Merge pull request #13 from dverhelst/feature/molecule
Feature/molecule
This commit is contained in:
commit
cea6c5d28d
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
.pytest_cache/
|
||||||
|
__pycache__/
|
||||||
|
pytestdebug.log
|
24
.travis.yml
Normal file
24
.travis.yml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
---
|
||||||
|
sudo: required
|
||||||
|
|
||||||
|
language: python
|
||||||
|
|
||||||
|
services:
|
||||||
|
- docker
|
||||||
|
|
||||||
|
before_install:
|
||||||
|
- sudo apt-get -qq update
|
||||||
|
|
||||||
|
install:
|
||||||
|
- pip install molecule
|
||||||
|
- pip install ansible
|
||||||
|
- pip install docker
|
||||||
|
|
||||||
|
env:
|
||||||
|
- SCENARIO=lamp
|
||||||
|
- SCENARIO=extra_opts
|
||||||
|
- SCENARIO=mgt
|
||||||
|
- SCENARIO=multiple
|
||||||
|
- SCENARIO=clients
|
||||||
|
|
||||||
|
script: "molecule test --scenario-name $SCENARIO"
|
12
.yamllint
Normal file
12
.yamllint
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
extends: default
|
||||||
|
|
||||||
|
ignore: |
|
||||||
|
*test_client.yml
|
||||||
|
*test_client_restore.yml
|
||||||
|
*test_server.yml
|
||||||
|
*test_mgt.yml
|
||||||
|
|
||||||
|
rules:
|
||||||
|
line-length:
|
||||||
|
max: 1024
|
||||||
|
level: warning
|
@ -1,3 +1,5 @@
|
|||||||
|
[![Build Status](https://travis-ci.com/FiaasCo/borgbackup.svg?branch=master)](https://travis-ci.com/FiaasCo/borgbackup)
|
||||||
|
|
||||||
# Borg backup role
|
# Borg backup role
|
||||||
This role installs Borg backup on borgbackup\_servers and clients. The role contains a wrapper-script 'borg-backup' to ease the usage on the client. Supported options include borg-backup info | init | list | backup | mount. Automysqlbackup will run as pre-backup command if it's installed.
|
This role installs Borg backup on borgbackup\_servers and clients. The role contains a wrapper-script 'borg-backup' to ease the usage on the client. Supported options include borg-backup info | init | list | backup | mount. Automysqlbackup will run as pre-backup command if it's installed.
|
||||||
The role supports both self hosted and offsite backup-storage such as rsync.net and hetzner storage box as Borg server.
|
The role supports both self hosted and offsite backup-storage such as rsync.net and hetzner storage box as Borg server.
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
- name: Configure Borg backup
|
- name: Configure Borg backup
|
||||||
hosts: all
|
hosts: all
|
||||||
become: True
|
become: true
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: borgbackup
|
- role: borgbackup
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
borgbackup_required: True
|
borgbackup_required: true
|
||||||
|
|
||||||
borgbackup_client_user: root
|
borgbackup_client_user: root
|
||||||
borgbackup_ssh_key: "~{{ borgbackup_client_user }}/.ssh/id_borg_rsa"
|
borgbackup_ssh_key: "~{{ borgbackup_client_user }}/.ssh/id_borg_rsa"
|
||||||
@ -36,8 +36,8 @@ borgbackup_cron_day: "*"
|
|||||||
borgbackup_cron_hour: "{{ 5|random(seed=inventory_hostname) }}"
|
borgbackup_cron_hour: "{{ 5|random(seed=inventory_hostname) }}"
|
||||||
borgbackup_cron_minute: "{{ 59|random(seed=inventory_hostname) }}"
|
borgbackup_cron_minute: "{{ 59|random(seed=inventory_hostname) }}"
|
||||||
|
|
||||||
borgbackup_appendonly: False
|
borgbackup_appendonly: false
|
||||||
borgbackup_appendonly_repoconfig: False
|
borgbackup_appendonly_repoconfig: false
|
||||||
borgbackup_management_station: ''
|
borgbackup_management_station: ''
|
||||||
borgbackup_management_user: ''
|
borgbackup_management_user: ''
|
||||||
borgbackup_management_ssh_pubkey: ''
|
borgbackup_management_ssh_pubkey: ''
|
||||||
|
@ -5,15 +5,15 @@ galaxy_info:
|
|||||||
license: MIT
|
license: MIT
|
||||||
min_ansible_version: 1.9
|
min_ansible_version: 1.9
|
||||||
platforms:
|
platforms:
|
||||||
- name: EL
|
- name: EL
|
||||||
versions:
|
versions:
|
||||||
- all
|
- all
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- all
|
- all
|
||||||
- name: Ubuntu
|
- name: Ubuntu
|
||||||
versions:
|
versions:
|
||||||
- all
|
- all
|
||||||
galaxy_tags:
|
galaxy_tags:
|
||||||
- borg
|
- borg
|
||||||
- borgbackup
|
- borgbackup
|
||||||
|
104
molecule/README.md
Normal file
104
molecule/README.md
Normal file
@ -0,0 +1,104 @@
|
|||||||
|
# Borg backup role - Molecule testing
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
|
||||||
|
Ansible 2.4 or higher
|
||||||
|
Molecule 2.17.0 or higher
|
||||||
|
|
||||||
|
Docker host (local or remote through shell environment)
|
||||||
|
|
||||||
|
## Available tests run on all scenarios
|
||||||
|
|
||||||
|
All scenarios run the same tests by default defined in generic_tests. If a test applies to a certain group only, group filtering is done through testinfra with the ansible:// url.
|
||||||
|
Eg:
|
||||||
|
```
|
||||||
|
testinfra_hosts = ["ansible://borgbackup_servers"]
|
||||||
|
```
|
||||||
|
|
||||||
|
### all
|
||||||
|
|
||||||
|
[generic\_files/tests/test_all.py](generic_files/tests/test_all.py)
|
||||||
|
|
||||||
|
Verify the borg-binary is present
|
||||||
|
|
||||||
|
|
||||||
|
### client
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_client.py](generic_files/tests/test_client.py)
|
||||||
|
Verifies if all the required parameters are present on the client to perform a backup. It verifies an already existing backup has run and if it has succeeded.
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_client_restore.py](generic_files/tests/test_client_restore.py)
|
||||||
|
Verifies if the restore functionality works correctly.
|
||||||
|
|
||||||
|
### server
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_server.py](generic_files/tests/test_server.py)
|
||||||
|
Verifies if all server-related configurations are in place and if the backup is working from a server perspective.
|
||||||
|
|
||||||
|
|
||||||
|
## Available test-scenarios
|
||||||
|
|
||||||
|
### clients
|
||||||
|
|
||||||
|
This tests spins up supported platforms and verifies the basic functionality of both server and client with the generic_tests on a number of platforms and linux distributions.
|
||||||
|
|
||||||
|
```
|
||||||
|
borgbackup_appendonly:
|
||||||
|
borgbackup_servers:
|
||||||
|
borgbackup_include:
|
||||||
|
borgbackup_passphrase:
|
||||||
|
```
|
||||||
|
|
||||||
|
### multiple
|
||||||
|
|
||||||
|
Testing whether backing up to multiple targets works properly.
|
||||||
|
|
||||||
|
```
|
||||||
|
borgbackup_servers:
|
||||||
|
```
|
||||||
|
|
||||||
|
### extra_opts
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_server.py](generic_files/tests/test_server.py)
|
||||||
|
|
||||||
|
Verify if both pre and post commands are configured at backup time and are run.
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
|
borgbackup_pre_commands:
|
||||||
|
borgbackup_post_commands:
|
||||||
|
```
|
||||||
|
|
||||||
|
Verify if both inclusion and exclusion of folders is working as expected
|
||||||
|
|
||||||
|
```
|
||||||
|
borgbackup_include:
|
||||||
|
borgbackup_exclude:
|
||||||
|
```
|
||||||
|
|
||||||
|
### lamp
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_lamp.py](generic_files/tests/test_lamp.py)
|
||||||
|
Verify a basic lamp setup meaning making sure /var/www/ and automysqlbackup is configured properly and backed up.
|
||||||
|
As an extra preparation, apache2 and automysqlbackup are installed for verification.
|
||||||
|
|
||||||
|
```
|
||||||
|
backup_pre_commands: needs to be extended with automysqlbackup
|
||||||
|
borgbackup_include: need to contain both /var/www and /var/lib/automysqlbackup
|
||||||
|
```
|
||||||
|
|
||||||
|
### mgt
|
||||||
|
|
||||||
|
Testinfra: [generic\_files/tests/test_mgt.py](generic_files/tests/test_mgt.py)
|
||||||
|
Testing whether the management-station functionality works and all clients are listed.
|
||||||
|
|
||||||
|
```
|
||||||
|
borgbackup_management:
|
||||||
|
borgbackup_management_user:
|
||||||
|
borgbackup_management_sshkey:
|
||||||
|
```
|
||||||
|
|
||||||
|
## restore
|
||||||
|
|
||||||
|
A restore is tested by default in every scenario by the use of the side-effect playbook. [generic\_files/side_effect.yml](generic_files/side_effect.yml)
|
1
molecule/clients/Dockerfile.j2
Symbolic link
1
molecule/clients/Dockerfile.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/Dockerfile.j2
|
26
molecule/clients/INSTALL.rst
Normal file
26
molecule/clients/INSTALL.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
*******
|
||||||
|
Docker driver installation guide
|
||||||
|
*******
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
|
||||||
|
* Docker Engine
|
||||||
|
* docker-py
|
||||||
|
* docker
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Ansible < 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker-py
|
||||||
|
|
||||||
|
Ansible >= 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker
|
88
molecule/clients/molecule.yml
Normal file
88
molecule/clients/molecule.yml
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
lint:
|
||||||
|
name: yamllint
|
||||||
|
platforms:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
image: ubuntu:bionic
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cux
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cux
|
||||||
|
image: ubuntu:xenial
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cdj
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cdj
|
||||||
|
image: debian:jessie
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cc7
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cc7
|
||||||
|
image: centos:7
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- centos
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cc6
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cc6
|
||||||
|
image: centos:6
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- centos
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
borgbackup_appendonly: true
|
||||||
|
borgbackup_servers:
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
user: borgds
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
borgbackup_include:
|
||||||
|
- "/etc"
|
||||||
|
- "/root"
|
||||||
|
- "/var/log"
|
||||||
|
- "/home"
|
||||||
|
host_vars:
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cub:
|
||||||
|
borgbackup_passphrase: soo6Uabiex
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cux:
|
||||||
|
borgbackup_passphrase: ooFeila1ie
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cds:
|
||||||
|
borgbackup_passphrase: eewoo7paf6J
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cdj:
|
||||||
|
borgbackup_passphrase: aef1Iekahpi
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cc7:
|
||||||
|
borgbackup_passphrase: ASFQiejwasd
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cc6:
|
||||||
|
borgbackup_passphrase: Ansdkfqooia
|
||||||
|
lint:
|
||||||
|
name: ansible-lint
|
||||||
|
scenario:
|
||||||
|
name: clients
|
||||||
|
verifier:
|
||||||
|
name: testinfra
|
||||||
|
options:
|
||||||
|
verbose: true
|
||||||
|
lint:
|
||||||
|
name: flake8
|
1
molecule/clients/playbook.yml
Symbolic link
1
molecule/clients/playbook.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/playbook.yml
|
1
molecule/clients/prepare.yml
Symbolic link
1
molecule/clients/prepare.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/prepare.yml
|
1
molecule/clients/restore.sh.j2
Symbolic link
1
molecule/clients/restore.sh.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/restore.sh.j2
|
1
molecule/clients/side_effect.yml
Symbolic link
1
molecule/clients/side_effect.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/side_effect.yml
|
1
molecule/clients/tests
Symbolic link
1
molecule/clients/tests
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/tests
|
1
molecule/extra_opts/Dockerfile.j2
Symbolic link
1
molecule/extra_opts/Dockerfile.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/Dockerfile.j2
|
26
molecule/extra_opts/INSTALL.rst
Normal file
26
molecule/extra_opts/INSTALL.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
*******
|
||||||
|
Docker driver installation guide
|
||||||
|
*******
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
|
||||||
|
* Docker Engine
|
||||||
|
* docker-py
|
||||||
|
* docker
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Ansible < 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker-py
|
||||||
|
|
||||||
|
Ansible >= 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker
|
58
molecule/extra_opts/molecule.yml
Normal file
58
molecule/extra_opts/molecule.yml
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
lint:
|
||||||
|
name: yamllint
|
||||||
|
platforms:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- extra_opts
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
borgbackup_appendonly: true
|
||||||
|
borgbackup_servers:
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
user: borgds
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
host_vars:
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cds:
|
||||||
|
borgbackup_passphrase: soo6Uabiex
|
||||||
|
borgbackup_include:
|
||||||
|
- "/etc"
|
||||||
|
- "/root"
|
||||||
|
- "/var/log"
|
||||||
|
- "/home"
|
||||||
|
- "/var/cache"
|
||||||
|
borgbackup_exclude:
|
||||||
|
- "/var/cache/apt"
|
||||||
|
borgbackup_pre_commands:
|
||||||
|
- "dpkg --get-selections"
|
||||||
|
borgbackup_post_commands:
|
||||||
|
- "apt list"
|
||||||
|
lint:
|
||||||
|
name: ansible-lint
|
||||||
|
scenario:
|
||||||
|
name: extra_opts
|
||||||
|
verifier:
|
||||||
|
name: testinfra
|
||||||
|
options:
|
||||||
|
verbose: true
|
||||||
|
lint:
|
||||||
|
name: flake8
|
1
molecule/extra_opts/playbook.yml
Symbolic link
1
molecule/extra_opts/playbook.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/playbook.yml
|
1
molecule/extra_opts/prepare.yml
Symbolic link
1
molecule/extra_opts/prepare.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/prepare.yml
|
1
molecule/extra_opts/restore.sh.j2
Symbolic link
1
molecule/extra_opts/restore.sh.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/restore.sh.j2
|
1
molecule/extra_opts/side_effect.yml
Symbolic link
1
molecule/extra_opts/side_effect.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/side_effect.yml
|
1
molecule/extra_opts/tests
Symbolic link
1
molecule/extra_opts/tests
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/tests
|
10
molecule/generic_files/Dockerfile.j2
Normal file
10
molecule/generic_files/Dockerfile.j2
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# Molecule managed
|
||||||
|
|
||||||
|
FROM {{ item.image }}
|
||||||
|
|
||||||
|
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
|
||||||
|
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
|
||||||
|
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
|
||||||
|
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
|
||||||
|
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
|
||||||
|
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
|
5
molecule/generic_files/playbook.yml
Normal file
5
molecule/generic_files/playbook.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
- name: Converge
|
||||||
|
hosts: all
|
||||||
|
roles:
|
||||||
|
- role: borgbackup
|
54
molecule/generic_files/prepare.yml
Normal file
54
molecule/generic_files/prepare.yml
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
---
|
||||||
|
- name: prepare debian-based systems
|
||||||
|
hosts: all:!centos
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: install required packages
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- bash
|
||||||
|
- ca-certificates
|
||||||
|
- cron
|
||||||
|
- iputils-ping
|
||||||
|
- openssh-client
|
||||||
|
|
||||||
|
- name: prepare centos-based systems
|
||||||
|
hosts: centos
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: install required packages
|
||||||
|
yum:
|
||||||
|
name:
|
||||||
|
- anacron
|
||||||
|
- iputils
|
||||||
|
- openssh-clients
|
||||||
|
|
||||||
|
- name: prepare debian-based backupservers
|
||||||
|
hosts: borgbackup_servers
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: install required packages
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- openssh-server
|
||||||
|
- name: start ssh - Debian Server
|
||||||
|
command: service ssh start
|
||||||
|
|
||||||
|
- name: prepare lamp
|
||||||
|
hosts: lamp
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Install required packages
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- apache2
|
||||||
|
- mysql-server
|
||||||
|
- automysqlbackup
|
||||||
|
state: present
|
||||||
|
notify: start mysql
|
||||||
|
handlers:
|
||||||
|
- name: start mysql
|
||||||
|
service:
|
||||||
|
name: mysql
|
||||||
|
state: started
|
||||||
|
enabled: true
|
36
molecule/generic_files/restore.sh.j2
Normal file
36
molecule/generic_files/restore.sh.j2
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
export BORG_PASSPHRASE="{{ borgbackup_passphrase }}"
|
||||||
|
|
||||||
|
last_backup=`/usr/local/bin/borg-backup list | grep '^[0-9]' | awk ' { print $1 } ' | tail -1`
|
||||||
|
|
||||||
|
if [ "$1" = "verify" ]
|
||||||
|
then
|
||||||
|
{% for b in borgbackup_servers %}
|
||||||
|
{% if b.type == 'hetzner' %}
|
||||||
|
REPOSITORY=ssh://{{ b.user }}@{{ b.fqdn }}:23/./{{ b.home }}{{ b.pool }}/{{ inventory_hostname }}
|
||||||
|
{% else %}
|
||||||
|
REPOSITORY={{ b.user }}@{{ b.fqdn }}:{{ b.home }}{{ b.pool }}/{{ inventory_hostname }}
|
||||||
|
{% endif %}
|
||||||
|
printf "verifying on {{ b.fqdn }} :\n"
|
||||||
|
/usr/local/bin/borg extract --list --dry-run $REPOSITORY::$last_backup root/sample.txt
|
||||||
|
{% endfor %}
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$1" = "restore" ]
|
||||||
|
then
|
||||||
|
file="$2"
|
||||||
|
{% for b in borgbackup_servers %}
|
||||||
|
{% if b.type == 'hetzner' %}
|
||||||
|
REPOSITORY=ssh://{{ b.user }}@{{ b.fqdn }}:23/./{{ b.home }}{{ b.pool }}/{{ inventory_hostname }}
|
||||||
|
{% else %}
|
||||||
|
REPOSITORY={{ b.user }}@{{ b.fqdn }}:{{ b.home }}{{ b.pool }}/{{ inventory_hostname }}
|
||||||
|
{% endif %}
|
||||||
|
rm -rf /root/restore/{{ b.fqdn }}
|
||||||
|
mkdir -p /root/restore/{{ b.fqdn }}
|
||||||
|
cd /root/restore/{{ b.fqdn }}
|
||||||
|
/usr/local/bin/borg extract $REPOSITORY::$last_backup root/sample.txt
|
||||||
|
{% endfor %}
|
||||||
|
exit 0
|
||||||
|
fi
|
17
molecule/generic_files/side_effect.yml
Normal file
17
molecule/generic_files/side_effect.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
- hosts: all:!borgbackup_servers
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: generate random file
|
||||||
|
command: dd if=/dev/urandom of=/root/sample.txt bs=1M count=4
|
||||||
|
args:
|
||||||
|
creates: /root/sample.txt
|
||||||
|
- name: template restore test
|
||||||
|
template:
|
||||||
|
src: restore.sh.j2
|
||||||
|
dest: /root/restore.sh
|
||||||
|
mode: "0755"
|
||||||
|
- name: back up
|
||||||
|
command: /usr/local/bin/borg-backup backup
|
||||||
|
- name: restore test file
|
||||||
|
command: /root/restore.sh restore root/sample.txt
|
2
molecule/generic_files/tests/.flake8
Normal file
2
molecule/generic_files/tests/.flake8
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
[flake8]
|
||||||
|
ignore = E501
|
6
molecule/generic_files/tests/test_all.py
Normal file
6
molecule/generic_files/tests/test_all.py
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
def test_borg_binary(host):
|
||||||
|
borg = host.file("/usr/local/bin/borg")
|
||||||
|
assert borg.exists
|
||||||
|
assert borg.user == "root"
|
||||||
|
assert borg.group == "root"
|
||||||
|
assert borg.mode == 0o755
|
44
molecule/generic_files/tests/test_client.py
Normal file
44
molecule/generic_files/tests/test_client.py
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
import os
|
||||||
|
import pytest
|
||||||
|
from testinfra.utils.ansible_runner import AnsibleRunner
|
||||||
|
|
||||||
|
testinfra_hosts = ["ansible://all:!borgbackup_servers"]
|
||||||
|
|
||||||
|
|
||||||
|
def test_log(host):
|
||||||
|
logfile = host.file("/var/log/borg-backup.log")
|
||||||
|
assert logfile.contains("Backup succeeded")
|
||||||
|
assert logfile.user == "root"
|
||||||
|
assert logfile.group == "root"
|
||||||
|
|
||||||
|
|
||||||
|
# to do read inventory variable : export BORG_PASSPHRASE="{{ borgbackup_passphrase }}"
|
||||||
|
def test_passphrase(host):
|
||||||
|
pfile = host.file("/root/.borg.passphrase")
|
||||||
|
assert pfile.contains("BORG_PASSPHRASE=")
|
||||||
|
assert pfile.user == "root"
|
||||||
|
assert pfile.group == "root"
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('server', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('borgbackup_servers'))
|
||||||
|
def test_sshconfig(host, server):
|
||||||
|
sshconf = host.file("/root/.ssh/config")
|
||||||
|
assert sshconf.contains(" ANSIBLE MANAGED BLOCK %s " % server)
|
||||||
|
assert sshconf.contains("Host %s" % server)
|
||||||
|
assert sshconf.user == "root"
|
||||||
|
assert sshconf.group == "root"
|
||||||
|
|
||||||
|
|
||||||
|
def test_scriptfile(host):
|
||||||
|
script = host.file("/usr/local/bin/borg-backup")
|
||||||
|
assert script.user == "root"
|
||||||
|
assert script.group == "root"
|
||||||
|
assert script.mode == 0o744
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('server', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('borgbackup_servers'))
|
||||||
|
def test_list_backups(host, server):
|
||||||
|
command = host.run("bash /usr/local/bin/borg-backup list")
|
||||||
|
assert command.rc == 0
|
||||||
|
assert command.stderr == ''
|
||||||
|
assert "Archives on %s :\n2" % server in command.stdout
|
17
molecule/generic_files/tests/test_client_extra_opts.py
Normal file
17
molecule/generic_files/tests/test_client_extra_opts.py
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
testinfra_hosts = ["ansible://extra_opts"]
|
||||||
|
|
||||||
|
|
||||||
|
def test_include_exclude(host):
|
||||||
|
script = host.file("/usr/local/bin/borg-backup")
|
||||||
|
assert script.contains("/var/cache")
|
||||||
|
assert script.contains("--exclude '/var/cache/apt'")
|
||||||
|
assert script.user == "root"
|
||||||
|
assert script.group == "root"
|
||||||
|
|
||||||
|
|
||||||
|
def test_pre_post_commands(host):
|
||||||
|
script = host.file("/usr/local/bin/borg-backup")
|
||||||
|
assert script.contains("dpkg --get-selection")
|
||||||
|
assert script.contains("apt list")
|
||||||
|
assert script.user == "root"
|
||||||
|
assert script.group == "root"
|
24
molecule/generic_files/tests/test_client_restore.py
Normal file
24
molecule/generic_files/tests/test_client_restore.py
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
import os
|
||||||
|
import pytest
|
||||||
|
from testinfra.utils.ansible_runner import AnsibleRunner
|
||||||
|
|
||||||
|
testinfra_hosts = ["ansible://all:!borgbackup_servers"]
|
||||||
|
|
||||||
|
|
||||||
|
def test_client_sample_file(host):
|
||||||
|
sample = host.file("/root/sample.txt")
|
||||||
|
assert sample.is_file
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('server', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('borgbackup_servers'))
|
||||||
|
def test_client_dir(host, server):
|
||||||
|
command = host.run("diff -s /root/sample.txt /root/restore/%s/root/sample.txt" % server)
|
||||||
|
assert command.rc == 0
|
||||||
|
assert "Files /root/sample.txt and /root/restore/%s/root/sample.txt are identical" % server in command.stdout
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('server', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('borgbackup_servers'))
|
||||||
|
def test_client_verify(host, server):
|
||||||
|
vcommand = host.run("/root/restore.sh verify")
|
||||||
|
assert vcommand.rc == 0
|
||||||
|
assert vcommand.stdout.rstrip("verifying on %s" % server)
|
16
molecule/generic_files/tests/test_lamp.py
Normal file
16
molecule/generic_files/tests/test_lamp.py
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
testinfra_hosts = ["ansible://lamp"]
|
||||||
|
|
||||||
|
|
||||||
|
def test_lamp_default(host):
|
||||||
|
script = host.file("/usr/local/bin/borg-backup")
|
||||||
|
assert script.contains("/usr/sbin/automysqlbackup")
|
||||||
|
assert script.contains("/var/lib/automysqlbackup")
|
||||||
|
assert script.contains("/var/www")
|
||||||
|
assert script.user == "root"
|
||||||
|
assert script.group == "root"
|
||||||
|
|
||||||
|
|
||||||
|
def test_lamp_automysqlbackup(host):
|
||||||
|
backup_dir = host.file("/var/lib/automysqlbackup/daily")
|
||||||
|
assert backup_dir.exists
|
||||||
|
assert backup_dir.is_directory
|
18
molecule/generic_files/tests/test_mgt.py
Normal file
18
molecule/generic_files/tests/test_mgt.py
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
import os
|
||||||
|
import pytest
|
||||||
|
from testinfra.utils.ansible_runner import AnsibleRunner
|
||||||
|
|
||||||
|
testinfra_hosts = ["ansible://borgbackup_management"]
|
||||||
|
|
||||||
|
|
||||||
|
# to do read inventory variable : export BORG_PASSPHRASE="{{ borgbackup_passphrase }}"
|
||||||
|
@pytest.mark.parametrize('client', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all:!borgbackup_management:!borgbackup_servers'))
|
||||||
|
def test_prune_script(host, client):
|
||||||
|
prune = host.file("/root/prune.sh")
|
||||||
|
assert prune.user == "root"
|
||||||
|
assert prune.group == "root"
|
||||||
|
assert prune.mode == 0o700
|
||||||
|
assert prune.contains("/usr/local/bin/borg prune")
|
||||||
|
assert prune.contains("export BORG_PASSPHRASE=")
|
||||||
|
assert prune.contains("Host: %s" % client)
|
||||||
|
assert prune.contains(":/var/backup/repos/%s" % client)
|
23
molecule/generic_files/tests/test_server.py
Normal file
23
molecule/generic_files/tests/test_server.py
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
import os
|
||||||
|
import pytest
|
||||||
|
from testinfra.utils.ansible_runner import AnsibleRunner
|
||||||
|
|
||||||
|
testinfra_hosts = ["ansible://borgbackup_servers"]
|
||||||
|
|
||||||
|
|
||||||
|
def test_client_parent_dir(host):
|
||||||
|
parentdir = host.file("/var/backup/repos")
|
||||||
|
assert parentdir.is_directory
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('client', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all:!borgbackup_servers'))
|
||||||
|
def test_client_dir(host, client):
|
||||||
|
clientdir = host.file("/var/backup/repos/%s" % client)
|
||||||
|
assert clientdir.is_directory
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('client', AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all:!borgbackup_servers'))
|
||||||
|
def test_ssh_client_conf(host, client):
|
||||||
|
sshconf = host.file("/var/backup/.ssh/authorized_keys")
|
||||||
|
assert sshconf.is_file
|
||||||
|
assert sshconf.contains("%s;borg serve" % client)
|
1
molecule/lamp/Dockerfile.j2
Symbolic link
1
molecule/lamp/Dockerfile.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/Dockerfile.j2
|
26
molecule/lamp/INSTALL.rst
Normal file
26
molecule/lamp/INSTALL.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
*******
|
||||||
|
Docker driver installation guide
|
||||||
|
*******
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
|
||||||
|
* Docker Engine
|
||||||
|
* docker-py
|
||||||
|
* docker
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Ansible < 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker-py
|
||||||
|
|
||||||
|
Ansible >= 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker
|
46
molecule/lamp/molecule.yml
Normal file
46
molecule/lamp/molecule.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
lint:
|
||||||
|
name: yamllint
|
||||||
|
platforms:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- lamp
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
borgbackup_appendonly: true
|
||||||
|
borgbackup_servers:
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
user: borgds
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
host_vars:
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cds:
|
||||||
|
borgbackup_passphrase: soo6Uabiex
|
||||||
|
lint:
|
||||||
|
name: ansible-lint
|
||||||
|
scenario:
|
||||||
|
name: lamp
|
||||||
|
verifier:
|
||||||
|
name: testinfra
|
||||||
|
options:
|
||||||
|
verbose: true
|
||||||
|
lint:
|
||||||
|
name: flake8
|
1
molecule/lamp/playbook.yml
Symbolic link
1
molecule/lamp/playbook.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/playbook.yml
|
1
molecule/lamp/prepare.yml
Symbolic link
1
molecule/lamp/prepare.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/prepare.yml
|
1
molecule/lamp/restore.sh.j2
Symbolic link
1
molecule/lamp/restore.sh.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/restore.sh.j2
|
1
molecule/lamp/side_effect.yml
Symbolic link
1
molecule/lamp/side_effect.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/side_effect.yml
|
1
molecule/lamp/tests
Symbolic link
1
molecule/lamp/tests
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/tests
|
1
molecule/mgt/Dockerfile.j2
Symbolic link
1
molecule/mgt/Dockerfile.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/Dockerfile.j2
|
26
molecule/mgt/INSTALL.rst
Normal file
26
molecule/mgt/INSTALL.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
*******
|
||||||
|
Docker driver installation guide
|
||||||
|
*******
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
|
||||||
|
* Docker Engine
|
||||||
|
* docker-py
|
||||||
|
* docker
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Ansible < 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker-py
|
||||||
|
|
||||||
|
Ansible >= 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker
|
78
molecule/mgt/molecule.yml
Normal file
78
molecule/mgt/molecule.yml
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
lint:
|
||||||
|
name: yamllint
|
||||||
|
platforms:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
image: ubuntu:bionic
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-mds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-mds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_management
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
borgbackup_appendonly: true
|
||||||
|
borgbackup_servers:
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
user: borgds
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
borgbackup_retention:
|
||||||
|
hourly: 12
|
||||||
|
daily: 7
|
||||||
|
weekly: 4
|
||||||
|
monthly: 6
|
||||||
|
yearly: 1
|
||||||
|
borgbackup_include:
|
||||||
|
- "/etc"
|
||||||
|
- "/root"
|
||||||
|
- "/var/log"
|
||||||
|
- "/home"
|
||||||
|
borgbackup_management_station: ${MOLECULE_SCENARIO_NAME}-mds
|
||||||
|
borgbackup_servers:
|
||||||
|
borgbackup_required: false
|
||||||
|
borgbackup_management:
|
||||||
|
borgbackup_management_user: root
|
||||||
|
borgbackup_management_sshkey: |
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXM5MuTbKbciopdHP314g0b72O5xaCf+4mt97bLPBwmW8UpOebWMkE+jYKET2B9fiOkyU9aWq+Tx7tfo31avN0nRf/VsxNupLcH605KdYOmw+EPjVDFLRXZb3j0AGDJM9YCd/KrwJlf8Tu4sXq0RhRNmqRBsBMjevpKCioQLzWJ1oCs1TLWxTS4nN7Jwy+Ou2gJEB7jKj907pFiCIPWRU4LLHlwE7DjunBr4THgE2Sj0tWkiYDKKoH++Rm62wVYL0oTLOJrQuqu52FEniPDgTnZwhy7b5MAHF5f2BscBorQxEkToWOVfX14Mzf+HC/arT2IPoE1Iv2XdWoiGiaWnyr
|
||||||
|
host_vars:
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cds:
|
||||||
|
borgbackup_passphrase: soo6Uabiex
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cub:
|
||||||
|
borgbackup_passphrase: iousheafqj
|
||||||
|
${MOLECULE_SCENARIO_NAME}-mds:
|
||||||
|
borgbackup_passphrase: Zuequei1ro
|
||||||
|
lint:
|
||||||
|
name: ansible-lint
|
||||||
|
scenario:
|
||||||
|
name: mgt
|
||||||
|
verifier:
|
||||||
|
name: testinfra
|
||||||
|
options:
|
||||||
|
verbose: true
|
||||||
|
lint:
|
||||||
|
name: flake8
|
1
molecule/mgt/playbook.yml
Symbolic link
1
molecule/mgt/playbook.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/playbook.yml
|
1
molecule/mgt/prepare.yml
Symbolic link
1
molecule/mgt/prepare.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/prepare.yml
|
1
molecule/mgt/restore.sh.j2
Symbolic link
1
molecule/mgt/restore.sh.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/restore.sh.j2
|
1
molecule/mgt/side_effect.yml
Symbolic link
1
molecule/mgt/side_effect.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/side_effect.yml
|
1
molecule/mgt/tests
Symbolic link
1
molecule/mgt/tests
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/tests
|
1
molecule/multiple/Dockerfile.j2
Symbolic link
1
molecule/multiple/Dockerfile.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/Dockerfile.j2
|
26
molecule/multiple/INSTALL.rst
Normal file
26
molecule/multiple/INSTALL.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
*******
|
||||||
|
Docker driver installation guide
|
||||||
|
*******
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
|
||||||
|
* Docker Engine
|
||||||
|
* docker-py
|
||||||
|
* docker
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Ansible < 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker-py
|
||||||
|
|
||||||
|
Ansible >= 2.6
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ sudo pip install docker
|
73
molecule/multiple/molecule.yml
Normal file
73
molecule/multiple/molecule.yml
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
lint:
|
||||||
|
name: yamllint
|
||||||
|
options:
|
||||||
|
config-file: ${MOLECULE_PROJECT_DIRECTORY}/.yamllint
|
||||||
|
platforms:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cds
|
||||||
|
image: debian:stretch
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-cub
|
||||||
|
image: ubuntu:bionic
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
image: ubuntu:xenial
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-sub
|
||||||
|
hostname: ${MOLECULE_SCENARIO_NAME}-sub
|
||||||
|
image: ubuntu:bionic
|
||||||
|
networks:
|
||||||
|
- name: ${MOLECULE_SCENARIO_NAME}-borg
|
||||||
|
groups:
|
||||||
|
- borgbackup_servers
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
borgbackup_appendonly: true
|
||||||
|
borgbackup_servers:
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sds
|
||||||
|
user: borgdj
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
- fqdn: ${MOLECULE_SCENARIO_NAME}-sub
|
||||||
|
user: borgux
|
||||||
|
type: normal
|
||||||
|
home: /var/backup/
|
||||||
|
pool: repos
|
||||||
|
options: ""
|
||||||
|
borgbackup_include:
|
||||||
|
- "/etc"
|
||||||
|
- "/root"
|
||||||
|
- "/var/log"
|
||||||
|
- "/home"
|
||||||
|
host_vars:
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cds:
|
||||||
|
borgbackup_passphrase: soo6Uabiex
|
||||||
|
${MOLECULE_SCENARIO_NAME}-cub:
|
||||||
|
borgbackup_passphrase: lidafruhkj
|
||||||
|
${MOLECULE_SCENARIO_NAME}-sub:
|
||||||
|
borgbackup_passphrase: oiasdfoain
|
||||||
|
lint:
|
||||||
|
name: ansible-lint
|
||||||
|
scenario:
|
||||||
|
name: multiple
|
||||||
|
verifier:
|
||||||
|
name: testinfra
|
||||||
|
options:
|
||||||
|
verbose: true
|
||||||
|
lint:
|
||||||
|
name: flake8
|
1
molecule/multiple/playbook.yml
Symbolic link
1
molecule/multiple/playbook.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/playbook.yml
|
1
molecule/multiple/prepare.yml
Symbolic link
1
molecule/multiple/prepare.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/prepare.yml
|
1
molecule/multiple/restore.sh.j2
Symbolic link
1
molecule/multiple/restore.sh.j2
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/restore.sh.j2
|
1
molecule/multiple/side_effect.yml
Symbolic link
1
molecule/multiple/side_effect.yml
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/side_effect.yml
|
1
molecule/multiple/tests
Symbolic link
1
molecule/multiple/tests
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../generic_files/tests
|
@ -2,7 +2,7 @@
|
|||||||
- name: client | generate ssh key for this machine
|
- name: client | generate ssh key for this machine
|
||||||
user:
|
user:
|
||||||
name: "{{ borgbackup_client_user }}"
|
name: "{{ borgbackup_client_user }}"
|
||||||
generate_ssh_key: yes
|
generate_ssh_key: true
|
||||||
ssh_key_bits: 2048
|
ssh_key_bits: 2048
|
||||||
ssh_key_file: "{{ borgbackup_ssh_key }}"
|
ssh_key_file: "{{ borgbackup_ssh_key }}"
|
||||||
ssh_key_type: rsa
|
ssh_key_type: rsa
|
||||||
@ -10,19 +10,19 @@
|
|||||||
- name: client | fetch ssh-key
|
- name: client | fetch ssh-key
|
||||||
shell: "cat {{ borgbackup_ssh_key }}.pub"
|
shell: "cat {{ borgbackup_ssh_key }}.pub"
|
||||||
register: sshkey
|
register: sshkey
|
||||||
changed_when: False
|
changed_when: false
|
||||||
|
|
||||||
- name: client | write passphrase
|
- name: client | write passphrase
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: "~{{ borgbackup_client_user }}/.borg.passphrase"
|
dest: "~{{ borgbackup_client_user }}/.borg.passphrase"
|
||||||
state: "present"
|
state: "present"
|
||||||
line: 'export BORG_PASSPHRASE="{{ borgbackup_passphrase }}"'
|
line: 'export BORG_PASSPHRASE="{{ borgbackup_passphrase }}"'
|
||||||
create: "yes"
|
create: true
|
||||||
|
|
||||||
- name: client | disable strict key checking for backup servers
|
- name: client | disable strict key checking for backup servers
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: "~{{ borgbackup_client_user }}/.ssh/config"
|
dest: "~{{ borgbackup_client_user }}/.ssh/config"
|
||||||
create: yes
|
create: true
|
||||||
marker: "### {mark} ANSIBLE MANAGED BLOCK {{ item.fqdn }} ###"
|
marker: "### {mark} ANSIBLE MANAGED BLOCK {{ item.fqdn }} ###"
|
||||||
content: |
|
content: |
|
||||||
Host {{ item.fqdn }}
|
Host {{ item.fqdn }}
|
||||||
@ -46,7 +46,7 @@
|
|||||||
- name: client | get authorized_keys file
|
- name: client | get authorized_keys file
|
||||||
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys
|
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type in ['rsync.net','hetzner']
|
when: item.type in ['rsync.net','hetzner']
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
@ -57,9 +57,9 @@
|
|||||||
key: "{{ sshkey.stdout }}"
|
key: "{{ sshkey.stdout }}"
|
||||||
key_options: 'command="cd {{ item.pool }}/{{ inventory_hostname }};/usr/local/bin/borg1 serve {% if borgbackup_appendonly %}--append-only {% endif %} --restrict-to-path {{ item.pool }}/{{ inventory_hostname }}",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc'
|
key_options: 'command="cd {{ item.pool }}/{{ inventory_hostname }};/usr/local/bin/borg1 serve {% if borgbackup_appendonly %}--append-only {% endif %} --restrict-to-path {{ item.pool }}/{{ inventory_hostname }}",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc'
|
||||||
path: "/tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys"
|
path: "/tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys"
|
||||||
manage_dir: no
|
manage_dir: false
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type in ['rsync.net','hetzner']
|
when: item.type in ['rsync.net','hetzner']
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
register: authkeys
|
register: authkeys
|
||||||
@ -67,7 +67,7 @@
|
|||||||
- name: client | upload local authorized_keys to rsync.net / hetzner
|
- name: client | upload local authorized_keys to rsync.net / hetzner
|
||||||
raw: scp /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
raw: scp /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type in ['rsync.net','hetzner'] and authkeys.changed
|
when: item.type in ['rsync.net','hetzner'] and authkeys.changed
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
|
|
||||||
@ -76,7 +76,7 @@
|
|||||||
path: /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys
|
path: /tmp/authkeys-{{ item.type }}-{{ item.fqdn }}-authkeys
|
||||||
state: absent
|
state: absent
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
when: authkeys.changed
|
when: authkeys.changed
|
||||||
changed_when: false
|
changed_when: false
|
||||||
@ -115,6 +115,6 @@
|
|||||||
regexp: "^/usr/sbin/automysqlbackup$"
|
regexp: "^/usr/sbin/automysqlbackup$"
|
||||||
line: "#/usr/sbin/automysqlbackup"
|
line: "#/usr/sbin/automysqlbackup"
|
||||||
state: "present"
|
state: "present"
|
||||||
backrefs: "yes"
|
backrefs: true
|
||||||
create: "no"
|
create: false
|
||||||
when: automysql.stat.isdir is defined and automysql.stat.isdir == True
|
when: automysql.stat.isdir is defined and automysql.stat.isdir == True
|
||||||
|
@ -10,6 +10,15 @@
|
|||||||
run_once: true
|
run_once: true
|
||||||
when: item.type == 'normal'
|
when: item.type == 'normal'
|
||||||
|
|
||||||
|
- name: server | set permissions
|
||||||
|
file:
|
||||||
|
dest: "{{ item.home }}"
|
||||||
|
owner: "{{ item.user }}"
|
||||||
|
group: "{{ item.user }}"
|
||||||
|
delegate_to: "{{ item.fqdn }}"
|
||||||
|
with_items: "{{ borgbackup_servers }}"
|
||||||
|
when: item.type == 'normal'
|
||||||
|
|
||||||
- name: server | create directories
|
- name: server | create directories
|
||||||
file:
|
file:
|
||||||
path: "{{ item.home}}{{ item.pool }}"
|
path: "{{ item.home}}{{ item.pool }}"
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
---
|
---
|
||||||
# Due to inverse logic behaviour when searching for an item in an undefined list.
|
# Due to inverse logic behaviour when searching for an item in an undefined list.
|
||||||
- set_fact:
|
- name: setting facts
|
||||||
|
set_fact:
|
||||||
borgbackup_servers_group: "{{ groups.borgbackup_servers | default([]) }} "
|
borgbackup_servers_group: "{{ groups.borgbackup_servers | default([]) }} "
|
||||||
borgbackup_management_group: "{{ groups.borgbackup_management | default([]) }}"
|
borgbackup_management_group: "{{ groups.borgbackup_management | default([]) }}"
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
- name: management | get rsync.net authorized_keys file
|
- name: management | get rsync.net authorized_keys file
|
||||||
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type == 'rsync.net'
|
when: item.type == 'rsync.net'
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
@ -30,9 +30,9 @@
|
|||||||
user: "{{ ansible_user_id }}"
|
user: "{{ ansible_user_id }}"
|
||||||
key: "{{ borgbackup_management_ssh_pubkey }}"
|
key: "{{ borgbackup_management_ssh_pubkey }}"
|
||||||
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
|
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
|
||||||
manage_dir: no
|
manage_dir: false
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type == 'rsync.net'
|
when: item.type == 'rsync.net'
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
register: authkeys
|
register: authkeys
|
||||||
@ -40,7 +40,7 @@
|
|||||||
- name: management | upload local authorized_keys to rsync.net
|
- name: management | upload local authorized_keys to rsync.net
|
||||||
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
when: item.type == 'rsync.net' and authkeys.changed
|
when: item.type == 'rsync.net' and authkeys.changed
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
|
|
||||||
@ -49,7 +49,7 @@
|
|||||||
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
||||||
state: absent
|
state: absent
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
become: no
|
become: false
|
||||||
with_items: "{{ borgbackup_servers }}"
|
with_items: "{{ borgbackup_servers }}"
|
||||||
when: authkeys.changed
|
when: authkeys.changed
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
Loading…
Reference in New Issue
Block a user