From 1def545c867f60761d70ff070d0d0377ca9d0328 Mon Sep 17 00:00:00 2001 From: Manuel Riel <3916435+m3nu@users.noreply.github.com> Date: Fri, 13 May 2022 11:17:47 +0400 Subject: [PATCH] Remove borgbase module, now separate (#100) --- .ansible-lint | 3 + .gitignore | 1 + README.md | 50 +------- defaults/main.yml | 8 -- library/borgbase.py | 215 --------------------------------- module_utils/README | 6 - molecule/default/Dockerfile.j2 | 2 +- tasks/main.yml | 28 ----- 8 files changed, 8 insertions(+), 305 deletions(-) create mode 100644 .ansible-lint create mode 100644 .gitignore delete mode 100644 library/borgbase.py delete mode 100644 module_utils/README diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..2aea330 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,3 @@ +--- +skip_list: + - fqcn-builtins diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..16d3c4d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.cache diff --git a/README.md b/README.md index 445c8a5..6110cdc 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,9 @@ [![Test](https://github.com/borgbase/ansible-role-borgbackup/actions/workflows/main.yml/badge.svg)](https://github.com/borgbase/ansible-role-borgbackup/actions/workflows/main.yml) [![Ansible Galaxy](https://img.shields.io/ansible/role/48519)](https://galaxy.ansible.com/m3nu/ansible_role_borgbackup) -Set up encrypted, compressed and deduplicated backups using [BorgBackup](https://borgbackup.readthedocs.io/en/stable/) and [Borgmatic](https://github.com/witten/borgmatic). Currently supports Debian/Ubuntu and CentOS/Red Hat. +Set up encrypted, compressed and deduplicated backups using [BorgBackup](https://borgbackup.readthedocs.io/en/stable/) and [Borgmatic](https://github.com/witten/borgmatic). Currently supports Debian/Ubuntu, CentOS/Red Hat/Fedora, Archlinux and Manjaro. -Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories. +Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories. To manage BorgBase repos via Ansible, also see Andy Hawkins' [BorgBase Collection](https://galaxy.ansible.com/adhawkins/borgbase). Main features: - Set up Borg and Borgmatic @@ -44,13 +44,11 @@ Main features: ## Installation Download from Ansible Galaxy - ``` $ ansible-galaxy install m3nu.ansible_role_borgbackup ``` -Clone to local folder - +Clone latest version from Github ``` $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansible_role_borgbackup ``` @@ -89,48 +87,6 @@ $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansibl - `ssh_key_file`: Path to a private ssh key file (default is `.ssh/id_ed25519`). It generates a ed25519 key if the file doesn't exist yet. -### Optional Arguments for [BorgBase.com](https://www.borgbase.com) repository auto creation -This role can also set up a new repository on BorgBase, using the arguments below. Thanks to [Philipp Rintz](https://github.com/p-rintz) for contribution of this feature. - -- `create_repo`: Whether to let the role create the repository for the server. Default: False -- `bb_token`: Your [BorgBase.com](https://www.borgbase.com) API-Token. Should be Create Only for security reasons. -- `bb_region`: Which region the backups should be saved in. Choice: "eu" or "us". -- `bb_new_sshkey`: Whether to use the automatically created SSH_key. Default: True -- `bb_sshkey`: If there is a key already available on [BorgBase.com](https://www.borgbase.com) that should be used, it can be set with this variable. The key needs to be exactly the same, including key-comment. -- `bb_append`: Should the permission of the newly created repository be append only? Default: True -- `bb_quota`: To use a quota for the Server. Default: False -- `bb_quota_size`: Will need to be set if `bb_quota` is set to True. In Gigabyte. -- `bb_alertdays`: After how many days of no backup activity should alerts be sent out? Defaults to off. -- `bb_repo_name`: What name the created repository should have. Defaults to the inventory_hostname. - - -### Use BorgBase Module Standalone -You can also use the BorgBase-Ansible module directly if needed: - -``` -- name: Create new repository for server in EU with new SSH_key and quota - borgbase: - repository_name: "{{ inventory_hostname }}" - token: "Your Borgbase API Token" - new_ssh_key: True - ssh_key: "{{ some_variable }}" - append_only: True - quota_enable: True - quota: 1000 #in GB - region: eu - alertdays: 2 - delegate_to: localhost -``` - - - -## Planned features - -- [x] Testing -- [ ] Multiple repos in one role-call instead of callng this role multiple times. -- [ ] Support more OSs, like Red Hat/Fedora/CentOS, SuSE, Gentoo, Slackware, Arch, BSD - - ## Contributing Pull requests (PR) are welcome, as long as they add features that are relevant for a meaningful number of users. All PRs are tested for style and functionality. To run tests locally (needs Docker): diff --git a/defaults/main.yml b/defaults/main.yml index c8ff660..06c2afe 100755 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,15 +28,7 @@ borg_retention_policy: keep_daily: 7 keep_weekly: 4 keep_monthly: 6 -create_repo: False ssh_key_file: .ssh/id_ed25519 -bb_new_sshkey: True -bb_append: True -bb_quota: False -bb_quota_size: 0 -bb_alertdays: 0 -bb_repo_name: "{{ inventory_hostname }}" -bb_sshkey: "{{ root_user['ssh_public_key'] }}" borgmatic_cron_name: borgmatic borgmatic_cron_hour: "{{ 6 | random(seed=inventory_hostname) }}" borgmatic_cron_minute: "{{ 59 | random(seed=inventory_hostname) }}" diff --git a/library/borgbase.py b/library/borgbase.py deleted file mode 100644 index e8df03d..0000000 --- a/library/borgbase.py +++ /dev/null @@ -1,215 +0,0 @@ -#!/usr/bin/python - -DOCUMENTATION = ''' ---- -module: borgbase -author: "Philipp Rintz (https://github.com/p-rintz)" -short_description: Ansible module for creating new repositories with borgbase.com -description: - - Ansible Module for creating new repositories with borgbase.com including adding new ssh keys -version_added: "2.6" -''' - -EXAMPLES = ''' -- name: Create new repository for server in EU with new SSH_key and quota - borgbase: - repository_name: "{{ inventory_hostname }}" - token: "Your Borgbase API Token" - new_ssh_key: True - ssh_key: "{{ some_variable }}" - append_only: True - quota_enable: True - quota: 1000 #in GB - region: eu - alertdays: 2 - delegate_to: localhost -- name: Create new repository without new key and no quota/alerting in US region - borgbase: - repository_name: "{{ inventory_hostname }}" - token: "Your Borgbase API Token" - new_ssh_key: False - ssh_key: "ssh-ed25519 AAAAC3Nz......aLqRJw+dl/E+2BJ xxx@yyy" - region: us - delegate_to: localhost -''' - -from ansible.module_utils.basic import * -from ansible.module_utils.borgbase_api_client.client import GraphQLClient -from ansible.module_utils.borgbase_api_client.mutations import * -from ansible.module_utils.borgbase_api_client.queries import * - - -def get_key_id(ssh_key): - res = client.execute(KEY_DETAILS) - for i in res['data']['sshList']: - if i['keyData'] == ssh_key: - key_id = i['id'] - return key_id - -def add_ssh_key(): - key_name = 'Key for %s' % (module.params['repository_name'],) - new_key_vars = { - 'name': key_name, - 'keyData': module.params['ssh_key'] - } - res = client.execute(SSH_ADD, new_key_vars) - new_key_id = res['data']['sshAdd']['keyAdded']['id'] - return new_key_id - -def add_repo(key_id): - if module.params['append_only']: - access_level = 'appendOnlyKeys' - else: - access_level = 'fullAccessKeys' - - if not module.params['quota_enable']: - new_repo_vars = { - 'name': module.params['repository_name'], - 'quotaEnabled': module.params['quota_enable'], - access_level: [key_id], - 'alertDays': module.params['alertdays'], - 'region': module.params['region'] - } - else: - new_repo_vars = { - 'name': module.params['repository_name'], - 'quotaEnabled': module.params['quota_enable'], - 'quota': 1000*module.params['quota'], - access_level: [key_id], - 'alertDays': module.params['alertdays'], - 'region': module.params['region'] - } - res = client.execute(REPO_ADD, new_repo_vars) - return res - -def get_repo_id(name): - res = client.execute(REPO_DETAILS) - for repo in res['data']['repoList']: - if repo['name'] == name: - repo_id = repo['id'] - return repo_id - return None - -def edit_repo(repo_id, key_id): - if module.params['append_only']: - access_level = 'appendOnlyKeys' - else: - access_level = 'fullAccessKeys' - - if not module.params['quota_enable']: - repo_vars = { - 'id': repo_id, - 'name': module.params['repository_name'], - access_level: [key_id], - 'alertDays': module.params['alertdays'], - 'region': module.params['region'] - } - else: - repo_vars = { - 'id': repo_id, - 'name': module.params['repository_name'], - 'quotaEnabled': module.params['quota_enable'], - 'quota': 1000*module.params['quota'], - access_level: [key_id], - 'alertDays': module.params['alertdays'], - 'region': module.params['region'] - } - res = client.execute(REPO_EDIT, repo_vars) - return res - -def main(): - global module - module = AnsibleModule( - argument_spec = dict( - repository_name = dict( - type='str', - required=True, - ), - token = dict( - required=True, - type='str', - no_log=True - ), - new_ssh_key = dict( - required=False, - default='True', - type='bool' - ), - ssh_key = dict( - required=True, - type='str' - ), - append_only = dict( - required=False, - default='True', - type='bool' - ), - quota_enable = dict( - required=False, - default='False', - type='bool' - ), - quota = dict( - required=False, - type='int' - ), - region = dict( - required=True, - type='str', - choice=["eu", "us"] - ), - alertdays = dict( - required=False, - default=0, - type='int' - ) - ) - ) - - global client - client = GraphQLClient(module.params['token']) - - # Add new SSH key or get ID of old key - if module.params['new_ssh_key']: - key_id = add_ssh_key() - else: - key_id = get_key_id(module.params['ssh_key']) - - # Check if repo with given name exists - repo_id = get_repo_id(module.params['repository_name']) - - if repo_id is None: - # Add new repo using the key - res = add_repo(key_id) - repo_exist = False - else: - # Edit the repo - res = edit_repo(repo_id, key_id) - repo_exist = True - - # Setup information for Ansible - result = dict( - changed = False, - data = '', - type = '', - key_id = '' - ) - - # Test for success and change info - if type(res) == dict: - result['changed'] = True - if repo_exist: - result['data'] = res["data"]["repoEdit"]["repoEdited"] - else: - result['data'] = res['data']['repoAdd']['repoAdded'] - result['key_id'] = key_id - module.exit_json(**result) - else: - result['data'] = res - result['type'] = type(res) - result['key_id'] = key_id - module.fail_json(msg="Failed creating new respository.", **result) - - -if __name__ == '__main__': - main() diff --git a/module_utils/README b/module_utils/README deleted file mode 100644 index 7249b31..0000000 --- a/module_utils/README +++ /dev/null @@ -1,6 +0,0 @@ -The "borgbase_api_client" folder of the API client repository will need to be put into this folder. - -Folder structure: -ansible-role-borgbackup/ -|---------------------+ module_utils/ - |-------- borgbase_api_client/ diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2 index 9ca1d6d..59f32cd 100644 --- a/molecule/default/Dockerfile.j2 +++ b/molecule/default/Dockerfile.j2 @@ -14,7 +14,7 @@ ENV {{ var }} {{ value }} {% endfor %} {% endif %} -RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 python3-apt aptitude && apt-get clean; \ +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python3 sudo bash ca-certificates iproute2 python3-apt aptitude && apt-get clean; \ elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install /usr/bin/python3 /usr/bin/python3-config /usr/bin/dnf-3 sudo bash iproute && dnf clean all; \ elif [ $(command -v yum) ]; then yum makecache fast && yum install -y /usr/bin/python /usr/bin/python2-config sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \ diff --git a/tasks/main.yml b/tasks/main.yml index 719ee7b..73de20c 100755 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -71,34 +71,6 @@ debug: var: root_user['ssh_public_key'] -- name: Create new repository for server - borgbase: - repository_name: "{{ bb_repo_name }}" - token: "{{ bb_token }}" - new_ssh_key: "{{ bb_new_sshkey }}" - ssh_key: "{{ bb_sshkey }}" - append_only: "{{ bb_append }}" - quota_enable: "{{ bb_quota }}" - quota: "{{ bb_quota_size }}" - region: "{{ bb_region }}" - alertdays: "{{ bb_alertdays }}" - delegate_to: localhost - become: no - register: repo_creation - when: create_repo - -- name: Set Repository Fact - set_fact: - borg_repository: |- - {% if borg_repository is defined and borg_repository is string %} - {{ [borg_repository] + [ repo_creation['data']['repoPath'] ] }} - {% elif borg_repository is defined %} - {{ borg_repository + [ repo_creation['data']['repoPath'] ] }} - {% else %} - {{ repo_creation['data']['repoPath'] }} - {% endif %} - when: create_repo - - name: Ensure /etc/borgmatic exists file: path: /etc/borgmatic