From f5e98ace8c2ed91bac0791bd2fb641a20983f0a6 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Tue, 17 Dec 2024 16:06:03 +0100 Subject: [PATCH] Completing (hpefully) dirsrv offline backup --- playbooks/offline-backup-ldap-server.yaml | 2 + .../tasks/directories.yaml | 11 ++++ .../389ds-offline-backup/tasks/directory.yaml | 51 +++++++++++++++++++ .../tasks/filesystem.yaml | 18 +++++++ .../tasks/filesystems.yaml | 17 +++++++ .../389ds-offline-backup/tasks/hashfile.yaml | 26 ++++++++++ roles/389ds-offline-backup/tasks/main.yaml | 7 +++ 7 files changed, 132 insertions(+) create mode 100644 roles/389ds-offline-backup/tasks/directories.yaml create mode 100644 roles/389ds-offline-backup/tasks/directory.yaml create mode 100644 roles/389ds-offline-backup/tasks/filesystem.yaml create mode 100644 roles/389ds-offline-backup/tasks/filesystems.yaml create mode 100644 roles/389ds-offline-backup/tasks/hashfile.yaml diff --git a/playbooks/offline-backup-ldap-server.yaml b/playbooks/offline-backup-ldap-server.yaml index fec708c..bb412a2 100644 --- a/playbooks/offline-backup-ldap-server.yaml +++ b/playbooks/offline-backup-ldap-server.yaml @@ -86,6 +86,8 @@ name: 389ds-offline-backup vars: stop_instance: true + create_backup_directory: true + ds389_create_filesystem_backups: true - name: "Enabling Wazuh service." ansible.builtin.service: diff --git a/roles/389ds-offline-backup/tasks/directories.yaml b/roles/389ds-offline-backup/tasks/directories.yaml new file mode 100644 index 0000000..cc7af07 --- /dev/null +++ b/roles/389ds-offline-backup/tasks/directories.yaml @@ -0,0 +1,11 @@ +--- + +# Ensuring backup directories + +- name: "Ensure existence of backup directories." + include_tasks: "directory.yaml" + loop: "{{ [backup_directory, ds389_backup_directory] }}" + loop_control: + loop_var: directory + +# vim: filetype=yaml diff --git a/roles/389ds-offline-backup/tasks/directory.yaml b/roles/389ds-offline-backup/tasks/directory.yaml new file mode 100644 index 0000000..383d297 --- /dev/null +++ b/roles/389ds-offline-backup/tasks/directory.yaml @@ -0,0 +1,51 @@ +--- + +- debug: + msg: "Ensuring backup directory {{ directory | quote }}." + +- name: "Get stat of directory." + ansible.builtin.stat: + path: "{{ directory }}" + register: stat_backup_directory + +- name: "File stat of directory." + debug: + var: stat_backup_directory + verbosity: 3 + +- name: "Directory path exists." + when: stat_backup_directory.stat.exists == true + block: + + - debug: + msg: "Path {{ directory | quote }} to backup directory already exists." + verbosity: 1 + + - name: "Check, whether path is a directory." + ansible.builtin.fail: + msg: "The path {{ directory | quote }} exists, but is not a directory." + when: stat_backup_directory.stat.isdir != true + +- name: "Directory path does not exists." + when: stat_backup_directory.stat.exists != true + block: + + - name: "Backup directory does not exists" + ansible.builtin.fail: + msg: "Backup directory {{ directory | quote }} does not exists." + when: create_backup_directory != true and ansible_check_mode != true + + - debug: + msg: "Backup directory {{ directory | quote }} still does not exists." + + - name: "Creating backup directory." + ansible.builtin.file: + path: "{{ directory }}" + state: directory + recurse: yes + owner: root + group: root + mode: '0755' + when: create_backup_directory == true + +# vim: filetype=yaml diff --git a/roles/389ds-offline-backup/tasks/filesystem.yaml b/roles/389ds-offline-backup/tasks/filesystem.yaml new file mode 100644 index 0000000..78ec8d8 --- /dev/null +++ b/roles/389ds-offline-backup/tasks/filesystem.yaml @@ -0,0 +1,18 @@ +--- + +- name: "Defining target archive file." + ansible.builtin.set_fact: + archive_file: "{{ backup_directory }}/backup.{{ slapd_instance }}.{{ filesystem | regex_replace('^/*') | regex_replace('/+', '_') }}.{{ cur_timestamp }}.tar.bz2 }}" + +- debug: + msg: "Creating archive {{ archive_file }} from directory {{ filesystem | quote }}." + +- name: "Creating archive file." + community.general.archive: + path: "{{ filesystem }}" + dest: "{{ archive_file }}" + format: bz2 + remove: false + force_archive: true + +# vim: filetype=yaml diff --git a/roles/389ds-offline-backup/tasks/filesystems.yaml b/roles/389ds-offline-backup/tasks/filesystems.yaml new file mode 100644 index 0000000..1f045bc --- /dev/null +++ b/roles/389ds-offline-backup/tasks/filesystems.yaml @@ -0,0 +1,17 @@ +--- + +# Backing up complete important filesystems of 389ds directory servers + +- name: "Archiving a complete filesystem." + include_tasks: "filesystem.yaml" + loop: "{{ ds389_directories_to_backup }}" + loop_control: + loop_var: filesystem + +- name: "Create hash sum files from created archives." + include_tasks: "hashfile.yaml" + loop: "{{ ['md5', 'sha256', 'sha512'] }}" + loop_control: + loop_var: hash_type + +# vim: filetype=yaml diff --git a/roles/389ds-offline-backup/tasks/hashfile.yaml b/roles/389ds-offline-backup/tasks/hashfile.yaml new file mode 100644 index 0000000..8ebcad1 --- /dev/null +++ b/roles/389ds-offline-backup/tasks/hashfile.yaml @@ -0,0 +1,26 @@ +--- + +- name: "Defining hash sum file." + ansible.builtin.set_fact: + hash_file: "{{ backup_directory }}/backup-tars.{{ slapd_instance }}.{{ cur_timestamp }}.{{ hash_type }}" + +- debug: + msg: "Creating {{ hash_file | quote }} from files {{ backup_directory }}/backup.{{ slapd_instance }}.*.{{ cur_timestamp }}.tar.bz2 }}" + +- name: "Defining command for creating hash sum file." + ansible.builtin.set_fact: + hash_cmd: "{{ hash_type }}sum backup.{{ slapd_instance }}.*.{{ cur_timestamp }}.tar.bz2 > {{ hash_file | quote }}" + +- name: "Command for creating hash sum file." + debug: + var: hash_cmd + verbosity: 0 + +- name: "Creating hash sum file." + ansible.builtin.shell: + chdir: "{{ backup_directory }}" + cmd: "{{ hash_cmd }}" + creates: "{{ hash_file }}" + + +# vim: filetype=yaml diff --git a/roles/389ds-offline-backup/tasks/main.yaml b/roles/389ds-offline-backup/tasks/main.yaml index 23efae3..e812f3f 100644 --- a/roles/389ds-offline-backup/tasks/main.yaml +++ b/roles/389ds-offline-backup/tasks/main.yaml @@ -19,6 +19,9 @@ var: get_slapd_status verbosity: 2 +- name: "Ensuring backup directories." + include_tasks: "directories.yaml" + - name: "Getting running state of slapd instance." ansible.builtin.set_fact: slapd_is_running: false @@ -106,6 +109,10 @@ loop_control: loop_var: backend +- name: "Archiving directories." + include_tasks: "filesystems.yaml" + when: ds389_create_filesystem_backups == true + - name: "Start LDAP server instance, when it was stopped before." when: ds389_instance_was_stopped == true block: -- 2.39.5