Merged client playbook and server playbook

2025-10-31 10:19:09 +00:00 · 2023-04-18 14:52:43 +02:00
parent 2c76f99dd1
commit ec0dbee7bb
341 changed files with 153 additions and 811 deletions
--- a/roles/server_native-pull-primary-backups/README.md
+++ b/roles/server_native-pull-primary-backups/README.md
@@ -0,0 +1,34 @@
+# role native-pull-primary-backups
+
+## goal
+This script allows to pull backups from a remote server.
+
+## scheme
+It is part of the following scheme:
+![backup scheme](https://www.veen.world/wp-content/uploads/2020/12/server-backup-768x567.jpg) <br />
+Further information you will find [in this blog post](https://www.veen.world/2020/12/26/how-i-backup-dedicated-root-servers/).
+
+## debug
+
+### live
+To track what the service is doing execute one of the following commands:
+
+#### systemctl
+```bash
+  watch -n2 "systemctl status pull-remote-backups.service"
+```
+
+#### journalctl
+```bash
+  journalctl -fu pull-remote-backups.service
+```  
+
+### history
+```bash
+  sudo journalctl -u pull-remote-backups
+```
+
+## see
+- https://superuser.com/questions/363444/how-do-i-get-the-output-and-exit-value-of-a-subshell-when-using-bash-e
+- https://gist.github.com/otkrsk/b0ffd4018e8a79b9010c461af298471e
+- https://serverfault.com/questions/304125/rsync-seems-incompatible-with-bashrc-causes-is-your-shell-clean
--- a/roles/server_native-pull-primary-backups/files/pull-remote-backup.sh
+++ b/roles/server_native-pull-primary-backups/files/pull-remote-backup.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+# @param $1 hostname from which backup should be pulled
+
+echo "pulling backups from: $1"
+
+# error counter
+errors=0
+
+echo "loading meta data..."
+
+remote_host="backup@$1"
+echo "host address:         $remote_host"
+
+remote_machine_id="$( (ssh "$remote_host" sha256sum /etc/machine-id) | head -c 64 )" || exit 1
+echo "remote machine id:    $remote_machine_id"
+
+general_backup_machine_dir="/Backups/$remote_machine_id/"
+echo "backup dir:           $general_backup_machine_dir"
+
+remote_backup_types="$(ssh "$remote_host" "find $general_backup_machine_dir -maxdepth 1 -type d -execdir basename {} ;")" || exit 1
+echo "backuptypes:          $remote_backup_types"
+
+for backup_type in $remote_backup_types; do
+  if [ "$backup_type" != "$remote_machine_id" ]; then
+    general_backup_type_dir="$general_backup_machine_dir""$backup_type/"
+    # folder which contains versions
+    general_versions_dir="$general_backup_type_dir""versions/"
+    # link name of last backup
+    general_latest_version_link="$general_backup_type_dir""latest"
+    
+    # this folder contains the last backup
+    local_latest_version_dir="$general_versions_dir$(date '+%Y%m%d%H%M%S')/"
+    # this is the link name of the previous version
+    local_previous_version_link="$general_backup_type_dir""previous"
+
+    #identifiy previous version
+    local_versions=( $(basename -a "$general_versions_dir"*/ | sort) )|| exit 1
+    local_last_version="${local_versions[-1]}" || exit 1
+    local_previous_version_dir="$general_versions_dir""$local_last_version/"
+
+    # source path of the backup files:
+    remote_last_version_dir="$(ssh "$remote_host" readlink -f $general_latest_version_link)"
+    echo "last remote backup: $remote_last_version_dir"
+    remote_source_path="$remote_host:$remote_last_version_dir/"
+    echo "source path:        $remote_source_path"
+
+    # create working folders:
+    mkdir -vp "$local_latest_version_dir"
+
+    # delete links
+    rm -v "$general_latest_version_link"
+    rm -v "$local_previous_version_link"
+
+    # create links
+    ln -vs "$local_latest_version_dir" "$general_latest_version_link" || exit 1
+    ln -vs "$local_previous_version_dir" "$local_previous_version_link" || exit 1
+
+    # do backup:
+    rsync_command='rsync -abP --delete --delete-excluded --rsync-path="sudo rsync" --link-dest="'$local_previous_version_link'" "'$remote_source_path'" "'$general_latest_version_link'"'
+    echo "executing: $rsync_command"
+    eval "$rsync_command" || ((errors+=1));
+  fi
+done
+exit $errors;
--- a/roles/server_native-pull-primary-backups/handlers/main.yml
+++ b/roles/server_native-pull-primary-backups/handlers/main.yml
@@ -0,0 +1,12 @@
+- name: "reload pull-remote-backups service"
+  systemd:
+    name: pull-remote-backups.service
+    state: reloaded
+    enabled: yes
+    daemon_reload: yes
+- name: "restart pull-remote-backups timer"
+  systemd:
+    name: pull-remote-backups.timer
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
--- a/roles/server_native-pull-primary-backups/meta/main.yml
+++ b/roles/server_native-pull-primary-backups/meta/main.yml
@@ -0,0 +1,4 @@
+dependencies:
+  - native-git
+  - native-systemd-email
+  - native-backups-cleanup
--- a/roles/server_native-pull-primary-backups/tasks/main.yml
+++ b/roles/server_native-pull-primary-backups/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: "create {{docker_pull_primary_backups_folder}}"
+  file:
+    path: "{{docker_pull_primary_backups_folder}}"
+    state: directory
+    mode: 0755
+
+- name: create pull-remote-backup.sh
+  copy:
+    src: pull-remote-backup.sh
+    dest: "{{docker_pull_primary_backups_folder}}pull-remote-backup.sh"
+    mode: 0755
+
+- name: create pull-remote-backups.service
+  template: src=pull-remote-backups.service.j2 dest=/etc/systemd/system/pull-remote-backups.service
+  notify: reload pull-remote-backups service
+
+- name: create pull-remote-backups.timer
+  template: src=pull-remote-backups.timer.j2 dest=/etc/systemd/system/pull-remote-backups.timer
+  notify: restart pull-remote-backups timer
+
+- name: create pull-remote-backups.sh
+  template: 
+    src: pull-remote-backups.sh.j2 
+    dest: "{{docker_pull_primary_backups_folder}}pull-remote-backups.sh"
+    mode: 0755
+
--- a/roles/server_native-pull-primary-backups/templates/pull-remote-backups.service.j2
+++ b/roles/server_native-pull-primary-backups/templates/pull-remote-backups.service.j2
@@ -0,0 +1,7 @@
+[Unit]
+Description=pull remote backups
+OnFailure=systemd-email@%n.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/bash {{docker_pull_primary_backups_folder}}pull-remote-backups.sh
--- a/roles/server_native-pull-primary-backups/templates/pull-remote-backups.sh.j2
+++ b/roles/server_native-pull-primary-backups/templates/pull-remote-backups.sh.j2
@@ -0,0 +1,8 @@
+#!/bin/bash
+# Pulls the remote backups from multiple hosts
+hosts="{{pull_remote_backups_hosts}}";
+errors=0
+for host in $hosts; do
+  bash {{docker_pull_primary_backups_folder}}pull-remote-backup.sh $host || ((errors+=1));
+done;
+exit $errors;
--- a/roles/server_native-pull-primary-backups/templates/pull-remote-backups.timer.j2
+++ b/roles/server_native-pull-primary-backups/templates/pull-remote-backups.timer.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=starts pull remote backup timer
+
+[Timer]
+OnCalendar={{on_calendar_pull_primary_backups}}
+RandomizedDelaySec={{randomized_delay_sec}}
+Persistent=false
+
+[Install]
+WantedBy=timers.target
--- a/roles/server_native-pull-primary-backups/vars/main.yml
+++ b/roles/server_native-pull-primary-backups/vars/main.yml
@@ -0,0 +1 @@
+docker_pull_primary_backups_folder: "/home/administrator/scripts/pull-primary-backups/"
				`@@ -0,0 +1 @@`
				`docker_pull_primary_backups_folder: "/home/administrator/scripts/pull-primary-backups/"`