ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

Compare commits

base: ryanc:4a7cd07ac9190c00b2c895e403ffc69e95137f77
Branches Tags
ryanc:master
...
compare: ryanc:55676661dbeef99be8b48e222c7a95b7a01479bb
Branches Tags
ryanc:master

4 Commits
4a7cd07ac9 ... 55676661db

Author SHA1 Message Date
Ryan Cavicchioni
55676661db
add more standard utils 2019-12-18 22:09:35 -06:00
Ryan Cavicchioni
8ab9c36366
add more restic helper scripts 2019-12-18 22:09:05 -06:00
Ryan Cavicchioni
0eb5699a8d
enable remote syslog 2019-12-18 22:08:03 -06:00
Ryan Cavicchioni
0ff318ae00
update minecraft server 2019-12-18 22:07:13 -06:00
11 changed files with 232 additions and 123 deletions
Show Stats Expand all files Collapse all files

4
roles/minecraft/defaults/main.yaml
View File

@ -11,8 +11,8 @@ minecraft_port: 25565
minecraft_user: minecraft minecraft_user: minecraft
minecraft_group: minecraft minecraft_group: minecraft
minecraft_jar_url: https://launcher.mojang.com/v1/objects/e9f105b3c5c7e85c7b445249a93362a22f62442d/server.jar minecraft_jar_url: https://launcher.mojang.com/v1/objects/4d1826eebac84847c71a77f9349cc22afd0cf0a1/server.jar
minecraft_jar_checksum: sha256:e0fe1749263b5ec211b358b598b46e787645bffa8411414f0c812a92bdc70c84 minecraft_jar_checksum: sha256:a0c062686bee5a92d60802ca74d198548481802193a70dda6d5fe7ecb7207993
minecraft_opt_path: /opt/minecraft minecraft_opt_path: /opt/minecraft
minecraft_var_path: "{{ minecraft_opt_path }}/var" minecraft_var_path: "{{ minecraft_opt_path }}/var"

75
roles/restic/files/restic-job.sh Normal file
View File

@ -0,0 +1,75 @@
#!/bin/bash
# Ansible managed
error_exit() {
printf "%s\n" "$1"
exit 1
}
RESTIC_ETC_PATH=${RESTIC_ETC_PATH:-/etc/restic}
RESTIC_PATH=${RESTIC_PATH:-/usr/local/bin/restic}
MAX_ATTEMPTS=60
NICE="ionice -c2 nice -n19"
JOB=$1
if [ -z "$JOB" ]; then
error_exit "job is missing"
fi
JOB_PATH="${RESTIC_ETC_PATH}/jobs/${JOB}"
JOB_ENV="${JOB_PATH}/env.sh"
if [ ! -r "$JOB_ENV" ]; then
error_exit "${JOB_ENV} does not exist"
fi
# shellcheck disable=SC1090
. "$JOB_ENV"
if [ -z "${REPO+x}" ]; then
error_exit "\$REPO is not set"
fi
REPO_PATH="${RESTIC_ETC_PATH}/repos/${REPO}"
REPO_ENV="${REPO_PATH}/env.sh"
if [ ! -r "$REPO_ENV" ]; then
error_exit "${REPO_ENV} does not exist"
fi
# shellcheck disable=SC1090
. "$REPO_ENV"
EXCLUDE_PATH="${JOB_PATH}/exclude.txt"
if [ -z "${PATHS+x}" ]; then
error_exit "\$PATHS is not set"
fi
counter=0
sleep=1
rc=1
until [ $counter -eq "$MAX_ATTEMPTS" ] || [ $rc -eq 0 ]; do
if [ -r "$EXCLUDE_PATH" ]; then
$NICE "$RESTIC_PATH" backup -q --exclude-file="${EXCLUDE_PATH}" "${PATHS}"
else
$NICE "$RESTIC_PATH" backup -q "${PATHS}"
fi
rc=$?
if [ $rc -ne 0 ]; then
sleep=$((counter * 5))
printf "sleeping for %d seconds (%d)\n" $sleep $counter
sleep $sleep
fi
(( counter++ ))
done
if [ $rc -ne 0 ] && [ $counter -eq "$MAX_ATTEMPTS" ]; then
printf "restic job timed out, exiting\n"
fi

30
roles/restic/files/restic-repo.sh Normal file
View File

@ -0,0 +1,30 @@
#!/bin/bash
# Ansible managed
error_exit() {
printf "%s\n" "$1"
exit 1
}
RESTIC_ETC_PATH=${RESTIC_ETC_PATH:-/etc/restic}
RESTIC_PATH=${RESTIC_PATH:-/usr/local/bin/restic}
if [ $# -lt 2 ]; then
error_exit "missing arguments"
fi
REPO=$1
shift
REPO_PATH="${RESTIC_ETC_PATH}/repos/${REPO}"
REPO_ENV="${REPO_PATH}/env.sh"
if [ ! -r "$REPO_ENV" ]; then
error_exit "${REPO_ENV} does not exist"
fi
# shellcheck disable=SC1090
. "$REPO_ENV"
$RESTIC_PATH "$@"

68
roles/restic/files/restic-tidy.sh Normal file
View File

@ -0,0 +1,68 @@
#!/bin/bash
# {{ ansible_managed }}
error_exit() {
printf "%s\n" "$1"
exit 1
}
RESTIC_ETC_PATH=${RESTIC_ETC_PATH:-/etc/restic}
RESTIC_PATH=${RESTIC_PATH:-/usr/local/bin/restic}
MAX_ATTEMPTS=60
MAX_SLEEP=43200 # 12 hours
REPO=$1
if [ -z "$REPO" ]; then
error_exit "repo is missing"
fi
REPO_PATH="${RESTIC_ETC_PATH}/repos/${REPO}"
REPO_ENV="${REPO_PATH}/env.sh"
if [ ! -r "$REPO_ENV" ]; then
error_exit "${REPO_ENV} does not exist"
fi
# shellcheck disable=SC1090
. "$REPO_ENV"
KEEP_HOURLY=${KEEP_HOURLY:-24}
KEEP_DAILY=${KEEP_DAILY:-7}
KEEP_WEEKLY=${KEEP_WEEKLY:-5}
KEEP_MONTHLY=${KEEP_MONTHLY:-12}
KEEP_YEARLY=${KEEP_YEARLY:-10}
# initial sleep
sleep "$(((RANDOM % MAX_SLEEP) + 1))s"
counter=0
sleep=1
rc=1
until [ $counter -eq "$MAX_ATTEMPTS" ] || [ $rc -eq 0 ]; do
$RESTIC_PATH forget \
--quiet \
--host "$(hostname -f)" \
--keep-hourly "$KEEP_HOURLY" \
--keep-daily "$KEEP_DAILY" \
--keep-weekly "$KEEP_WEEKLY" \
--keep-monthly "$KEEP_MONTHLY" \
--keep-yearly "$KEEP_YEARLY" \
--prune
rc=$?
if [ $rc -ne 0 ]; then
sleep=$((counter * 5))
printf "sleeping for %d seconds (%d)\n" $sleep $counter
sleep $sleep
fi
(( counter++ ))
done
if [ $rc -ne 0 ] && [ $counter -eq "$MAX_ATTEMPTS" ]; then
printf "tidy timed out, exiting\n"
fi

20
roles/restic/tasks/main.yaml
View File

@ -65,21 +65,17 @@
- "{{ restic_etc_path }}/repos" - "{{ restic_etc_path }}/repos"
- "{{ restic_etc_path }}/jobs" - "{{ restic_etc_path }}/jobs"
- name: create restic job wrapper script - name: copy restic helper scripts
template: copy:
src: restic-job.sh.j2 src: "{{ item }}"
dest: "{{ restic_bin_path }}/restic-job" dest: "{{ restic_bin_path }}/{{ item | basename | splitext | first }}"
owner: root
group: root
mode: 0755
- name: create restic tidy wrapper
template:
src: restic-tidy.sh.j2
dest: "{{ restic_bin_path }}/restic-tidy"
owner: root owner: root
group: root group: root
mode: 0755 mode: 0755
loop:
- restic-tidy.sh
- restic-repo.sh
- restic-job.sh
- name: manage repos - name: manage repos
include: repo.yaml include: repo.yaml

17
roles/restic/tasks/repo.yaml
View File

@ -36,6 +36,23 @@
group: root group: root
mode: 0400 mode: 0400
- name: symlink default repo
block:
- name: explicit default
file:
src: "{{ restic_etc_path }}/repos/{{ item.name }}"
dest: "{{ restic_etc_path }}/repos/default"
state: link
force: yes
when: item.default is defined and item.default == True
- name: implicit default
file:
src: "{{ restic_etc_path }}/repos/{{ item.name }}"
dest: "{{ restic_etc_path }}/repos/default"
state: link
force: yes
when: restic_repos | count == 1
- name: create cron - name: create cron
cron: cron:
name: "restic {{ item.name }} tidy" name: "restic {{ item.name }} tidy"

50
roles/restic/templates/restic-job.sh.j2
View File

@ -1,50 +0,0 @@
#!/bin/bash
# {{ ansible_managed }}
error_exit() {
printf "%s\n" "$1"
exit 1
}
NICE="ionice -c2 nice -n19"
JOB=$1
if [ -z "$JOB" ]; then
error_exit "job is missing"
fi
RESTIC_ETC_PATH="{{ restic_etc_path }}"
JOB_PATH="${RESTIC_ETC_PATH}/jobs/${JOB}"
JOB_ENV="${JOB_PATH}/env.sh"
if [ ! -r "$JOB_ENV" ]; then
error_exit "${JOB_ENV} does not exist"
fi
. "$JOB_ENV"
if [ -z "${REPO+x}" ]; then
error_exit "\$REPO is not set"
fi
REPO_PATH="${RESTIC_ETC_PATH}/repos/${REPO}"
REPO_ENV="${REPO_PATH}/env.sh"
if [ ! -r "$REPO_ENV" ]; then
error_exit "${REPO_ENV} does not exist"
fi
. "$REPO_ENV"
EXCLUDE_PATH="${JOB_PATH}/exclude.txt"
if [ -z "${PATHS+x}" ]; then
error_exit "\$PATHS is not set"
fi
if [ -r "$EXCLUDE_PATH" ]; then
$NICE {{ restic_path }} backup -q --exclude-file="${EXCLUDE_PATH}" "${PATHS}"
else
$NICE {{ restic_path }} backup -q "${PATHS}"
fi

59
roles/restic/templates/restic-tidy.sh.j2
View File

@ -1,59 +0,0 @@
#!/bin/bash
# {{ ansible_managed }}
error_exit() {
printf "%s\n" "$1"
exit 1
}
MAX_ATTEMPTS=60
REPO=$1
if [ -z "$REPO" ]; then
error_exit "repo is missing"
fi
RESTIC_ETC_PATH="{{ restic_etc_path }}"
REPO_PATH="${RESTIC_ETC_PATH}/repos/${REPO}"
REPO_ENV="${REPO_PATH}/env.sh"
if [ ! -r "$REPO_ENV" ]; then
error_exit "${REPO_ENV} does not exist"
fi
. "$REPO_ENV"
KEEP_DAILY=${KEEP_DAILY:-7}
KEEP_WEEKLY=${KEEP_WEEKLY:-5}
KEEP_MONTHLY=${KEEP_MONTHLY:-12}
KEEP_YEARLY=${KEEP_YEARLY:-10}
counter=0
sleep=1
rc=1
until [ $counter -eq $MAX_ATTEMPTS ] || [ $rc -eq 0 ]; do
{{ restic_path }} forget \
--quiet \
--host $(hostname -f) \
--keep-daily "$KEEP_DAILY" \
--keep-weekly "$KEEP_WEEKLY" \
--keep-monthly "$KEEP_MONTHLY" \
--keep-yearly "$KEEP_YEARLY" \
--prune
rc=$?
if [ $rc -ne 0 ]; then
sleep=$((counter * 5))
printf "sleeping for %d seconds (%d)\n" $sleep $counter
sleep $sleep
fi
let counter+=1
done
if [ $rc -ne 0 ] && [ $counter -eq $MAX_ATTEMPTS ]; then
printf "tidy timed out, exiting\n"
fi

2
roles/rsyslog/defaults/main.yaml
View File

@ -17,6 +17,8 @@ rsyslog_load_modules:
- name: imklog - name: imklog
params: params:
permitnonkernelfacility: "on" permitnonkernelfacility: "on"
- name: imtcp
- name: imudp
rsyslog_work_directory: /var/spool/rsyslog rsyslog_work_directory: /var/spool/rsyslog
rsyslog_include_config: /etc/rsyslog.d/*.conf rsyslog_include_config: /etc/rsyslog.d/*.conf

26
roles/rsyslog/templates/rsyslog.conf.j2
View File

@ -13,6 +13,32 @@ module(
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% for input in rsyslog_inputs | default([]) %}
{% if input.enabled | default(true) %}
input(
type="{{ input.name }}"
{% if input.params is defined and input.params is mapping %}
{% for k, v in input.params.items() | default({}) %}
{{ k }}="{{ v }}"
{% endfor %}
{% endif %}
)
{% endif %}
{% endfor %}
{% for output in rsyslog_outputs | default([]) %}
{% if output.enabled | default(true) %}
action(
type="{{ output.name }}"
{% if output.params is defined and output.params is mapping %}
{% for k, v in output.params.items() | default({}) %}
{{ k }}="{{ v }}"
{% endfor %}
{% endif %}
)
{% endif %}
{% endfor %}
{% if rsyslog_action_file_default_template is defined %} {% if rsyslog_action_file_default_template is defined %}
$ActionFileDefaultTemplate {{ rsyslog_action_file_default_template }} $ActionFileDefaultTemplate {{ rsyslog_action_file_default_template }}
{% endif %} {% endif %}

4
roles/util/defaults/main.yaml
View File

@ -29,3 +29,7 @@ util_packages:
security: security:
- gnupg - gnupg
- pass - pass
- pwgen
text:
- jq
- crudini