[untested] prototype cron -> systemd timers

roles/sdcron/tasks/main.yml

@@ -0,0 +1,52 @@
+---
+- name: Temporarily store the password of the SMTP user
+  template:
+    src: tmppass.j2
+    dst: /tmp/sdcron_pass
+    owner: root
+    group: root
+
+- name: Launch systemd-creds encrypt on the password for sdcron, and store the result in a variable
+  command: systemd-creds --pretty --name=smtppass encrypt /tmp/sdcron_pass -
+  register: creds
+
+- name: Delete the password of the SMTP user
+  file:
+    state: absent
+    path: /tmp/sdcron_pass
+
+- name: Adding services to send status emails
+  template:
+    src: etc/systemd/system/{{ item }}@.service.j2
+    dst: /etc/systemd/system/{{ item }}@.service
+    owner: root
+    group: root
+  loop:
+    - successmail
+    - failuremail
+
+- name: Deploy the status-sender
+  template:
+    src: var/local/sendstatusmail.sh.j2
+    dst: /var/local/sendstatusmail.sh
+    owner: root
+    group: root
+    mode: '0500'
+
+- name: Install sdcron timers
+  template:
+    src: etc/systemd/system/sdcron.timer.j2
+    dst: etc/systemd/system/{{ item.name }}.timer
+  loop: "{{ sdcron.tasks }}"
+
+- name: Install sdcron services
+  template:
+    src: etc/systemd/system/sdcron.service.j2
+    dst: etc/systemd/system/{{ item.name }}.service
+  loop: "{{ sdcron.tasks }}"
+
+- name: Enable sdcron timers
+  systemd:
+    name: {{ item.name }}.timer
+    enabled: yes
+  loop: "{{ sdcron.tasks }}"

roles/sdcron/templates/etc/systemd/system/failuremail@.service.j2

@@ -0,0 +1,10 @@
+[Unit]
+Description=Sends failure mail for service %i
+
+[Service]
+Type=oneshot
+ExecStart=/var/local/sendstatusmail.sh failure %i
+Environment="SMTP_PORT=465" "SMTP_USER=sdcron"
+{{{ creds.stdout_lines }}}
+# User / Group = ce qu'on veut en vrai
+

roles/sdcron/templates/etc/systemd/system/sdcron.service.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=Service for {{ item.name }}
+OnFailure=failuremail@%n.service
+OnSuccess=successmail@%n.service
+
+[Service]
+Type=oneshot
+ExecStart={{ item.command }}
+

roles/sdcron/templates/etc/systemd/system/sdcron.timer.j2

@@ -0,0 +1,15 @@
+[Unit]
+Description=Timer for {{ item.name }}.
+
+[Timer]
+{% if item.type == "intervalbased" %}
+OnBootSec=5m
+OnUnitInactiveSec={{ item.interval }}
+{% else %}
+OnCalendar={{ item.calendar }}
+{% endif %}
+Unit={{ item.name }}.service
+
+[Install]
+WantedBy=timers.target
+

roles/sdcron/templates/etc/systemd/system/successmail@.service.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=Sends success mail for service %i
+
+[Service]
+Type=oneshot
+ExecStart=/var/local/sendstatusmail.sh success %i
+Environment="SMTP_PORT=465" "SMTP_USER=sdcron"
+{{{ creds.stdout_lines }}}
+# User / Group = ce qu'on veut en vrai

roles/sdcron/templates/tmppass.j2

@@ -0,0 +1 @@
+{{{ vault.sdcron.smtp_pass }}}

roles/sdcron/templates/var/local/sendstatusmail.sh.j2

@@ -0,0 +1,65 @@
+#!/usr/bin/bash -ue
+
+
+# The script assumes that:
+# - SMTP_PORT and SMTP_USER are environment variables to store the port and account to use on the SMTP server.
+# - if authentication is to be used, credentials called smtppass and smtpuser is passed by sd.
+
+
+status="${1}"
+service_name="${2}"
+
+
+
+## identification to use fot the mail server:
+#    identifyme is set to 1 if authentication is possible, 0 otherwise
+
+identifyme=1
+smtp_pass=$(systemd-creds cat smtppass) || identifyme=0
+smtp_user=$SMTP_USER
+smtp_port=$SMTP_PORT
+
+smtp_server="redisdead.crans.org"
+smtp_rcpt="nounous@crans.org"
+email="sdcron@crans.org"
+
+
+## Write the email in a temporary file
+tmp=$(mktemp /tmp/mail.XXXXX)
+
+echo "From: sdcron <sdcron@crans.org>
+To: nounous@crans.org
+Subject: ${status} of the service ${service_name}.
+Date: $(date -R)
+
+Salut, tout est dans le sujet $\ddot\smile$!
+
+--
+Cordialement
+
+sdcron
+
+" | tee "$tmp"
+
+
+
+## Send the email
+case identifyme in
+    0 ) 
+        curl --ssl-reqd \
+                --url "smtps://${smtp_server}:${smtp_port}" \
+                --mail-from "${email}" \
+                --mail-rcpt "${smtp_rcpt}" \
+                --upload-file "$tmp"
+        ;;
+    1 )
+        curl --ssl-reqd \
+                --url "smtps://${smtp_server}:${smtp_port}" \
+                --user "${smtp_user}:${smtp_pass}" \
+                --mail-from "${email}" \
+                --mail-rcpt "${smtp_rcpt}" \
+                --upload-file "$tmp"
+        ;;
+esac
+
+rm "$tmp"