From 91ce097a0abd9fe9aada541bc7500fb82886bf34 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 10 Sep 2025 17:24:56 +0200 Subject: [PATCH] feat(sys-service): migrate cleanup/backup services to generic units; harden disk-space cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Services: add SYS_SERVICE_CLEANUP_BACKUPS and SYS_SERVICE_CLEANUP_DISC_SPACE in group vars. sys-ctl-bkp-docker-2-loc: switch to sys-service; add ExecStartPre lock; ExecStartPost triggers backup cleanup; OnFailure → cleanup-failed; fix shell quoting. sys-ctl-cln-bkps: switch to sys-service; pass CLI args via ExecStart; add ExecStartPre lock; set OnFailure; copy files; remove role-specific service template. sys-ctl-cln-disc-space: switch to sys-service; enable timer; set OnFailure; provide ExecStart/ExecStartPre; copy files; remove role-specific service template. script.sh (disc-space): non-interactive docker exec; consistent threshold message (use parameter); guard docker/pacman via command checks; robust container check; fix typo; use POSIX '='. svc-opt-keyboard-color: minor formatting cleanup. sys-ctl-hlth-disc-space: chain OnFailure to cleanup-disc-space service. Context: ChatGPT conversation (Sep 10, 2025, Europe/Berlin) — https://chatgpt.com/share/68c1982e-bdc8-800f-bf13-a8b9f084f90e --- group_vars/all/07_services.yml | 2 ++ .../svc-opt-keyboard-color/tasks/01_core.yml | 6 ++--- .../tasks/01_core.yml | 10 ++++--- .../templates/systemctl.service.j2 | 8 ------ roles/sys-ctl-cln-bkps/tasks/01_core.yml | 7 ++++- .../templates/systemctl.service.j2 | 8 ------ .../sys-ctl-cln-disc-space/tasks/01_core.yml | 8 ++++-- .../templates/script.sh.j2 | 26 ++++++++++--------- .../templates/systemctl.service.j2 | 8 ------ .../sys-ctl-hlth-disc-space/tasks/01_core.yml | 2 +- 10 files changed, 39 insertions(+), 46 deletions(-) delete mode 100644 roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2 delete mode 100644 roles/sys-ctl-cln-bkps/templates/systemctl.service.j2 delete mode 100644 roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2 diff --git a/group_vars/all/07_services.yml b/group_vars/all/07_services.yml index deff8163..3efb7cce 100644 --- a/group_vars/all/07_services.yml +++ b/group_vars/all/07_services.yml @@ -5,8 +5,10 @@ SYS_SERVICE_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.service" ## Names +SYS_SERVICE_CLEANUP_BACKUPS: "{{ 'sys-ctl-cln-bkps' | get_service_name(SOFTWARE_NAME) }}" SYS_SERVICE_CLEANUP_BACKUPS_FAILED: "{{ 'sys-ctl-cln-faild-bkps' | get_service_name(SOFTWARE_NAME) }}" SYS_SERVICE_CLEANUP_ANONYMOUS_VOLUMES: "{{ 'sys-ctl-cln-anon-volumes' | get_service_name(SOFTWARE_NAME) }}" +SYS_SERVICE_CLEANUP_DISC_SPACE: "{{ 'sys-ctl-cln-disc-space' | get_service_name(SOFTWARE_NAME) }}" SYS_SERVICE_OPTIMIZE_DRIVE: "{{ 'svc-opt-ssd-hdd' | get_service_name(SOFTWARE_NAME) }}" SYS_SERVICE_BACKUP_RMT_2_LOC: "{{ 'svc-bkp-rmt-2-loc' | get_service_name(SOFTWARE_NAME) }}" SYS_SERVICE_BACKUP_DOCKER_2_LOC: "{{ 'sys-ctl-bkp-docker-2-loc' | get_service_name(SOFTWARE_NAME) }}" diff --git a/roles/svc-opt-keyboard-color/tasks/01_core.yml b/roles/svc-opt-keyboard-color/tasks/01_core.yml index 7df209b0..c127fe98 100644 --- a/roles/svc-opt-keyboard-color/tasks/01_core.yml +++ b/roles/svc-opt-keyboard-color/tasks/01_core.yml @@ -13,6 +13,6 @@ - include_role: name: sys-service vars: - system_service_on_calendar: "{{ SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR }}" - system_service_timer_enabled: true - persistent: true + system_service_on_calendar: "{{ SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR }}" + system_service_timer_enabled: true + persistent: true diff --git a/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml index fa609751..1273252c 100644 --- a/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml +++ b/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml @@ -18,6 +18,10 @@ include_role: name: sys-service vars: - system_service_copy_files: false - system_service_timer_enabled: true - system_service_on_calendar: "{{ SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL }}" + system_service_copy_files: false + system_service_timer_enabled: true + system_service_on_calendar: "{{ SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL }}" + system_service_tpl_exec_start_pre: '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ") }} --ignore {{ SYS_SERVICE_BACKUP_DOCKER_2_LOC }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' + system_service_tpl_exec_start: "/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}'" + system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }}" + system_service_tpl_exec_start_post: "/usr/bin/systemctl start {{ SYS_SERVICE_CLEANUP_BACKUPS }}" diff --git a/roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2 b/roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2 deleted file mode 100644 index 02532729..00000000 --- a/roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=backup docker volumes to local folder -OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }} - -[Service] -Type=oneshot -ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{ SYS_SERVICE_BACKUP_DOCKER_2_LOC }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}" -ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}' diff --git a/roles/sys-ctl-cln-bkps/tasks/01_core.yml b/roles/sys-ctl-cln-bkps/tasks/01_core.yml index c3536c1d..022bbcac 100644 --- a/roles/sys-ctl-cln-bkps/tasks/01_core.yml +++ b/roles/sys-ctl-cln-bkps/tasks/01_core.yml @@ -14,4 +14,9 @@ state: present - include_role: - name: sys-service \ No newline at end of file + name: sys-service + vars: + system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}" + system_service_tpl_exec_start: "{{ system_service_script_exec }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{SIZE_PERCENT_MAXIMUM_BACKUP}}" + system_service_tpl_exec_start_pre: '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ") }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(" ") }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' + system_service_copy_files: true \ No newline at end of file diff --git a/roles/sys-ctl-cln-bkps/templates/systemctl.service.j2 b/roles/sys-ctl-cln-bkps/templates/systemctl.service.j2 deleted file mode 100644 index 8b9b1253..00000000 --- a/roles/sys-ctl-cln-bkps/templates/systemctl.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=delete old backups -OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} - -[Service] -Type=oneshot -ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}" -ExecStart={{ system_service_script_exec }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{SIZE_PERCENT_MAXIMUM_BACKUP}} \ No newline at end of file diff --git a/roles/sys-ctl-cln-disc-space/tasks/01_core.yml b/roles/sys-ctl-cln-disc-space/tasks/01_core.yml index aedd1991..c01aa990 100644 --- a/roles/sys-ctl-cln-disc-space/tasks/01_core.yml +++ b/roles/sys-ctl-cln-disc-space/tasks/01_core.yml @@ -8,5 +8,9 @@ - include_role: name: sys-service vars: - system_service_timer_enabled: true - system_service_on_calendar: "{{SYS_SCHEDULE_CLEANUP_DISC_SPACE}}" \ No newline at end of file + system_service_timer_enabled: true + system_service_copy_files: true + system_service_on_calendar: "{{ SYS_SCHEDULE_CLEANUP_DISC_SPACE }}" + system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}" + system_service_tpl_exec_start: "{{ system_service_script_exec }} {{ SIZE_PERCENT_CLEANUP_DISC_SPACE }}" + system_service_tpl_exec_start_pre: '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ") }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(" ") }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' diff --git a/roles/sys-ctl-cln-disc-space/templates/script.sh.j2 b/roles/sys-ctl-cln-disc-space/templates/script.sh.j2 index a9243574..78d0e5bb 100644 --- a/roles/sys-ctl-cln-disc-space/templates/script.sh.j2 +++ b/roles/sys-ctl-cln-disc-space/templates/script.sh.j2 @@ -6,7 +6,7 @@ minimum_percent_cleanup_disc_space="$1" force_freeing=false echo "Checking free disc space..." df -if [ $# -gt 0 ] && [ "$2" == "--force" ]; then +if [ $# -gt 0 ] && [ "$2" = "--force" ]; then echo "Forcing disc space freeing." force_freeing=true fi @@ -14,7 +14,7 @@ for disc_use_percent in $(df --output=pcent | sed 1d) do disc_use_percent_number=$(echo "$disc_use_percent" | sed "s/%//") if [ "$disc_use_percent_number" -gt "$minimum_percent_cleanup_disc_space" ]; then - echo "WARNING: $disc_use_percent_number exceeds the limit of {{SIZE_PERCENT_DISC_SPACE_WARNING}}%." + echo "WARNING: ${disc_use_percent_number}% exceeds the limit of ${minimum_percent_cleanup_disc_space}%." force_freeing=true fi done @@ -24,29 +24,31 @@ if [ "$force_freeing" = true ]; then {% if BACKUPS_FOLDER_PATH is defined and SIZE_PERCENT_MAXIMUM_BACKUP is defined %} echo "cleaning up backups" && - python {{ 'sys-ctl-cln-bkps' | get_service_script_path('sh') }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{ SIZE_PERCENT_MAXIMUM_BACKUP }} || exit 2 + systemctl start {{ SYS_SERVICE_CLEANUP_BACKUPS }} || exit 2 {% endif %} - if pacman -Qs $package > /dev/null ; then + if command -v docker >/dev/null 2>&1 ; then echo "cleaning up docker" && docker system prune -f || exit 3 - nextcloud_application_container="{{ applications | get_app_conf('web-app-nextcloud', 'docker.services.nextcloud.name', True) }}" - if [ "$(docker ps -a -q -f name=$nextcloud_application_container)" ] ; then + nextcloud_application_container="{{ applications | get_app_conf('web-app-nextcloud', 'docker.services.nextcloud.name') }}" + if [ -n "$nextcloud_application_container" ] && [ "$(docker ps -a -q -f name=$nextcloud_application_container)" ] ; then echo "cleaning up docker nextcloud" && - docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ files:cleanup || exit 4 - docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ trashbin:cleanup --all-users || exit 5 - docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ versions:cleanup || exit 6 + docker exec -u www-data $nextcloud_application_container /var/www/html/occ files:cleanup || exit 4 + docker exec -u www-data $nextcloud_application_container /var/www/html/occ trashbin:cleanup --all-users || exit 5 + docker exec -u www-data $nextcloud_application_container /var/www/html/occ versions:cleanup || exit 6 fi fi - echo "cleaning pacman cache" && - yes | pacman -Sc || exit 7 + if command -v pacman >/dev/null 2>&1 ; then + echo "cleaning pacman cache" && + yes | pacman -Sc || exit 7 + fi echo "cleanup finished." else - echo "Sufficiend disc space available." + echo "Sufficient disc space available." echo "To force the freeing of disc space pass the parameter --force." fi exit 0 \ No newline at end of file diff --git a/roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2 b/roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2 deleted file mode 100644 index 34f004c7..00000000 --- a/roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=freeing disc space -OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} - -[Service] -Type=oneshot -ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}" -ExecStart={{ system_service_script_exec }} {{ SIZE_PERCENT_CLEANUP_DISC_SPACE }} \ No newline at end of file diff --git a/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml b/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml index d7779a68..11da1149 100644 --- a/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml +++ b/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml @@ -8,4 +8,4 @@ vars: system_service_on_calendar: "{{ SYS_SCHEDULE_HEALTH_DISC_SPACE }}" system_service_timer_enabled: true - system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}" \ No newline at end of file + system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_DISC_SPACE }}" \ No newline at end of file