majic-ansible-roles Files · roles/backup

Files @ 814be5def61d

Branch filter:

Location: majic-ansible-roles/roles/backup_client/handlers/main.yml

814be5def61d 1.2 KiB text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-189: Added support for Debian 11 Bullseye to xmpp_server role:

- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.

---

# @TODO: Can't use file module, since one of the files (GnuPG socket)
#        seems to disappear in middle of operation).
- name: Remove current keyring  # noqa 301
  # [301] Commands should not change things if nothing needs doing
  #   This task is invoked only if user is very specific about requiring to
  #   run the handlers manually as a way to bring the system to consistency
  #   after interrupted runs.
  command: "rm -rf /etc/duply/main/gnupg"
  args:
    warn: false

- name: Create keyring directory
  file:
    path: "/etc/duply/main/gnupg"
    state: directory
    owner: root
    group: root
    mode: 0700

- name: Import private keys  # noqa 301
  # [301] Commands should not change things if nothing needs doing
  #   This task is invoked only if user is very specific about requiring to
  #   run the handlers manually as a way to bring the system to consistency
  #   after interrupted runs.
  command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"

- name: Import public keys
  command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
  when: backup_additional_encryption_keys | length > 0