sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
sgratias
2024-04-01 18:01:45 +02:00
parent 5122d62359
commit 2bf684e115
3 changed files with 185 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
backup.yml
View File

@@ -4,6 +4,21 @@
gather_facts: true
vars:
user: staffadmin
username: jingohalert
password: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
66346630333538386564396632636161316239326530653037666465616165393135666532643264
3037363865363531636635306535663736353734333733340a363639636638396662616538343335
65366439343135636634393832636436353764303066653530346232323164376265313039373630
3863613961373430340a303866363962353262623030373061616134303366336237346631383539
3130
vault_pass: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
31393635346263633965326334656663323439643166313736343337343032303234653264653065
3933333731343231643033373436653764326131616635640a356566616337373031333065303166
36363839323432353936336438636130373134353364326264393563663561346438356533656262
3630386265633339630a306334363336396539353133383236316138333538623064333036316233
6464
token: !vault |
$ANSIBLE_VAULT;1.2;AES256;prod
35343365393734313034383961616333633265623037303436653739613935366666373237366562
@@ -53,3 +68,136 @@
chdir: "{{ playbook_dir }}/backup/"
run_once: true
delegate_to: localhost
- name: Get a cert from an https port
community.crypto.get_certificate:
host: "gitea.jingoh.fr"
port: 443
delegate_to: localhost
run_once: true
register: cert
tags: test
# - name: set
# ansible.builtin.set_fact:
# cert_date: "{{ cert.not_after | to_datetime('%Y%m%d%H%M%SZ') }}"
# tags: test
# - debug:
# msg: "{{ cert.not_after | to_datetime('%Y%m%d%H%M%SZ')}}"
# tags: test
# - debug:
# msg: "{{ cert.not_after | to_datetime }} - {{ ansible_date_time.iso8601_basic }}"
# # loop:
# # - "{{ cert.not_after }}"
# # - "{{ ansible_date_time.iso8601_basic }}"
# tags: test
# - debug:
# msg: "{{ item }}"
# loop:
# - "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days }}"
# # - "{{ ansible_date_time.date.total_seconds() }}"
# tags: test
# when:
# - "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days < 30 }}"
# curl -u "$username:$password" -H "Title: HTTPS Certificats" -H "ta:closed_lock_with_key" -d "*.jingoh.fr Less than 20 days" https://alert.jingoh.fr/scaleway
# # when: cert.not_after - ansible_date_time.iso8601_basic >
- name: Need to renew HTTPS
uri:
url: "https://alert.jingoh.fr/scaleway"
method: POST
user: "{{ username }}"
password: "{{ password }}"
headers:
Title: "HTTPS Certificats"
ta: "closed_lock_with_key"
body: "*.jingoh.fr Less than 10 days"
status_code: 200
tags: test
delegate_to: localhost
when:
- "{{ ((cert.not_after | to_datetime('%Y%m%d%H%M%SZ') ) - (ansible_date_time.date | to_datetime('%Y-%m-%d') )).days < 10 }}"
# - name: Exécuter le conteneur Docker
# community.docker.docker_container:
# name: vaultwarden-backup
# image: bruceforce/vaultwarden-backup
# state: started
# auto_remove: true
# command: manual
# volumes_from:
# - vault
# env:
# UID: "0"
# BACKUP_DIR: "/data/backup"
# TIMESTAMP: "true"
# ENCRYPTION_PASSWORD: "{{ vault_pass }}"
# # tags: dock
# when: inventory_hostname in groups['controller']
# - name: Supprimer les fichiers de sauvegarde de Vaultwarden plus anciens que 7 jours
# find:
# paths: /opt/dockerapps/appdata/vaultwarden/backup/
# age: 7d
# register: files_to_remove
# become: true
# when: inventory_hostname in groups['controller']
# tags: dock
# - name: Supprimer les fichiers plus anciens que 7 jours
# file:
# path: "{{ item.path }}"
# state: absent
# loop: "{{ files_to_remove.files }}"
# tags: dock
# become: true
# - name: Backup vault
# uri:
# url: "https://alert.jingoh.fr/scaleway"
# method: POST
# user: "{{ username }}"
# password: "{{ password }}"
# headers:
# Title: "Backup Vault"
# ta: "inbox_tray"
# body: "Local Backup vault done !"
# status_code: 200
# tags: dock
# delegate_to: localhost
# - name: Exécuter la commande dans le conteneur Docker
# community.docker.docker_container:
# name: gitea
# command: "gitea dump -c /data/gitea/conf/app.ini"
# user: git
# working_dir: /data/
# state: present
# interactive: no
# image: gitea/gitea:latest
# tty: no
# tags: git
# docker exec -u git -w /data/ gitea gitea dump -c /data/gitea/conf/app.ini
# mv /opt/dockerapps/appdata/gitea/gitea/gitea-dump-*.zip /opt/dockerapps/backup/
# docker exec gitea-db pg_dump -U root gitea > gitea-db-pg.sql
# mv ./gitea-db-pg.sql /opt/dockerapps/backup/
# find /opt/dockerapps/backup/ -mtime +7 -exec rm {} \;
# curl -u "$username:$password" -H "Title: Backup gitea" -H "ta:inbox_tray" -d "Local Backup gitea done !" https://alert.jingoh.fr/scaleway
# docker run --rm --volumes-from=vault -e UID=0 -e BACKUP_DIR=/data/backup -e TIMESTAMP=true -e ENCRYPTION_PASSWORD="$VAULT" bruceforce/vaultwarden-backup manual
# chown -R stephane:stephane /opt/dockerapps/appdata/vaultwarden/backup
# find /opt/dockerapps/appdata/vaultwarden/backup/ -mtime +7 -exec rm {} \;
# curl -u "$username:$password" -H "Title: Backup vault" -H "ta:inbox_tray" -d "Local Backup vault done !" https://alert.jingoh.fr/scaleway