From: Frank Brehm <frank.brehm@pixelpark.com>
Date: Tue, 17 Dec 2024 13:14:59 +0000 (+0100)
Subject: Extending Ansible role 389ds-offline-backup
X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=275fdd454d37a7a340709e12aff39f5e3029e183;p=pixelpark%2Fpp-admin-tools.git

Extending Ansible role 389ds-offline-backup
---

diff --git a/inventory/dpx-ldap-dev1.yaml b/inventory/dpx-ldap-dev1.yaml
index 35d884b..c8c5144 100644
--- a/inventory/dpx-ldap-dev1.yaml
+++ b/inventory/dpx-ldap-dev1.yaml
@@ -16,7 +16,8 @@ all:
           slapd_instance: dev-ds03
           ldap_uri: 'ldaps://dev-ds03.pixelpark.com'
       vars:
-        suffix: 'o=isp'
+        default_suffix: 'o=isp'
+        default_backend_name: 'userroot'
         dirsrv_root_dn: 'cn=admin'
         dirsrv_root_passwd_file: '/root/.private/dirsrv-mngr-pwd-wonl.txt'
         replication_manager_dn: 'cn=Replication Manager,cn=config'
diff --git a/inventory/dpx-ldap-prd.yaml b/inventory/dpx-ldap-prd.yaml
index f87cff3..f6d4205 100644
--- a/inventory/dpx-ldap-prd.yaml
+++ b/inventory/dpx-ldap-prd.yaml
@@ -16,7 +16,8 @@ all:
           slapd_instance: prd-ds13
           ldap_uri: 'ldaps://prd-ds13.pixelpark.com'
       vars:
-        suffix: 'o=isp'
+        default_suffix: 'o=isp'
+        default_backend_name: 'userroot'
         dirsrv_root_dn: 'cn=admin'
         dirsrv_root_passwd_file: '/root/.private/dirsrv-mngr-pwd-wonl.txt'
         replication_manager_dn: 'cn=Replication Manager,cn=config'
diff --git a/inventory/dpx-ldap-test.yaml b/inventory/dpx-ldap-test.yaml
index 23d81c7..9adb63c 100644
--- a/inventory/dpx-ldap-test.yaml
+++ b/inventory/dpx-ldap-test.yaml
@@ -16,7 +16,8 @@ all:
           slapd_instance: test-ds03
           ldap_uri: 'ldaps://test-ds03.pixelpark.com'
       vars:
-        suffix: 'dc=pixelpark,dc=net'
+        default_suffix: 'dc=pixelpark,dc=net'
+        default_backend_name: 'userroot'
         dirsrv_root_dn: 'cn=admin'
         dirsrv_root_passwd_file: '/root/.private/dirsrv-mngr-pwd-wonl.txt'
         replication_manager_dn: 'cn=Replication Manager,cn=config'
diff --git a/inventory/spk-ldap-live.yaml b/inventory/spk-ldap-live.yaml
index e79c716..34e284f 100644
--- a/inventory/spk-ldap-live.yaml
+++ b/inventory/spk-ldap-live.yaml
@@ -17,7 +17,8 @@ all:
         live-ldap-hap02.spk.pixelpark.net: {}
   vars:
     ansible_user: root
-    suffix: 'dc=spk,dc=pixelpark,dc=net'
+    default_suffix: 'dc=spk,dc=pixelpark,dc=net'
+    default_backend_name: 'userroot'
     dirsrv_root_dn: 'cn=admin'
     dirsrv_root_passwd_file: '/root/.private/dirsrv-mngr-pwd-wonl.txt'
     replication_manager_dn: 'cn=Replication Manager,cn=config'
diff --git a/inventory/spk-ldap-stage.yaml b/inventory/spk-ldap-stage.yaml
index 4be4adb..473552a 100644
--- a/inventory/spk-ldap-stage.yaml
+++ b/inventory/spk-ldap-stage.yaml
@@ -27,7 +27,8 @@ all:
         live-ldap-hap02.spk.pixelpark.net: {}
   vars:
     ansible_user: root
-    suffix: 'dc=spk,dc=pixelpark,dc=net'
+    default_suffix: 'dc=spk,dc=pixelpark,dc=net'
+    default_backend_name: 'userroot'
     dirsrv_root_dn: 'cn=admin'
     dirsrv_root_passwd_file: '/root/.private/dirsrv-mngr-pwd-wonl.txt'
     replication_manager_dn: 'cn=Replication Manager,cn=config'
diff --git a/roles/389ds-offline-backup/defaults/main.yaml b/roles/389ds-offline-backup/defaults/main.yaml
index 26012b3..4a78509 100644
--- a/roles/389ds-offline-backup/defaults/main.yaml
+++ b/roles/389ds-offline-backup/defaults/main.yaml
@@ -4,9 +4,12 @@ stop_instance: false
 ds389_instance_was_stopped: false
 
 backup_directory: '/var/backup'
+ds389_backup_directory: '/var/backup/dirsrv'
 create_backup_directory: false
 
-directories_to_backup:
+ds389_create_filesystem_backups: false
+
+ds389_directories_to_backup:
   - /etc/dirsrv
   - /root
   - /home
diff --git a/roles/389ds-offline-backup/tasks/backend.yaml b/roles/389ds-offline-backup/tasks/backend.yaml
new file mode 100644
index 0000000..a390d9b
--- /dev/null
+++ b/roles/389ds-offline-backup/tasks/backend.yaml
@@ -0,0 +1,37 @@
+---
+# Creating offline backup of a particular LDAP server backend
+# -----------------------------------------------------------
+
+- debug:
+    msg: "Creating offline backup of 389ds directory server backend {{ backend_name | quote }} of instance {{ slapd_instance | quote }}."
+
+- name: "Define backup file."
+  ansible.builtin.set_fact:
+    backup_file: "{{ ds389_backup_directory }}/dump-offline-dirsrv.{{ slapd_instance }}.{{ backend_name }}.{{ cur_timestamp }}.ldif"
+
+- name: "Define command for offline backup."
+  ansible.builtin.set_fact:
+    cmd_offline_backup: "dsctl -v {{ full_slapd_instance | quote }} db2ldif --replication {{ backend_name | quote }} {{ backup_file | quote }}"
+
+- name: "The offline backup command:"
+  debug:
+    var: cmd_offline_backup
+    verbosity: 0
+
+- name: "Executing offline backup."
+  ansible.builtin.shell: "{{ cmd_offline_backup }}"
+  register: offline_backup_result
+
+- name: "Offline backup results:"
+  debug:
+    var: offline_backup_result.stdout
+    verbosity: 0
+
+- name: "Compressing the offline backup file."
+  community.general.archive:
+    path: "{{ backup_file }}"
+    dest: "{{ backup_file }}.bz2"
+    format: bz2
+    remove: true
+
+# vim: filetype=yaml
diff --git a/roles/389ds-offline-backup/tasks/main.yaml b/roles/389ds-offline-backup/tasks/main.yaml
index 3f1433a..23efae3 100644
--- a/roles/389ds-offline-backup/tasks/main.yaml
+++ b/roles/389ds-offline-backup/tasks/main.yaml
@@ -24,6 +24,50 @@
     slapd_is_running: false
   when: ( get_slapd_status.stdout | regex_search('^Instance \".*\" is not running', ignorecase=True) ) is not empty
 
+- name: "Get backends and suffixes from the running instance."
+  when: slapd_is_running == true
+  block:
+
+    - name: "Retrieve all backends."
+      ansible.builtin.shell: "dsconf {{ slapd_instance | quote  }} backend suffix list"
+      register: get_backend_suffix_list
+      changed_when: false
+      check_mode: false
+
+    - name: "Show current get_backend_suffix_list"
+      debug:
+        var: get_backend_suffix_list
+        verbosity: 2
+
+    - name: "Set backend variable"
+      no_log: true
+      set_fact:
+        suffix_names: "{{ get_backend_suffix_list.stdout_lines | map('regex_replace', '\\s+\\(.+\\)\\s*$', '') | list }}"
+        backend_names: "{{ get_backend_suffix_list.stdout_lines | map('regex_replace', '^.*\\((.+)\\)\\s*$', '\\1') | list }}"
+
+    - name: "Set suffixes dict"
+      no_log: true
+      set_fact:
+        suffixes: "{{ dict( suffix_names | zip(backend_names) ) }}"
+
+    - name: "Show current suffixes"
+      debug:
+        var: suffixes
+        verbosity: 0
+
+- name: "Use default backend name and suffix, because instance is not running."
+  when: slapd_is_running != true
+  block:
+
+    - name: "Define suffixes from defaults because instance is not running."
+      ansible.builtin.set_fact:
+        suffixes: "{{ [[default_suffix, default_backend_name]] | community.general.dict }}"
+
+    - name: "Show default suffixes"
+      debug:
+        var: suffixes
+        verbosity: 0
+
 - name: "Stopping instance, if running"
   when: stop_instance == true and slapd_is_running == true
   block:
@@ -53,6 +97,15 @@
         msg: "Cannot perform offline backup, LDAP server instance {{ slapd_instance | quote }} is still running."
       when: ansible_check_mode == false
 
+- name: "Perform the offline backup."
+  include_tasks: 'backend.yaml'
+  vars:
+    backend_name: "{{ backend.name }}"
+    suffix: "{{ backend.suffix }}"
+  loop: "{{ suffixes | dict2items(key_name='suffix', value_name='name') }}"
+  loop_control:
+    loop_var: backend
+
 - name: "Start LDAP server instance, when it was stopped before."
   when: ds389_instance_was_stopped == true
   block: