Another big round of refactoring and cleaning...

roles/sys-bkp-docker-to-local/README.md

@@ -0,0 +1,26 @@
+# Backup Docker to Local
+
+## Description
+
+This Ansible role automates the process of backing up Docker volumes to a local folder. It pulls the [sys-bkp-docker-to-local repository](https://github.com/kevinveenbirkenbach/sys-bkp-docker-to-local.git), installs required software, configures systemd services for both standard and "everything" backup modes, and seeds backup database entries as needed.
+
+## Overview
+
+Optimized for Archlinux, this role ensures that Docker volume backups are performed reliably with minimal manual intervention. It integrates with several dependent roles to verify backup success and manage related tasks, including:
+- [sys-bkp-directory-validator](../sys-bkp-directory-validator/) – Validates backup directories.
+- [sys-cln-faild-bkps](../sys-cln-faild-bkps/) – Cleans up unsuccessful backup attempts.
+- [sys-timer](../sys-timer/) – Schedules recurring backup tasks.
+- [sys-bkp-provider](../sys-bkp-provider/) – Manages backup sources.
+- [sys-lock](../sys-lock/) – Ensures coordinated maintenance operations.
+
+## Purpose
+
+Backup Docker Volumes to Local is a comprehensive solution that leverages rsync to create incremental backups of Docker volumes, providing seamless recovery for both file and database data. Ideal for ensuring the integrity and security of your container data, this role sets up the necessary environment to safeguard your Docker volumes.
+
+## Features
+
+- **Required Software Installation:** Installs necessary packages (e.g., lsof, python-pandas) via pacman.
+- **Git Repository Pull:** Automatically pulls the latest version of the [sys-bkp-docker-to-local repository](https://github.com/kevinveenbirkenbach/sys-bkp-docker-to-local.git).
+- **Systemd Service Configuration:** Deploys and reloads two systemd service templates to manage backup tasks.
+- **Database Seeding:** Includes tasks to seed and manage a backup database (`databases.csv`) for tracking backup details.
+- **Dependency Integration:** Works in conjunction with the dependent roles listed above to verify and manage backups.

roles/sys-bkp-docker-to-local/handlers/main.yml

@@ -0,0 +1,9 @@
+- name: "reload sys-bkp-docker-to-local-everything.cymais.service"
+  systemd:
+    name: sys-bkp-docker-to-local-everything.cymais.service
+    daemon_reload: yes
+
+- name: "reload sys-bkp-docker-to-local.cymais.service"
+  systemd:
+    name: sys-bkp-docker-to-local.cymais.service
+    daemon_reload: yes

roles/sys-bkp-docker-to-local/meta/main.yml

@@ -0,0 +1,30 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Automates the backup of Docker volumes to a local folder"
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions:
+        - rolling
+  galaxy_tags:
+    - backup
+    - docker
+    - local
+    - systemd
+    - automation
+  repository: "https://s.veen.world/cymais"
+  issue_tracker_url: "https://s.veen.world/cymaisissues"
+  documentation: "https://s.veen.world/cymais"
+dependencies:
+  - sys-bkp-provider
+  - sys-alm-compose
+  - sys-cln-faild-bkps
+  - sys-lock
+  - sys-bkp-directory-validator

roles/sys-bkp-docker-to-local/tasks/main.yml

@@ -0,0 +1,56 @@
+- name: "pkgmgr install"
+  include_role:
+    name: pkgmgr-install
+  vars:
+    package_name: "{{ bkp_docker_to_local_pkg }}"
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: "Retrieve {{ bkp_docker_to_local_pkg }} path from pkgmgr"
+  command: "pkgmgr path {{ bkp_docker_to_local_pkg }}"
+  register: pkgmgr_output
+  changed_when: false
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: Set fact for backup_docker_to_local_folder
+  set_fact:
+    backup_docker_to_local_folder: "{{ pkgmgr_output.stdout }}/"
+  changed_when: false
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: "reset (if enabled)"
+  include_tasks: reset.yml 
+  when: mode_reset | bool and run_once_bkp_docker_to_local is not defined
+
+- name: configure sys-bkp-docker-to-local-everything.cymais.service
+  template: 
+    src: sys-bkp-docker-to-local-everything.service.j2
+    dest: /etc/systemd/system/sys-bkp-docker-to-local-everything.cymais.service
+  notify: reload sys-bkp-docker-to-local-everything.cymais.service
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: configure sys-bkp-docker-to-local.cymais.service
+  template: 
+    src: sys-bkp-docker-to-local.service.j2
+    dest: /etc/systemd/system/sys-bkp-docker-to-local.cymais.service
+  notify: reload sys-bkp-docker-to-local.cymais.service
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: "set 'service_name' to '{{ role_name }}'"
+  set_fact:
+    service_name: "{{ role_name }}"
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: "include role for sys-timer for {{service_name}}"
+  include_role:
+    name: sys-timer
+  vars:
+    on_calendar:  "{{on_calendar_backup_docker_to_local}}"
+  when: run_once_bkp_docker_to_local is not defined
+
+- name: "include seed-database-to-backup.yml"
+  include_tasks: seed-database-to-backup.yml
+
+- name: run the backup_docker_to_local tasks once
+  set_fact:
+    run_once_bkp_docker_to_local: true
+  when: run_once_bkp_docker_to_local is not defined

roles/sys-bkp-docker-to-local/tasks/reset.yml

@@ -0,0 +1,4 @@
+- name: "reset {{ backup_docker_to_local_folder }}databases.csv"
+  file:
+    path: "{{ backup_docker_to_local_folder }}databases.csv"
+    state: absent

roles/sys-bkp-docker-to-local/tasks/seed-database-to-backup.yml

@@ -0,0 +1,60 @@
+# This file is also used by web-app-matrix
+
+- name: "Display all database variables"
+  debug:
+    msg: |
+      database_application_id: "{{ database_application_id | default('undefined') }}"
+      database_instance: "{{ database_instance | default('undefined') }}"
+      database_name: "{{ database_name | default('undefined') }}"
+      database_type: "{{ database_type | default('undefined') }}"
+      database_host: "{{ database_host | default('undefined') }}"
+      database_username: "{{ database_username | default('undefined') }}"
+      database_password: "{{ database_password | default('undefined') }}"
+  when: enable_debug | bool
+
+- name: "fail if not all required database variables are defined"
+  fail:
+    msg: "You must define all of the following variables: database_instance, database_name, database_username, database_password"
+  when: >
+    (database_instance is defined or
+     database_name is defined or
+     database_username is defined or
+     database_password is defined) and not
+    (database_instance is defined and
+     database_name is defined and
+     database_username is defined and
+     database_password is defined)
+
+- name: "seed database values in directory {{ backup_docker_to_local_folder }}"
+  command: >
+    python database_entry_seeder.py databases.csv
+    "{{ database_instance }}"
+    "{{ database_name }}"
+    "{{ database_username }}"
+    "{{ database_password }}"
+  args:
+    chdir: "{{ backup_docker_to_local_folder }}"
+  when:
+    - database_instance is defined
+    - database_name is defined
+    - database_username is defined
+    - database_password is defined
+
+- name: Set file permissions for databases.csv to be readable, writable, and executable by root only
+  ansible.builtin.file:
+    path: "{{ backup_docker_to_local_folder }}databases.csv"
+    mode: '0700'
+    owner: root
+    group: root
+  when: >
+    (database_instance is defined and
+    database_name is defined and
+    database_username is defined and
+    database_password is defined) and
+    run_once_bkp_docker_to_local_file_permission is not defined
+  register: file_permission_result
+
+- name: run the backup_docker_to_local_file_permission tasks once
+  set_fact:
+    run_once_bkp_docker_to_local_file_permission: true
+  when: run_once_bkp_docker_to_local_file_permission is not defined and file_permission_result is defined and file_permission_result.changed

roles/sys-bkp-docker-to-local/templates/sys-bkp-docker-to-local-everything.service.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=backup docker volumes to local folder
+OnFailure=sys-alm-compose.cymais@%n.service sys-cln-faild-bkps.cymais.service
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ')  }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'sys-bkp-docker-to-local') | join(' ') }} --timeout "{{system_maintenance_lock_timeout_backup_services}}"'
+ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --compose-dir {{path_docker_compose_instances}} --everything'
+ExecStartPost=/bin/sh -c '/bin/systemctl start sys-rpr-docker-soft.cymais.service &'

roles/sys-bkp-docker-to-local/templates/sys-bkp-docker-to-local.service.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=backup docker volumes to local folder
+OnFailure=sys-alm-compose.cymais@%n.service sys-cln-faild-bkps.cymais.service
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ')  }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'sys-bkp-docker-to-local-everything') | join(' ') }} --timeout "{{system_maintenance_lock_timeout_backup_services}}"'
+ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --compose-dir {{path_docker_compose_instances}}'
+ExecStartPost=/bin/sh -c '/bin/systemctl start sys-rpr-docker-soft.cymais.service &'

roles/sys-bkp-docker-to-local/vars/main.yml

@@ -0,0 +1,2 @@
+bkp_docker_to_local_pkg: backup-docker-to-local
+