feat(sys-service): migrate cleanup/backup services to generic units; harden disk-space cleanup

Services: add SYS_SERVICE_CLEANUP_BACKUPS and SYS_SERVICE_CLEANUP_DISC_SPACE in group vars. sys-ctl-bkp-docker-2-loc: switch to sys-service; add ExecStartPre lock; ExecStartPost triggers backup cleanup; OnFailure → cleanup-failed; fix shell quoting. sys-ctl-cln-bkps: switch to sys-service; pass CLI args via ExecStart; add ExecStartPre lock; set OnFailure; copy files; remove role-specific service template. sys-ctl-cln-disc-space: switch to sys-service; enable timer; set OnFailure; provide ExecStart/ExecStartPre; copy files; remove role-specific service template. script.sh (disc-space): non-interactive docker exec; consistent threshold message (use parameter); guard docker/pacman via command checks; robust container check; fix typo; use POSIX '='. svc-opt-keyboard-color: minor formatting cleanup. sys-ctl-hlth-disc-space: chain OnFailure to cleanup-disc-space service. Context: ChatGPT conversation (Sep 10, 2025, Europe/Berlin) — https://chatgpt.com/share/68c1982e-bdc8-800f-bf13-a8b9f084f90e
2025-09-11 21:07:16 +02:00 · 2025-09-10 17:24:56 +02:00
parent 79c623d8db
commit 91ce097a0a
10 changed files with 39 additions and 46 deletions
--- a/group_vars/all/07_services.yml
+++ b/group_vars/all/07_services.yml
@@ -5,8 +5,10 @@
 SYS_SERVICE_SUFFIX:                     ".{{ SOFTWARE_NAME | lower }}.service"
 ## Names
 SYS_SERVICE_CLEANUP_BACKUPS:            "{{ 'sys-ctl-cln-bkps'          | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_CLEANUP_BACKUPS_FAILED:     "{{ 'sys-ctl-cln-faild-bkps'    | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_CLEANUP_ANONYMOUS_VOLUMES:  "{{ 'sys-ctl-cln-anon-volumes'  | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_CLEANUP_DISC_SPACE:         "{{ 'sys-ctl-cln-disc-space'    | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_OPTIMIZE_DRIVE:             "{{ 'svc-opt-ssd-hdd'           | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_BACKUP_RMT_2_LOC:           "{{ 'svc-bkp-rmt-2-loc'         | get_service_name(SOFTWARE_NAME) }}"
 SYS_SERVICE_BACKUP_DOCKER_2_LOC:        "{{ 'sys-ctl-bkp-docker-2-loc'  | get_service_name(SOFTWARE_NAME) }}"
--- a/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml
+++ b/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml
@@ -21,3 +21,7 @@
    system_service_copy_files:          false
    system_service_timer_enabled:       true
    system_service_on_calendar:         "{{ SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL }}"
    system_service_tpl_exec_start_pre:  '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ")  }} --ignore {{ SYS_SERVICE_BACKUP_DOCKER_2_LOC }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
    system_service_tpl_exec_start:      "/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}'"
    system_service_tpl_on_failure:      "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }}"
    system_service_tpl_exec_start_post: "/usr/bin/systemctl start {{ SYS_SERVICE_CLEANUP_BACKUPS }}"
--- a/roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2
+++ b/roles/sys-ctl-bkp-docker-2-loc/templates/systemctl.service.j2
@@ -1,8 +0,0 @@
 [Unit]
 Description=backup docker volumes to local folder
 OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_BACKUPS_FAILED }}
 [Service]
 Type=oneshot
 ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_BACKUP_DOCKER_2_LOC }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"
 ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}'
--- a/roles/sys-ctl-cln-bkps/tasks/01_core.yml
+++ b/roles/sys-ctl-cln-bkps/tasks/01_core.yml
@@ -15,3 +15,8 @@
 - include_role:
    name: sys-service
  vars:
    system_service_tpl_on_failure:      "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}"
    system_service_tpl_exec_start:      "{{ system_service_script_exec }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{SIZE_PERCENT_MAXIMUM_BACKUP}}"
    system_service_tpl_exec_start_pre:  '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ")  }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(" ") }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
    system_service_copy_files:          true
--- a/roles/sys-ctl-cln-bkps/templates/systemctl.service.j2
+++ b/roles/sys-ctl-cln-bkps/templates/systemctl.service.j2
@@ -1,8 +0,0 @@
 [Unit]
 Description=delete old backups
 OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
 [Service]
 Type=oneshot
 ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"
 ExecStart={{ system_service_script_exec }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{SIZE_PERCENT_MAXIMUM_BACKUP}}
--- a/roles/sys-ctl-cln-disc-space/tasks/01_core.yml
+++ b/roles/sys-ctl-cln-disc-space/tasks/01_core.yml
@@ -9,4 +9,8 @@
    name: sys-service
  vars:
    system_service_timer_enabled:       true
-    system_service_on_calendar: "{{SYS_SCHEDULE_CLEANUP_DISC_SPACE}}"
+    system_service_copy_files:          true
    system_service_on_calendar:         "{{ SYS_SCHEDULE_CLEANUP_DISC_SPACE }}"
    system_service_tpl_on_failure:      "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}"
    system_service_tpl_exec_start:      "{{ system_service_script_exec }} {{ SIZE_PERCENT_CLEANUP_DISC_SPACE }}"
    system_service_tpl_exec_start_pre:  '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(" ")  }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(" ") }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"'
--- a/roles/sys-ctl-cln-disc-space/templates/script.sh.j2
+++ b/roles/sys-ctl-cln-disc-space/templates/script.sh.j2
@@ -6,7 +6,7 @@ minimum_percent_cleanup_disc_space="$1"
 force_freeing=false
 echo "Checking free disc space..."
 df
-if [ $# -gt 0 ] && [ "$2" == "--force" ]; then
+if [ $# -gt 0 ] && [ "$2" = "--force" ]; then
  echo "Forcing disc space freeing."
  force_freeing=true 
 fi 
@@ -14,7 +14,7 @@ for disc_use_percent in $(df --output=pcent | sed 1d)
 do
    disc_use_percent_number=$(echo "$disc_use_percent" | sed "s/%//")
    if [ "$disc_use_percent_number" -gt "$minimum_percent_cleanup_disc_space" ]; then
-      echo "WARNING: $disc_use_percent_number exceeds the limit of {{SIZE_PERCENT_DISC_SPACE_WARNING}}%."
+      echo "WARNING: ${disc_use_percent_number}% exceeds the limit of ${minimum_percent_cleanup_disc_space}%."
      force_freeing=true 
    fi
 done
@@ -24,29 +24,31 @@ if [ "$force_freeing" = true ]; then
  {% if BACKUPS_FOLDER_PATH is defined and SIZE_PERCENT_MAXIMUM_BACKUP is defined %}
  echo "cleaning up backups" &&
-  python {{ 'sys-ctl-cln-bkps' | get_service_script_path('sh') }} --backups-folder-path {{ BACKUPS_FOLDER_PATH }} --maximum-backup-size-percent {{ SIZE_PERCENT_MAXIMUM_BACKUP }} || exit 2
+  systemctl start {{ SYS_SERVICE_CLEANUP_BACKUPS }} || exit 2
  {% endif %}
-  if pacman -Qs $package > /dev/null ; then
+  if command -v docker >/dev/null 2>&1 ; then
    echo "cleaning up docker" &&
    docker system prune -f || exit 3
-    nextcloud_application_container="{{ applications | get_app_conf('web-app-nextcloud', 'docker.services.nextcloud.name', True) }}"
+    nextcloud_application_container="{{ applications | get_app_conf('web-app-nextcloud', 'docker.services.nextcloud.name') }}"
-    if [ "$(docker ps -a -q -f name=$nextcloud_application_container)" ] ; then
+    if [ -n "$nextcloud_application_container" ] && [ "$(docker ps -a -q -f name=$nextcloud_application_container)" ] ; then
      echo "cleaning up docker nextcloud" &&
-      docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ files:cleanup || exit 4
+      docker exec -u www-data $nextcloud_application_container /var/www/html/occ files:cleanup || exit 4
-      docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ trashbin:cleanup --all-users || exit 5
+      docker exec -u www-data $nextcloud_application_container /var/www/html/occ trashbin:cleanup --all-users || exit 5
-      docker exec -it -u www-data $nextcloud_application_container /var/www/html/occ versions:cleanup || exit 6
+      docker exec -u www-data $nextcloud_application_container /var/www/html/occ versions:cleanup || exit 6
    fi
  fi
  if command -v pacman >/dev/null 2>&1 ; then
    echo "cleaning pacman cache" &&
    yes | pacman -Sc || exit 7
  fi
  echo "cleanup finished."
 else
-  echo "Sufficiend disc space available."
+  echo "Sufficient disc space available."
  echo "To force the freeing of disc space pass the parameter --force."
 fi
 exit 0
--- a/roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2
+++ b/roles/sys-ctl-cln-disc-space/templates/systemctl.service.j2
@@ -1,8 +0,0 @@
 [Unit]
 Description=freeing disc space
 OnFailure={{ SYS_SERVICE_ON_FAILURE_COMPOSE }}
 [Service]
 Type=oneshot
 ExecStartPre=/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ')  }} --ignore {{ SYS_SERVICE_GROUP_CLEANUP | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"
 ExecStart={{ system_service_script_exec }} {{ SIZE_PERCENT_CLEANUP_DISC_SPACE }}
--- a/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml
+++ b/roles/sys-ctl-hlth-disc-space/tasks/01_core.yml
@@ -8,4 +8,4 @@
  vars:
    system_service_on_calendar:    "{{ SYS_SCHEDULE_HEALTH_DISC_SPACE }}"
    system_service_timer_enabled:  true
-    system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}"
+    system_service_tpl_on_failure: "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }} {{ SYS_SERVICE_CLEANUP_DISC_SPACE }}"