosts: backup-server - tasks: - - - name: Deploy SSH server keys - copy: - content: "{{ lookup('file', item.key) + '\n' }}" - dest: "{{ item.value }}" - owner: root - group: root - mode: 0600 - with_dict: - tests/data/ssh/server_dsa: /etc/ssh/ssh_host_dsa_key - tests/data/ssh/server_rsa: /etc/ssh/ssh_host_rsa_key - tests/data/ssh/server_ed25519: /etc/ssh/ssh_host_ed25519_key - tests/data/ssh/server_ecdsa: /etc/ssh/ssh_host_ecdsa_key - notify: - - Restart ssh - - - name: Set-up backup user groups - group: - name: "{{ item.name }}" - with_items: "{{ backup_users }}" - - - name: Set-up backup users - user: - name: "{{ item.name }}" - group: "{{ item.name }}" - with_items: "{{ backup_users }}" - - - name: Set-up authorised keys - authorized_key: - user: "{{ item.name }}" - key: "{{ item.key }}" - with_items: "{{ backup_users }}" - - - name: Set-up port forwarding - command: "iptables -t nat -A PREROUTING -p tcp -m tcp --dport '{{ item }}' -j REDIRECT --to-ports 22" - changed_when: False - with_items: - - 2222 - - 3333 - - - name: Set-up directory for parameters-mandatory backups - file: - path: /duplicity - state: directory - owner: bak-parameters-mandatory - group: bak-parameters-mandatory - mode: 0700 - - handlers: - - name: Restart ssh - service: - name: ssh - state: restarted - - vars: - backup_users: - - name: bak-parameters-mandatory - key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory.pub') }}" - - name: backupuser - key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}" - -- hosts: parameters-mandatory - roles: - - role: backup_client - backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-mandatory.asc') }}" - backup_server: 10.31.127.10 - backup_server_host_ssh_public_keys: - - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}" - backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory' ) }}" - -- hosts: parameters-optional - roles: - - role: backup_client - backup_additional_encryption_keys: - - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_1.asc') }}" - - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_2.asc') }}" - - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_3.asc') }}" - backup_client_username: backupuser - backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}" - backup_server: 10.31.127.10 - backup_server_destination: "/home/backupuser" - backup_server_host_ssh_public_keys: - - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}" - - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}" - backup_server_port: 3333 - backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}" - - -# Deploy a dummy pre-backup script for testing purposes. -- hosts: parameters-mandatory,parameters-optional - tasks: - - - name: Deploy pre-backup script - copy: - src: tests/data/10-test-pre-backup.sh - dest: /etc/duply/main/pre.d/10-test-pre-backup.sh - owner: root - group: root - mode: 0700