[cameron] deploys backup and home service scripts

2021-06-25 11:18:42 +02:00 · 2021-06-25 11:18:42 +02:00 · 0fedc8cf42
parent 72fa48a15c
commit 0fedc8cf42
5 changed files with 48 additions and 67 deletions
--- a/host_vars/cameron.adm.crans.org
+++ b/host_vars/cameron.adm.crans.org
@ -3,3 +3,43 @@ loc_borg:
  to_exclude:
    - /var/mail
    - /var/lib/lxcfs
+
+loc_service_home:
+  name: home
+  install_dir: /var/local/services/home
+  cron:
+    frequency: "* * * * *"
+  dependencies:
+    - python3-jinja2
+    - python3-ldap
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/home.git
+    version: master
+  config:
+    ldap_server: ldap://re2o-ldap.adm.crans.org
+    binddn: cn=home,ou=service-users,dc=crans,dc=org
+    password: "{{ vault.ldap_home_password }}"
+    rootdn: cn=Utilisateurs,dc=crans,dc=org
+    home_dir: /pool/home
+    mail_dir: /pool/mail
+    home_quota: /usr/sbin/zfs set userquota@{user}=30G pool/home
+    mail_quota: /usr/sbin/zfs set userquota@{user}=10G pool/mail
+
+loc_service_backup:
+  name: backup
+  install_dir: /var/local/services/backup
+  cron:
+    frequency: "0 0 * * *"
+  dependencies:
+    - python3-jinja2
+    - python3-ldap
+  generated: yes
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/backup.git
+    version: master
+  config:
+    binddn: cn=home,ou=service-users,dc=crans,dc=org
+    password: "{{ vault.ldap_home_password }}"
+    rootdn: cn=Utilisateurs,dc=crans,dc=org
+    ldap_server: ldap://re2o-ldap.adm.crans.org
+    borg_key: "{{ vault.borgbackup_passwd }}"
--- a/plays/home.yml
+++ b/plays/home.yml
@ -2,11 +2,12 @@
 ---
 - hosts: cameron.adm.crans.org
  vars:
-    home:
-      ldap_server: ldap://re2o-ldap.adm.crans.org
-      ldap_password: "{{ vault.ldap_home_password }}"
-      binddn: cn=home,ou=service-users,dc=crans,dc=org
-      rootdn: cn=Utilisateurs,dc=crans,dc=org
-      borg_key: "{{ vault.borgbackup_passwd }}"
+    service: "{{ glob_service_home | default({}) | combine(loc_service_home | default({})) }}"
  roles:
-    - home
+    - service
+
+- hosts: cameron.adm.crans.org
+  vars:
+    service: "{{ glob_service_backup | default({}) | combine(loc_service_backup | default({})) }}"
+  roles:
+    - service
--- a/roles/home/tasks/main.yml
+++ b/roles/home/tasks/main.yml
@ -1,47 +0,0 @@
---
- name: Install home dependencies
-  apt:
-    update_cache: true
-    install_recommends: false
-    name:
-      - python3-jinja2
-      - python3-ldap
-  register: apt_result
-  retries: 3
-  until: apt_result is succeeded
-
- name: Create home directory
-  file:
-    path: /var/local/home
-    state: directory
-    mode: '2775'
-    owner: root
-    group: _nounou
-
- name: Set ACL for home directory
-  acl:
-    path: /var/local/home
-    default: true
-    entity: _nounou
-    etype: group
-    permissions: rwx
-    state: query
-
- name: Clone home repository
-  git:
-    repo: 'http://gitlab.adm.crans.org/nounous/home.git'
-    dest: /var/local/home
-    umask: '002'
-
- name: Deploy home config
-  template:
-    src: home/home.json.j2
-    dest: /var/local/home/home.json
-    mode: 0600
-    owner: root
-    group: root
-
- name: Deploy cron for home
-  template:
-    src: cron.d/home.j2
-    dest: /etc/cron.d/home
--- a/roles/home/templates/cron.d/home.j2
+++ b/roles/home/templates/cron.d/home.j2
@ -1,2 +0,0 @@
-{{ ansible_header | comment }}
-* * * * * root /usr/bin/python3 /var/local/home/home.py
--- a/roles/home/templates/home/home.json.j2
+++ b/roles/home/templates/home/home.json.j2
@ -1,11 +0,0 @@
-{
-	"ldap_server": "{{ home.ldap_server }}"
-	"binddn": "{{ home.binddn }}"
-	"password": "{{ home.ldap_password }}"
-	"rootdn": "{{ home.rootdn }}"
-	"home_dir": "/pool/home"
-	"mail_dir": "/pool/mail"
-	"home_quota": "/usr/sbin/zfs set userquota@{user}=30G pool/home"
-	"mail_quota": "/usr/sbin/zfs set userquota@{user}=10G pool/mail"
-	"borg_key": "{{ home.borg_key }}"
-}