From 4f6f82c0ef5e08a9260a107cfe9f1d72594f6b7e Mon Sep 17 00:00:00 2001 From: staffadmin Date: Tue, 11 Nov 2025 16:01:01 +0100 Subject: [PATCH] [Test ongoing] --- .gitignore | 3 +- ansible.cfg | 2 + backup.yml | 283 ++++++++++++++++++++++++++------------------------- jellyfin.yml | 11 -- 4 files changed, 147 insertions(+), 152 deletions(-) delete mode 100644 jellyfin.yml diff --git a/.gitignore b/.gitignore index b4f0aaf..5778c75 100644 --- a/.gitignore +++ b/.gitignore @@ -5,4 +5,5 @@ ressources SecLists/ scan/ dirsearch/ -reports/ \ No newline at end of file +reports/ +bw.yml diff --git a/ansible.cfg b/ansible.cfg index 5731227..6dc5624 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -4,6 +4,8 @@ callback_whitelist = timer, profile_tasks, log_plays #log_path= /var/log/ansible/ansible-base.log display_args_to_stdout= true load_callback_plugins= yes +# [ssh_connection] +# pipelining = True #callback_plugins=/Users/stephanegratias/Library/Python/3.11/lib/python/site-packages/ara/plugins/callback #to keep display output, comment stdout_callback #stdout_callback= log_plays diff --git a/backup.yml b/backup.yml index c482e01..0c67d01 100644 --- a/backup.yml +++ b/backup.yml @@ -3,6 +3,8 @@ # become: true gather_facts: false vars: + # Variables depuis Environment (non-sensibles) + app_env: "{{ lookup('env', 'test') }}" dockerapps_path: /opt/dockerapps gitea_conf: /appdata/gitea/gitea/ gitea_db: /appdata/gitea/gitea-db/gitea-db-pg.sql @@ -22,166 +24,167 @@ ###! DOCKER COMPOSE FILE ############ - # - debug: - # msg: "test ok" - # delegate_to: localhost + - debug: + msg: "{{ app_env }}" + delegate_to: localhost +#! fin test # - name: Return all secrets from a path # delegate_to: localhost # ansible.builtin.debug: # msg: "{{ lookup('community.hashi_vault.hashi_vault', 'secret=apps/data/postgres token=prout url=https://hash.jingoh.fr') }}" - - ansible.builtin.git: - repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git - dest: "{{ playbook_dir }}/backup" - single_branch: yes - force: true - delegate_to: localhost +# - ansible.builtin.git: +# repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git +# dest: "{{ playbook_dir }}/backup" +# single_branch: yes +# force: true +# delegate_to: localhost - - ansible.builtin.fetch: - src: "{{ item }}" - dest: "{{ playbook_dir }}/backup/" - register: fetch_files_backup - loop: - #! Docker-compose - - /opt/dockerapps/docker-compose.yml - # #! Dex & traefik-forward - # - /opt/dockerapps/appdata/dex/config.yml - # - /opt/dockerapps/appdata/dex/traefik-auth-conf.env - #! Gitea & Runner - - /opt/dockerapps/appdata/gitea/gitea/gitea/conf/app.ini - - /opt/dockerapps/appdata/gitea/runner/config.yaml - # - /opt/dockerapps/appdata/gitea/runner/act_runner/.runner - #! Notification - - /opt/dockerapps/appdata/alert/config/alertmanager.yml - #! Homepage - - /opt/dockerapps/appdata/homepage/homepage/bookmarks.yaml - - /opt/dockerapps/appdata/homepage/homepage/services.yaml - - /opt/dockerapps/appdata/homepage/homepage/settings.yaml - #! Semaphore - - /opt/dockerapps/appdata/semaphore/config/config.json - #! Alertmanager - - /opt/dockerapps/appdata/alertmanager/config/alertmanager.yml - #! ALertmanager 2 ntfy - - /opt/dockerapps/appdata/ntfy_alertmanager/etc/config - #! Grafana - - /opt/dockerapps/appdata/grafana/grafana.ini - - /opt/dockerapps/appdata/grafana/ldap.toml - #! prometheus - - /opt/dockerapps/appdata/prometheus/prometheus/prometheus.yml - - /opt/dockerapps/appdata/prometheus/prometheus/alerts_system.yml - - /opt/dockerapps/appdata/prometheus/prometheus/alerts_network.yml - # - /opt/dockerapps/appdata/prometheus/prometheus/alerts_internal.yml - - /opt/dockerapps/appdata/prometheus/prometheus/promtool_test.yml - # #! bind - # - /opt/dockerapps/appdata/bind/config/named.conf - # - /opt/dockerapps/appdata/bind/records/example.com.zone - # - /opt/dockerapps/appdata/bind/records/jingoh.private.zone - # #! crowdsec - # - /opt/dockerapps/appdata/crowdsec/crowdsec/parsers/s01-parse/tcpudp-flood-traefik.yaml - # - /opt/dockerapps/appdata/crowdsec/crowdsec/acquis.yaml - # - /opt/dockerapps/appdata/crowdsec/dashboard/docker/Dockerfile - # #! filebeat (kafka) - # - /opt/dockerapps/appdata/kafka/filebeat.yml - #! ldap - - /opt/dockerapps/appdata/ldap/data/lldap_config.toml - #! sftp - - /opt/dockerapps/appdata/sftp/config/sftpgo.json - #! vault_sync_ldap - - /opt/dockerapps/appdata/vault_sync_ldap/jingoh.config.toml - #! vault - - /opt/dockerapps/appdata/vaultwarden/config.json - #! wg portal - - /opt/dockerapps/appdata/wg-portal/config/config.yml - # #! wg portal - # - /opt/dockerapps/appdata/mailserver/etc/config.toml - #! gatus - - /opt/dockerapps/appdata/gatus/config.yml - #! syncthing - - /opt/dockerapps/appdata/syncthing/config/config.xml - #! authelia - - /opt/dockerapps/appdata/authelia/config/configuration.yml +# - ansible.builtin.fetch: +# src: "{{ item }}" +# dest: "{{ playbook_dir }}/backup/" +# register: fetch_files_backup +# loop: +# #! Docker-compose +# - /opt/dockerapps/docker-compose.yml +# # #! Dex & traefik-forward +# # - /opt/dockerapps/appdata/dex/config.yml +# # - /opt/dockerapps/appdata/dex/traefik-auth-conf.env +# #! Gitea & Runner +# - /opt/dockerapps/appdata/gitea/gitea/gitea/conf/app.ini +# - /opt/dockerapps/appdata/gitea/runner/config.yaml +# # - /opt/dockerapps/appdata/gitea/runner/act_runner/.runner +# #! Notification +# - /opt/dockerapps/appdata/alert/config/alertmanager.yml +# #! Homepage +# - /opt/dockerapps/appdata/homepage/homepage/bookmarks.yaml +# - /opt/dockerapps/appdata/homepage/homepage/services.yaml +# - /opt/dockerapps/appdata/homepage/homepage/settings.yaml +# #! Semaphore +# - /opt/dockerapps/appdata/semaphore/config/config.json +# #! Alertmanager +# - /opt/dockerapps/appdata/alertmanager/config/alertmanager.yml +# #! ALertmanager 2 ntfy +# - /opt/dockerapps/appdata/ntfy_alertmanager/etc/config +# #! Grafana +# - /opt/dockerapps/appdata/grafana/grafana.ini +# - /opt/dockerapps/appdata/grafana/ldap.toml +# #! prometheus +# - /opt/dockerapps/appdata/prometheus/prometheus/prometheus.yml +# - /opt/dockerapps/appdata/prometheus/prometheus/alerts_system.yml +# - /opt/dockerapps/appdata/prometheus/prometheus/alerts_network.yml +# # - /opt/dockerapps/appdata/prometheus/prometheus/alerts_internal.yml +# - /opt/dockerapps/appdata/prometheus/prometheus/promtool_test.yml +# # #! bind +# # - /opt/dockerapps/appdata/bind/config/named.conf +# # - /opt/dockerapps/appdata/bind/records/example.com.zone +# # - /opt/dockerapps/appdata/bind/records/jingoh.private.zone +# # #! crowdsec +# # - /opt/dockerapps/appdata/crowdsec/crowdsec/parsers/s01-parse/tcpudp-flood-traefik.yaml +# # - /opt/dockerapps/appdata/crowdsec/crowdsec/acquis.yaml +# # - /opt/dockerapps/appdata/crowdsec/dashboard/docker/Dockerfile +# # #! filebeat (kafka) +# # - /opt/dockerapps/appdata/kafka/filebeat.yml +# #! ldap +# - /opt/dockerapps/appdata/ldap/data/lldap_config.toml +# #! sftp +# - /opt/dockerapps/appdata/sftp/config/sftpgo.json +# #! vault_sync_ldap +# - /opt/dockerapps/appdata/vault_sync_ldap/jingoh.config.toml +# #! vault +# - /opt/dockerapps/appdata/vaultwarden/config.json +# #! wg portal +# - /opt/dockerapps/appdata/wg-portal/config/config.yml +# # #! wg portal +# # - /opt/dockerapps/appdata/mailserver/etc/config.toml +# #! gatus +# - /opt/dockerapps/appdata/gatus/config.yml +# #! syncthing +# - /opt/dockerapps/appdata/syncthing/config/config.xml +# #! authelia +# - /opt/dockerapps/appdata/authelia/config/configuration.yml - - name: Push backup to git - ansible.builtin.shell: | - git config user.email "{{ user_mail }}" - git config user.name "{{ user }}" - git add . - git commit -m "Push Backup with access token" - git push https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git - args: - chdir: "{{ playbook_dir }}/backup/" - run_once: true - delegate_to: localhost +# - name: Push backup to git +# ansible.builtin.shell: | +# git config user.email "{{ user_mail }}" +# git config user.name "{{ user }}" +# git add . +# git commit -m "Push Backup with access token" +# git push https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git +# args: +# chdir: "{{ playbook_dir }}/backup/" +# run_once: true +# delegate_to: localhost -############# -#! GITEA -############ +# ############# +# #! GITEA +# ############ - - ansible.builtin.file: - path: "{{ dockerapps_path }}/backup/gitea" - state: directory +# - ansible.builtin.file: +# path: "{{ dockerapps_path }}/backup/gitea" +# state: directory - # mode: '0755' -#/opt/dockerapps/appdata/gitea/gitea/gitea-dump-*.zip - - name: DUMP gitea conf - community.docker.docker_container_exec: - container: gitea - command: gitea dump -c /data/gitea/conf/app.ini - user: git - chdir: /data +# # mode: '0755' +# #/opt/dockerapps/appdata/gitea/gitea/gitea-dump-*.zip +# - name: DUMP gitea conf +# community.docker.docker_container_exec: +# container: gitea +# command: gitea dump -c /data/gitea/conf/app.ini +# user: git +# chdir: /data - - ansible.builtin.find: - paths: "{{ dockerapps_path }}{{ gitea_conf }}" - patterns: 'gitea-dump-*.zip' - register: result_gitea_conf +# - ansible.builtin.find: +# paths: "{{ dockerapps_path }}{{ gitea_conf }}" +# patterns: 'gitea-dump-*.zip' +# register: result_gitea_conf - - name: Print stdout - ansible.builtin.debug: - var: result_gitea_conf +# - name: Print stdout +# ansible.builtin.debug: +# var: result_gitea_conf - - name: Copy file with owner and permissions - ansible.builtin.copy: - src: "{{ item.path }}" - dest: "{{ dockerapps_path }}/backup/gitea/{{ item.path.split('/')[-1]}}" - remote_src: true - loop: "{{ result_gitea_conf.files }}" - # owner: foo - # group: foo - # mode: '0644' - - name: Remove old gitea-dump - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: "{{ result_gitea_conf.files }}" +# - name: Copy file with owner and permissions +# ansible.builtin.copy: +# src: "{{ item.path }}" +# dest: "{{ dockerapps_path }}/backup/gitea/{{ item.path.split('/')[-1]}}" +# remote_src: true +# loop: "{{ result_gitea_conf.files }}" +# # owner: foo +# # group: foo +# # mode: '0644' +# - name: Remove old gitea-dump +# ansible.builtin.file: +# path: "{{ item.path }}" +# state: absent +# loop: "{{ result_gitea_conf.files }}" -#! need root -# root@scaleway:/opt/dockerapps/appdata/gitea/gitea-db/gitea-db-pg.sql +# #! need root +# # root@scaleway:/opt/dockerapps/appdata/gitea/gitea-db/gitea-db-pg.sql - - name: PG_DUMP postgresql db - community.docker.docker_container_exec: - container: gitea-db - command: pg_dump -U root gitea -f /var/lib/postgresql/data/gitea-db-pg.sql - # chdir: "{{ dockerapps_path }}" - register: result_gitea_db +# - name: PG_DUMP postgresql db +# community.docker.docker_container_exec: +# container: gitea-db +# command: pg_dump -U root gitea -f /var/lib/postgresql/data/gitea-db-pg.sql +# # chdir: "{{ dockerapps_path }}" +# register: result_gitea_db - - ansible.builtin.debug: - var: result_gitea_db.stdout +# - ansible.builtin.debug: +# var: result_gitea_db.stdout - - name: Copy file with owner and permissions - become: true - ansible.builtin.copy: - src: "{{ dockerapps_path }}{{ gitea_db }}" - dest: "{{ dockerapps_path }}/backup/gitea/{{ gitea_db.split('/')[-1] }}" - remote_src: true +# - name: Copy file with owner and permissions +# become: true +# ansible.builtin.copy: +# src: "{{ dockerapps_path }}{{ gitea_db }}" +# dest: "{{ dockerapps_path }}/backup/gitea/{{ gitea_db.split('/')[-1] }}" +# remote_src: true - - ansible.builtin.file: - path: "{{ dockerapps_path }}/backup" - state: directory - mode: 0755 - recurse: true - become: true +# - ansible.builtin.file: +# path: "{{ dockerapps_path }}/backup" +# state: directory +# mode: 0755 +# recurse: true +# become: true diff --git a/jellyfin.yml b/jellyfin.yml deleted file mode 100644 index dbec548..0000000 --- a/jellyfin.yml +++ /dev/null @@ -1,11 +0,0 @@ -#! wake up runner ! -- hosts: tower - gather_facts: false - tasks: - - ansible.builtin.file: - path: /opt/dockerapps/appdata/jelly - state: directory - recurse: yes - mode: '777' - become: true - become_user: root \ No newline at end of file