From 4627d9031ced7c3ea03f5583b4a30889d59f1bd7 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Tue, 15 Jul 2025 17:25:19 +0200
Subject: [PATCH] Optimized svc-bkp-rmt-2-loc and moved conf into role config

---
 docs/analysis/Features.md                                   | 2 +-
 docs/guides/administrator/Readme.md                         | 2 +-
 roles/svc-bkp-rmt-2-loc/Administration.md                   | 6 +++---
 roles/svc-bkp-rmt-2-loc/config/main.yml                     | 1 +
 .../{sys-bkp-remote-to-local.sh => sys-bkp-rmt-2-loc.sh}    | 0
 roles/svc-bkp-rmt-2-loc/tasks/main.yml                      | 6 +++---
 ...o-local.sh.j2 => sys-bkp-rmt-2-loc-multi-provider.sh.j2} | 2 +-
 ...ote-to-local.service.j2 => sys-bkp-rmt-2-loc.service.j2} | 2 +-
 roles/svc-bkp-rmt-2-loc/vars/main.yml                       | 3 ++-
 9 files changed, 13 insertions(+), 11 deletions(-)
 create mode 100644 roles/svc-bkp-rmt-2-loc/config/main.yml
 rename roles/svc-bkp-rmt-2-loc/files/{sys-bkp-remote-to-local.sh => sys-bkp-rmt-2-loc.sh} (100%)
 rename roles/svc-bkp-rmt-2-loc/templates/{backups-remote-to-local.sh.j2 => sys-bkp-rmt-2-loc-multi-provider.sh.j2} (79%)
 rename roles/svc-bkp-rmt-2-loc/templates/{sys-bkp-remote-to-local.service.j2 => sys-bkp-rmt-2-loc.service.j2} (90%)

diff --git a/docs/analysis/Features.md b/docs/analysis/Features.md
index 6b0a6a3b..5e855379 100644
--- a/docs/analysis/Features.md
+++ b/docs/analysis/Features.md
@@ -15,7 +15,7 @@ Every business is unique, and so is CyMaIS! With a modular architecture, it adap
 With automated updates, system health checks, and security audits, CyMaIS ensures your infrastructure is always up-to-date and running smoothly. Roles such as `sys-hlth-docker-container`, `sys-hlth-btrfs`, and `sys-hlth-webserver` help monitor system integrity.
 
 ## Uncompromised Security 🔒
-Security is a top priority! CyMaIS includes robust security features like full-disk encryption recommendations, 2FA enforcement, encrypted server deployments (`web-app-keycloak`, `svc-db-openldap`), and secure backup solutions (`sys-bkp-remote-to-local`, `svc-bkp-loc-2-usb`).
+Security is a top priority! CyMaIS includes robust security features like full-disk encryption recommendations, 2FA enforcement, encrypted server deployments (`web-app-keycloak`, `svc-db-openldap`), and secure backup solutions (`sys-bkp-rmt-2-loc`, `svc-bkp-loc-2-usb`).
 
 ## User-Friendly with Expert Support 👩‍💻
 No need to be a Linux or Docker expert! CyMaIS simplifies deployment with intuitive role-based automation. Documentation and community support make IT administration accessible to all experience levels.
diff --git a/docs/guides/administrator/Readme.md b/docs/guides/administrator/Readme.md
index 6f750797..3ef94aba 100644
--- a/docs/guides/administrator/Readme.md
+++ b/docs/guides/administrator/Readme.md
@@ -10,7 +10,7 @@ Follow these guides to install and configure CyMaIS:
 
 ## Key Responsibilities 🔧
 - **User Management** - Configure LDAP, Keycloak, and user permissions.
-- **Security & Backups** - Set up `sys-bkp-remote-to-local`, `svc-bkp-loc-2-usb`, and `core-security` roles.
+- **Security & Backups** - Set up `sys-bkp-rmt-2-loc`, `svc-bkp-loc-2-usb`, and `core-security` roles.
 - **Application Hosting** - Deploy services like `Nextcloud`, `Matrix`, `Gitea`, and more.
 - **Networking & VPN** - Configure `WireGuard`, `OpenVPN`, and `Nginx Reverse Proxy`.
 
diff --git a/roles/svc-bkp-rmt-2-loc/Administration.md b/roles/svc-bkp-rmt-2-loc/Administration.md
index b42e49d4..08ce87c9 100644
--- a/roles/svc-bkp-rmt-2-loc/Administration.md
+++ b/roles/svc-bkp-rmt-2-loc/Administration.md
@@ -9,17 +9,17 @@ To track what the service is doing, execute one of the following commands:
 #### Using systemctl
 
 ```bash
-watch -n2 "systemctl status sys-bkp-remote-to-local.cymais.service"
+watch -n2 "systemctl status sys-bkp-rmt-2-loc.cymais.service"
 ```
 
 #### Using journalctl
 
 ```bash
-journalctl -fu sys-bkp-remote-to-local.cymais.service
+journalctl -fu sys-bkp-rmt-2-loc.cymais.service
 ```
 
 ### Viewing History
 
 ```bash
-sudo journalctl -u sys-bkp-remote-to-local.cymais.service
+sudo journalctl -u sys-bkp-rmt-2-loc.cymais.service
 ```
\ No newline at end of file
diff --git a/roles/svc-bkp-rmt-2-loc/config/main.yml b/roles/svc-bkp-rmt-2-loc/config/main.yml
new file mode 100644
index 00000000..d841890c
--- /dev/null
+++ b/roles/svc-bkp-rmt-2-loc/config/main.yml
@@ -0,0 +1 @@
+backup_providers:  [] # List of providers to pull the backups from
\ No newline at end of file
diff --git a/roles/svc-bkp-rmt-2-loc/files/sys-bkp-remote-to-local.sh b/roles/svc-bkp-rmt-2-loc/files/sys-bkp-rmt-2-loc.sh
similarity index 100%
rename from roles/svc-bkp-rmt-2-loc/files/sys-bkp-remote-to-local.sh
rename to roles/svc-bkp-rmt-2-loc/files/sys-bkp-rmt-2-loc.sh
diff --git a/roles/svc-bkp-rmt-2-loc/tasks/main.yml b/roles/svc-bkp-rmt-2-loc/tasks/main.yml
index 7f10dc37..7515ac78 100644
--- a/roles/svc-bkp-rmt-2-loc/tasks/main.yml
+++ b/roles/svc-bkp-rmt-2-loc/tasks/main.yml
@@ -16,10 +16,10 @@
     dest: /etc/systemd/system/svc-bkp-rmt-2-loc.cymais.service
   notify: reload svc-bkp-rmt-2-loc service
 
-- name: create backups-remote-to-local.sh
+- name: create sys-bkp-rmt-2-loc-multi-provider.sh
   template: 
-    src: backups-remote-to-local.sh.j2 
-    dest: "{{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh"
+    src: sys-bkp-rmt-2-loc-multi-provider.sh.j2 
+    dest: "{{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh"
     mode: 0755
 
 - name: "set 'service_name' to '{{ role_name }}'"
diff --git a/roles/svc-bkp-rmt-2-loc/templates/backups-remote-to-local.sh.j2 b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc-multi-provider.sh.j2
similarity index 79%
rename from roles/svc-bkp-rmt-2-loc/templates/backups-remote-to-local.sh.j2
rename to roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc-multi-provider.sh.j2
index 0a3821a3..8aa0b756 100644
--- a/roles/svc-bkp-rmt-2-loc/templates/backups-remote-to-local.sh.j2
+++ b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc-multi-provider.sh.j2
@@ -1,6 +1,6 @@
 #!/bin/bash
 # Pulls the remote backups from multiple hosts
-hosts="{{ pull_remote_backups | join(' ') }}";
+hosts="{{ rmt2loc_backup_providers | join(' ') }}";
 errors=0
 for host in $hosts; do
   bash {{ docker_backup_remote_to_local_folder }}svc-bkp-rmt-2-loc.sh $host || ((errors+=1));
diff --git a/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-remote-to-local.service.j2 b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2
similarity index 90%
rename from roles/svc-bkp-rmt-2-loc/templates/sys-bkp-remote-to-local.service.j2
rename to roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2
index af799e6b..53f57d66 100644
--- a/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-remote-to-local.service.j2
+++ b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2
@@ -5,4 +5,4 @@ OnFailure=sys-alm-compose.cymais@%n.service sys-cln-faild-bkps.cymais.service
 [Service]
 Type=oneshot
 ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ')  }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{system_maintenance_lock_timeout_backup_services}}"'
-ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh'
+ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh'
diff --git a/roles/svc-bkp-rmt-2-loc/vars/main.yml b/roles/svc-bkp-rmt-2-loc/vars/main.yml
index f44e5744..53b09563 100644
--- a/roles/svc-bkp-rmt-2-loc/vars/main.yml
+++ b/roles/svc-bkp-rmt-2-loc/vars/main.yml
@@ -1,2 +1,3 @@
-docker_backup_remote_to_local_folder: '{{path_administrator_scripts}}svc-bkp-rmt-2-loc/'
 application_id: svc-bkp-rmt-2-loc
+docker_backup_remote_to_local_folder: '{{ path_administrator_scripts }}{{ application_id }}/'
+rmt2loc_backup_providers: "{{ applications | get_app_conf(application_id, 'backup_providers')  }}"
\ No newline at end of file