mirror of
https://github.com/YunoHost-Apps/restic_ynh.git
synced 2024-09-03 20:16:22 +02:00
174 lines
5.9 KiB
YAML
174 lines
5.9 KiB
YAML
---
|
|
- name: upgrade
|
|
hosts: all
|
|
become: true
|
|
vars:
|
|
ansible_python_interpreter: python3
|
|
tasks:
|
|
- name: set timezone
|
|
community.general.timezone:
|
|
name: Europe/Paris
|
|
- name: upgrade
|
|
apt:
|
|
upgrade: true
|
|
update_cache: true
|
|
- name: stat reboot-required file
|
|
stat:
|
|
path: /var/run/reboot-required
|
|
register: _reboot_required_stat
|
|
- name: debug _reboot_required_stat
|
|
debug:
|
|
var: _reboot_required_stat
|
|
- name: reboot if required
|
|
reboot:
|
|
when: _reboot_required_stat.stat.exists
|
|
- name: install yunohost
|
|
hosts: all
|
|
become: true
|
|
vars:
|
|
ansible_python_interpreter: python3
|
|
installation_script_path: /tmp/yunohost_installation_script.sh
|
|
tasks:
|
|
- name: stat /etc/yunohost directory
|
|
stat:
|
|
path: /etc/yunohost
|
|
register: _stat_etc_yunohost
|
|
- block:
|
|
- name: retrieve ynh installation script
|
|
get_url:
|
|
url: https://install.yunohost.org
|
|
dest: "{{ installation_script_path }}"
|
|
mode: +x
|
|
owner: root
|
|
group: root
|
|
- name: install yunohost
|
|
command: bash {{ installation_script_path }} -a -f
|
|
# -a automatic and -f do not run checks
|
|
# I don't know why, after YNH installation, dnsmasq is down...
|
|
# dnsmasq.service: Start-post operation timed out. Stopping.
|
|
# found a post on YNH forum with no answer:
|
|
# https://forum.yunohost.org/t/dnsmasq-fails-to-start-in-post-install-on-fresh-system/10153
|
|
# so I just use a workaround, start the service...
|
|
- name: ensure dnsmasq service is started
|
|
service:
|
|
name: dnsmasq
|
|
state: started
|
|
- name: install python3-pip
|
|
apt:
|
|
name: python3-pip
|
|
- name: install pexpect
|
|
pip:
|
|
executable: pip3
|
|
name: pexpect
|
|
- name: run post installation
|
|
ansible.builtin.expect:
|
|
command: yunohost tools postinstall
|
|
timeout: null
|
|
responses:
|
|
(?i)main domain: restic.test
|
|
(?i)administration password: This is my password!
|
|
- name: remove installation script
|
|
file:
|
|
path: "{{ installation_script_path }}"
|
|
state: absent
|
|
when: not _stat_etc_yunohost.stat.exists
|
|
|
|
- name: install restic
|
|
hosts: all
|
|
become: true
|
|
vars:
|
|
restic_username: resticbackup
|
|
tasks:
|
|
- name: add backup user
|
|
user:
|
|
name: "{{ restic_username }}"
|
|
- name: install restic
|
|
command: >-
|
|
yunohost app install --force /restic_ynh -a "server=localhost&ssh_user=resticbackup&passphrase=APassphrase&conf=1&port=22&backup_path=&data=1&app=all&allow_extra_space_use=1&on_calendar=Daily&check_on_calendar=*-*-8,15,22&check_read_data_on_calendar=*-*-1&domain=sub.domain.tld&path=&admin=package_checker&is_public=&apps=all"
|
|
args:
|
|
creates: /opt/yunohost/restic
|
|
- name: install several instances of my_webapp
|
|
command: >-
|
|
yunohost app install my_webapp -a "&domain=restic.test&path={{ item.path }}&admin=package_checker&is_public=1&password=APassphrase&with_sftp=0&with_mysql=0"
|
|
args:
|
|
creates: "{{ item.creates }}"
|
|
loop:
|
|
- path: webapp1
|
|
creates: /etc/yunohost/apps/my_webapp
|
|
- path: webapp2
|
|
creates: /etc/yunohost/apps/my_webapp__2
|
|
- path: webapp3
|
|
creates: /etc/yunohost/apps/my_webapp__3
|
|
- name: get ssh key
|
|
command: cat /root/.ssh/id_restic_ed25519.pub
|
|
changed_when: false
|
|
register: _restic_public_key
|
|
- name: ensure .ssh directory exists for user {{ restic_username }}
|
|
file:
|
|
path: /home/{{ restic_username }}/.ssh
|
|
mode: u=rwx,go=
|
|
state: directory
|
|
owner: "{{ restic_username }}"
|
|
group: "{{ restic_username }}"
|
|
- name: ensure restic public key is authorized on user {{ restic_username }}
|
|
lineinfile:
|
|
create: true
|
|
mode: u=rw,go=
|
|
owner: "{{ restic_username }}"
|
|
group: "{{ restic_username }}"
|
|
path: /home/{{ restic_username }}/.ssh/authorized_keys
|
|
line: "{{ _restic_public_key.stdout }}"
|
|
- name: check that backuping all apps works
|
|
hosts: all
|
|
become: true
|
|
vars:
|
|
restic_username: resticbackup
|
|
restic_password: APassphrase
|
|
tasks:
|
|
- name: ensure restic is set to backup all apps
|
|
lineinfile:
|
|
path: /etc/yunohost/apps/restic/settings.yml
|
|
regexp: '^apps:'
|
|
line: 'apps: all'
|
|
- name: start a backup
|
|
service:
|
|
name: restic
|
|
state: started
|
|
- name: gather installed apps list
|
|
shell: yunohost app list | grep 'id:' | awk '{print $2}'
|
|
changed_when: false
|
|
register: _yunohost_app_list
|
|
- name: stat all apps backup repository
|
|
stat:
|
|
path: /home/{{ restic_username }}/auto_{{ item }}
|
|
loop: "{{ _yunohost_app_list.stdout_lines }}"
|
|
register: _all_apps_repository_stat
|
|
- name: ensure a repository exists for all apps
|
|
assert:
|
|
that: _all_apps_repository_stat.results[index]['stat']['exists']
|
|
fail_msg: "No repository was created for app {{ item }}"
|
|
success_msg: "A repository has been found for app {{ item }}"
|
|
loop: "{{ _yunohost_app_list.stdout_lines }}"
|
|
loop_control:
|
|
index_var: index
|
|
- name: Ensure at least one snapshot has been created for all apps
|
|
environment:
|
|
RESTIC_PASSWORD: "{{ restic_password }}"
|
|
command: restic -r /home/{{ restic_username }}/auto_{{ item }} list snapshots
|
|
failed_when: _restic_apps_snapshots.stdout_lines | length < 1
|
|
changed_when: false
|
|
register: _restic_apps_snapshots
|
|
loop: "{{ _yunohost_app_list.stdout_lines }}"
|
|
loop_control:
|
|
index_var: index
|
|
- name: check that a check works
|
|
hosts: all
|
|
become: true
|
|
vars:
|
|
restic_username: resticbackup
|
|
restic_password: APassphrase
|
|
tasks:
|
|
- name: start a check
|
|
service:
|
|
name: restic_check
|
|
state: started
|