Remove unused roles from main playbook

group_vars/all/main.yaml

@@ -135,7 +135,7 @@ sudo_rules:
 
 restic_repos:
   - name: b2
-    repo: "b2:kill0-infra-backup:"
+    repo: "b2:kill0-infra-backup:/{{ inventory_hostname_short }}"
     environment:
       RESTIC_PASSWORD: "{{ vault_restic_repo_b2_password }}"
       B2_ACCOUNT_ID: "{{ vault_restic_repo_b2_account_id }}"

playbook.yaml

@@ -6,8 +6,6 @@
     - util
     - sudo
     - hostsfile
-    - { role:  vm_guest, when: "ansible_virtualization_type is defined" }
-    - grub
     - certs
     - rsyslog
     - users
@@ -19,8 +17,6 @@
     - chrony
     - unattended-upgrades
     - postfix
-    - aide
-    - telegraf
     - restic
     - node_exporter
     - blackbox_exporter

roles/restic/files/hooks/gitea.sh

@@ -33,7 +33,7 @@ main() {
             gitea dump \
             --config "$GITEA_CONFIG" \
             --work-path "$GITEA_WORK_PATH" \
-            --custom-path "$GITEA_CUSTOM_PATH" > /dev/null
+            --custom-path "$GITEA_CUSTOM_PATH" >/dev/null 2>&1
         printf "gitea dump complete\n"
         popd > /dev/null || printf "could not chdir to %s\n" "$OLDPWD"
     elif [ "$1" == "post" ]; then

roles/restic/files/restic-job.sh

@@ -19,8 +19,14 @@ NICE="ionice -c2 nice -n19"
 JOB=$1
 LOCK="/run/restic/${JOB}.lock"
 
+KEEP_HOURLY=${KEEP_HOURLY:-24}
+KEEP_DAILY=${KEEP_DAILY:-7}
+KEEP_WEEKLY=${KEEP_WEEKLY:-5}
+KEEP_MONTHLY=${KEEP_MONTHLY:-12}
+KEEP_YEARLY=${KEEP_YEARLY:-10}
+
 function finish {
-    if [ -z $KEEP_LOCK ]; then
+    if [ -z "$KEEP_LOCK" ]; then
         rm -f "$LOCK"
     fi
 }
@@ -90,6 +96,25 @@ echo $$ > "$LOCK"
 
 LOCKED=$(($(date +%s) - START))
 
+printf "prune: started, keep hourly:%d daily:%d weekly:%d monthly:%d year:%d\n" \
+    "$KEEP_HOURLY" \
+    "$KEEP_DAILY" \
+    "$KEEP_WEEKLY" \
+    "$KEEP_MONTHLY" \
+    "$KEEP_YEARLY"
+
+$RESTIC_PATH forget \
+    --quiet \
+    --host "$(hostname -f)" \
+    --keep-hourly "$KEEP_HOURLY" \
+    --keep-daily "$KEEP_DAILY" \
+    --keep-weekly "$KEEP_WEEKLY" \
+    --keep-monthly "$KEEP_MONTHLY" \
+    --keep-yearly "$KEEP_YEARLY" \
+    --prune
+
+printf "prune: complete\n"
+
 printf "job '%s' started\n" "$JOB"
 
 if [ -d "${HOOKS_PATH}" ]; then
@@ -127,7 +152,7 @@ until [ $counter -eq "$MAX_ATTEMPTS" ] || [ $rc -eq 0 ]; do
 done
 printf "restic complete\n"
 
-if [ $rc -ne 0 ] && [ $counter -eq "$MAX_ATTEMPTS" ]; then
+if [ $rc -ne 0 ] && [ "$counter" -eq "$MAX_ATTEMPTS" ]; then
   printf "restic job timed out, exiting\n"
 else
     printf "job '%s' complete\n" "$JOB"

roles/restic/files/restic-tidy.sh

@@ -13,7 +13,7 @@ LOCK="${LOCK_PATH}/tidy.lock"
 KEEP_LOCK=
 
 function finish {
-    if [ -z $KEEP_LOCK ]; then
+    if [ -z "$KEEP_LOCK" ]; then
         rm -f "$LOCK"
     fi
 }
@@ -109,7 +109,7 @@ until [ $counter -eq "$MAX_ATTEMPTS" ] || [ $rc -eq 0 ]; do
     (( counter++ ))
 done
 
-if [ $rc -ne 0 ] && [ $counter -eq "$MAX_ATTEMPTS" ]; then
+if [ $rc -ne 0 ] && [ "$counter" -eq "$MAX_ATTEMPTS" ]; then
     printf "tidy timed out, exiting\n"
 else
     printf "complete\n"

workstation.yaml

@@ -111,8 +111,6 @@
         network_config:
           address: 172.17.10.53/24
           gateway: 172.17.10.1
-  roles:
-  - libvirt
 - hosts: rabbitmq_servers
   become: true
   vars: