Vendor Galaxy Roles and Collections

ansible_collections/debops/debops/roles/boxbackup/tasks/configure_clients.yml

@@ -0,0 +1,87 @@
+---
+# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2019 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Install Box Backup client package
+  ansible.builtin.package:
+    name: 'boxbackup-client'
+    state: 'present'
+  register: boxbackup__register_client_packages
+  until: boxbackup__register_client_packages is succeeded
+
+- name: Set backup softlimit size for client hosts
+  ansible.builtin.set_fact:
+    boxbackup_softlimit: '{{ (ansible_mounts | sum(attribute="size_total") / 1024 / 1024
+                              + boxbackup_softlimit_padding) | int }}'
+  when: (boxbackup_softlimit is undefined or not boxbackup_softlimit)
+
+- name: Set backup hardlimit size for client hosts
+  ansible.builtin.set_fact:
+    boxbackup_hardlimit: '{{ (boxbackup_softlimit | float * boxbackup_hardlimit_multiplier | float) | int }}'
+  when: (boxbackup_hardlimit is undefined or not boxbackup_hardlimit)
+
+- name: Create accounts for client hosts
+  ansible.builtin.command: bbstoreaccounts create {{ boxbackup_account }} {{ boxbackup_discnum }}
+                                  {{ boxbackup_softlimit }}M {{ boxbackup_hardlimit }}M
+  args:
+    creates: '{{ boxbackup_storage }}/backup/{{ boxbackup_account }}/info.rfw'
+  delegate_to: '{{ boxbackup_server }}'
+
+- name: Make sure that boxbackup client directories exists
+  ansible.builtin.file:
+    path: '{{ item }}'
+    state: 'directory'
+    owner: 'root'
+    group: 'root'
+    mode: '0700'
+  with_items: [ '/etc/boxbackup', '/etc/boxbackup/bbackupd', '/etc/boxbackup/servers/{{ boxbackup_server }}' ]
+
+- name: Check if encryption key exists on Ansible Controller
+  ansible.builtin.stat:
+    path: '{{ secret + "/storage/boxbackup/clients/" + ansible_fqdn + "/" + boxbackup_account + "-FileEncKeys.raw" }}'
+  register: boxbackup_register_enckeys
+  delegate_to: 'localhost'
+  become: False
+
+- name: Download BoxBackup encryption key from archive
+  ansible.builtin.copy:
+    src: '{{ secret + "/storage/boxbackup/clients/" + ansible_fqdn + "/" + boxbackup_account + "-FileEncKeys.raw" }}'
+    dest: '/etc/boxbackup/bbackupd/{{ boxbackup_account }}-FileEncKeys.raw'
+    owner: 'root'
+    group: 'root'
+    mode: '0600'
+  when: boxbackup_register_enckeys.stat.exists
+  notify: [ 'Restart boxbackup-client' ]
+
+- name: Create encryption key on client hosts
+  ansible.builtin.command: openssl rand -out /etc/boxbackup/bbackupd/{{ boxbackup_account }}-FileEncKeys.raw
+                        {{ boxbackup_encrypt_bits }}
+  args:
+    creates: '/etc/boxbackup/bbackupd/{{ boxbackup_account }}-FileEncKeys.raw'
+  notify:
+    - Restart boxbackup-client
+
+- name: Archive client encryption key
+  ansible.builtin.fetch:
+    src: '/etc/boxbackup/bbackupd/{{ boxbackup_account }}-FileEncKeys.raw'
+    dest: '{{ secret }}/storage/boxbackup/clients/{{ ansible_fqdn }}/{{ boxbackup_account }}-FileEncKeys.raw'
+    flat: 'yes'
+
+- name: Install notification script on client hosts
+  ansible.builtin.template:
+    src: 'etc/boxbackup/bbackupd/NotifySysadmin.sh.j2'
+    dest: '/etc/boxbackup/bbackupd/NotifySysadmin.sh'
+    owner: 'root'
+    group: 'root'
+    mode: '0700'
+
+- name: Configure client hosts
+  ansible.builtin.template:
+    src: 'etc/boxbackup/bbackupd.conf.j2'
+    dest: '/etc/boxbackup/bbackupd.conf'
+    owner: 'root'
+    group: 'root'
+    mode: '0600'
+  notify:
+    - Restart boxbackup-client

ansible_collections/debops/debops/roles/boxbackup/tasks/configure_servers.yml

@@ -0,0 +1,50 @@
+---
+# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2019 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Install Box Backup server packages
+  ansible.builtin.package:
+    name: 'boxbackup-server'
+    state: 'present'
+  register: boxbackup__register_server_packages
+  until: boxbackup__register_server_packages is succeeded
+
+- name: Make sure that boxbackup server directories exists
+  ansible.builtin.file:
+    path: '{{ item }}'
+    state: 'directory'
+    owner: 'bbstored'
+    group: 'bbstored'
+    mode: '0700'
+  with_items: [ '/etc/boxbackup', '/etc/boxbackup/bbstored',
+                '{{ boxbackup_storage }}', '{{ boxbackup_storage }}/backup' ]
+
+- name: Check block size of storage device
+  ansible.builtin.shell: "set -o nounset -o pipefail -o errexit &&
+          dumpe2fs -h $(df {{ boxbackup_storage }} | tail -n 1 \
+          | awk '{ print $1 }') | grep 'Block size' | awk '{ print $3 }'"
+  args:
+    executable: 'bash'
+  register: boxbackup_storage_blocksize
+  changed_when: False
+
+- name: Make sure accounts.txt file exists
+  ansible.builtin.copy:
+    force: false
+    dest: /etc/boxbackup/bbstored/accounts.txt
+    content: ''
+    owner: bbstored
+    group: bbstored
+    mode: '0600'
+
+- name: Configure boxbackup server
+  ansible.builtin.template:
+    src: '{{ item }}.j2'
+    dest: '/{{ item }}'
+    owner: 'bbstored'
+    group: 'bbstored'
+    mode: '0640'
+  with_items: [ 'etc/boxbackup/raidfile.conf', 'etc/boxbackup/bbstored.conf' ]
+  notify:
+    - Restart boxbackup-server

ansible_collections/debops/debops/roles/boxbackup/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com>
+# Copyright (C) 2015-2019 DebOps <https://debops.org/>
+# SPDX-License-Identifier: GPL-3.0-only
+
+- name: Import DebOps secret role
+  ansible.builtin.import_role:
+    name: 'secret'
+
+- name: Configure server-side
+  ansible.builtin.include_tasks: configure_servers.yml
+  when: boxbackup_server is defined and boxbackup_server == ansible_fqdn
+
+- name: Configure client-side
+  ansible.builtin.include_tasks: configure_clients.yml
+  when: boxbackup_server is defined and boxbackup_server != ansible_fqdn