mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-15 16:40:45 +02:00

History

ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup

Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
  * kcadm login with no_log protection,
  * fetch LDAP UserStorage component by name,
  * compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).

Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}

https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239

2025-08-13 02:20:38 +02:00

config

Optimized svc-bkp-rmt-2-loc and moved conf into role config

2025-07-15 17:25:19 +02:00

files

Optimized svc-bkp-rmt-2-loc and moved conf into role config

2025-07-15 17:25:19 +02:00

handlers

Renamed cymais to infinito and did some other optimations and logout implementations

2025-07-29 16:35:42 +02:00

README.md

Backup Remote to Local

Description

This role pulls backups from a remote server and stores them locally using rsync with retry logic. It is designed to retrieve remote backup data and integrate with your overall backup scheme.

Overview

Optimized for Archlinux, this role is a key component of a comprehensive backup system. It works in conjunction with other roles to ensure that backup data is collected, verified, and maintained. The role uses a Bash script to pull backups, manage remote connections, and handle incremental backup creation.

Purpose

Backup Remote to Local is a robust solution for retrieving backup data from remote servers. By leveraging rsync, it creates incremental backups that support both file and database recovery. This ensures the integrity and security of your backup data across distributed environments.

Features

Remote Backup Retrieval: Pulls backups from a remote server using secure SSH connections.
Incremental Backup with rsync: Uses rsync with options for archive, backup, and hard linking to efficiently manage changes.
Retry Logic: Implements a retry mechanism to handle transient network issues or remote errors.
Integration with Other Roles: Works alongside roles like sys-bkp-directory-validator, sys-cln-faild-bkps, sys-timer, sys-bkp-provider, and sys-lock.
Administrative Debugging: Detailed debug instructions and administrative tasks are provided in a separate file.

Other Resources

Backup Scheme:

More details can be found in this blog post.

Administration & Debugging

For detailed debug instructions and administrative tasks, please refer to the Administration Tasks file.