sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Add vacku + vault]

Browse Source
This commit is contained in:
sgratias
2025-06-03 23:09:19 +02:00
parent 0fcc70f430
commit 146d4fbd77
4 changed files with 115 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

140
backup.yml
View File

@@ -3,53 +3,18 @@
# become: true
gather_facts: false
vars:
user: staffadmin
username: jingohalert
password: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
35393433316665666435363662633832663632666532383539643365343263396536616533653435
6536336661663262356135363538616362306333613036650a303064313266383962643263366431
63636431646463613034633537313735646337363966616432363161643936313337643636383536
3164396237373336610a616337613334393037346366653463396265336162663638336132366463
3431
# vault_pass: !vault |
# $ANSIBLE_VAULT;1.2;AES256;prod
# 31393635346263633965326334656663323439643166313736343337343032303234653264653065
# 3933333731343231643033373436653764326131616635640a356566616337373031333065303166
# 36363839323432353936336438636130373134353364326264393563663561346438356533656262
# 3630386265633339630a306334363336396539353133383236316138333538623064333036316233
# 6464
user: sgratias
token: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
36663034636138333863626233623737363834333134333235656132333933356237396132383266
3266326438656130623337653464633062343433623333620a386561353637613263323837313230
66666633373066363862343766646431396632653332333830323136343230336464333635343136
3732643432306338640a666334373636653164646135633966333339323935363433663130313235
36613831356265373964623464356263333666366539663131396535613633346138613665383864
6331393663346638663832313035653765303938376230363936
30383538646164373137616166636632353964373362323735626239656337306139616265323138
3834383331316466653565323632616163353964643637660a363262383461363234363738613034
64383132373061653337313365333734646635396635313133613861303730303163383764653664
6537633761353939330a356236623265383931643530316430303938303735306536343163323163
62636236346362663036343765363830383738623563613161373637383239623134376163653662
3565333032326133326232326633386332633639373862313463
tasks:
# ! alertmanager + ntfy
# route:
# receiver: 'ntfy'
# repeat_interval: 4h
# group_by: [ alertname ]
# receivers:
# - name: "ntfy"
# webhook_configs:
# - url: "http://ntfy-alertmanager:8080"
# - command:
# cmd: "echo 'mescouilles'"
# - debug:
# msg: "test ok"
# delegate_to: localhost
@@ -60,7 +25,7 @@
# msg: "{{ lookup('community.hashi_vault.hashi_vault', 'secret=apps/data/postgres token=prout url=https://hash.jingoh.fr') }}"
- ansible.builtin.git:
repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/staffadmin/backup.git
repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/sgratias/backup.git
dest: "{{ playbook_dir }}/backup"
single_branch: yes
force: true
@@ -121,90 +86,39 @@
- /opt/dockerapps/appdata/vaultwarden/config.json
#! wg portal
- /opt/dockerapps/appdata/wg-portal/config/config.yml
# - name: Get a cert from an https port
# community.crypto.get_certificate:
# host: "gitea.jingoh.fr"
# port: 443
# delegate_to: localhost
# run_once: true
# register: cert
# tags: test3
# - ansible.builtin.command:
# cmd: "echo 'mescouilles'"
# register: toto
# tags: test3
# - debug:
# msg: "{{ toto }}"
# tags: test3
#! wg portal
- /opt/dockerapps/appdata/mailserver/etc/config.toml
- name: Push backup to git
ansible.builtin.shell: |
git config user.email "stephane.gratiasquiquandon@gmail.com"
git config user.name "staffadmin"
git config user.name "sgratias"
git add .
git commit -m "Push Backup with access token"
git push https://{{ user }}:{{ token }}@gitea.jingoh.fr/staffadmin/backup.git
git push https://{{ user }}:{{ token }}@gitea.jingoh.fr/sgratias/backup.git
args:
chdir: "{{ playbook_dir }}/backup/"
run_once: true
delegate_to: localhost
# - name: Get a cert from an https port
# community.crypto.get_certificate:
# host: "gitea.jingoh.fr"
# port: 443
# delegate_to: localhost
# run_once: true
# register: cert
# tags: test
# - name: set
# ansible.builtin.set_fact:
# cert_date: "{{ cert.not_after | to_datetime('%Y%m%d%H%M%SZ') }}"
# tags: test
# - debug:
# msg: "{{ cert.not_after | to_datetime('%Y%m%d%H%M%SZ')}}"
# tags: test
# - debug:
# msg: "{{ cert.not_after | to_datetime }} - {{ ansible_date_time.iso8601_basic }}"
# # loop:
# # - "{{ cert.not_after }}"
# # - "{{ ansible_date_time.iso8601_basic }}"
# tags: test
# - debug:
# msg: "{{ item }}"
# loop:
# - "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days }}"
# # - "{{ ansible_date_time.date.total_seconds() }}"
# tags: test
# when:
# - "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days < 30 }}"
# curl -u "$username:$password" -H "Title: HTTPS Certificats" -H "ta:closed_lock_with_key" -d "*.jingoh.fr Less than 20 days" https://alert.jingoh.fr/scaleway
# # when: cert.not_after - ansible_date_time.iso8601_basic >
- name: NTFY when docker compose changed
uri:
url: "https://alert.jingoh.fr/scaleway"
method: POST
user: "{{ username }}"
password: "{{ password }}"
headers:
Title: "docker-compose changed"
ta: "file_folder"
body: "Docker compose backup in gitea"
status_code: 200
tags: test1
delegate_to: localhost
when: fetch_files_backup.changed is true
# when: cert.not_after - ansible_date_time.iso8601_basic >
# - name: NTFY when docker compose changed
# uri:
# url: "https://alert.jingoh.fr/scaleway"
# method: POST
# headers:
# user: "{{ username }}"
# password: "{{ password }}"
# Title: "docker-compose changed"
# ta: "file_folder"
# body: "Docker compose backup in gitea"
# status_code: 200
# tags: test1
# delegate_to: localhost
# when: fetch_files_backup.changed is true
# when:
# - "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days < 10 }}"