From 67294c1489a0664a352cf1443c4b4bf4b8bf101f Mon Sep 17 00:00:00 2001 From: L3D Date: Tue, 3 Aug 2021 23:16:34 +0200 Subject: [PATCH] improve restic self-update handling --- README.md | 1 + defaults/main.yml | 1 + handlers/main.yml | 1 + tasks/backup.yml | 4 +-- tasks/configure.yml | 2 +- tasks/install.yml | 84 ++++++++++++++++++++++++--------------------- tasks/schedule.yml | 12 ++++--- vars/main.yml | 2 +- 8 files changed, 58 insertions(+), 49 deletions(-) diff --git a/README.md b/README.md index 5af6019..6f24e49 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,7 @@ ansible-galaxy install arillso.restic | `restic_schedule_type` | `systemd` | Here you can define if we create a ``cronjob`` or a ``systemd`` timer. If it fails to create a systemd timer, a cronjob will be created. | | `restic_dir_owner` | `'{{ansible_user}}'` | The owner of all created dirs | | `restic_dir_group` | `'{{ansible_user}}'` | The group of all created dirs | +| `restic_no_log` | `true` | set to false to see hidden ansible logs | ### Repos Restic stores data in repositories. You have to specify at least one repository diff --git a/defaults/main.yml b/defaults/main.yml index da22a99..aad7302 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,6 +11,7 @@ restic_backups: [] restic_create_schedule: "{{ restic_create_cron }}" restic_schedule_type: "systemd" # restic_schedule_type: "cronjob" +restic_no_log: true restic_dir_owner: '{{ ansible_user | default(ansible_user_id) }}' restic_dir_group: '{{ ansible_user | default(ansible_user_id) }}' diff --git a/handlers/main.yml b/handlers/main.yml index 46817b5..f1799ec 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -7,6 +7,7 @@ daemon_reload: true masked: false with_items: '{{ restic_backups }}' + ignore_errors: true when: - restic_create_schedule - item.name is defined diff --git a/tasks/backup.yml b/tasks/backup.yml index dfa1f09..d04a9a3 100644 --- a/tasks/backup.yml +++ b/tasks/backup.yml @@ -12,7 +12,7 @@ mode: '0700' owner: '{{ restic_dir_owner }}' group: '{{ restic_dir_group }}' - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - item.name is defined @@ -27,7 +27,7 @@ mode: '0700' owner: '{{ restic_dir_owner }}' group: '{{ restic_dir_group }}' - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - item.name is defined diff --git a/tasks/configure.yml b/tasks/configure.yml index d3d7049..88217b5 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -12,7 +12,7 @@ AWS_DEFAULT_REGION: '{{ item.value.aws_default_region | default("") }}' B2_ACCOUNT_ID: '{{ item.value.b2_account_id | default("") }}' B2_ACCOUNT_KEY: '{{ item.value.b2_account_key | default("") }}' - no_log: true + no_log: "{{ restic_no_log }}" register: restic_init changed_when: "'created restic repository' in restic_init.stdout" failed_when: diff --git a/tasks/install.yml b/tasks/install.yml index c161b0e..4524bf2 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,47 +1,51 @@ --- -- name: Download client binary - get_url: - url: '{{ restic_url }}' - dest: '{{ restic_download_path }}/restic.bz2' - force: true - register: get_url_restic +- name: install and verify restic binary + block: + - name: Download client binary + ansible.builtin.get_url: + url: '{{ restic_url }}' + dest: '{{ restic_download_path }}/restic.bz2' + force: true + register: get_url_restic -# TODO: This needs to become independent of the shell module to actually work -# on every system. We could use a distribution specific aproach, but this would -# conflict with the current structure in tasks/distribution/ -- name: Decompress the binary - shell: "bzip2 -dc {{ get_url_restic.dest }} > {{ restic_bin_bath }}" - args: - creates: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' + # TODO: This needs to become independent of the shell module to actually work + - name: Decompress the binary + ansible.builtin.shell: "bzip2 -dc {{ get_url_restic.dest }} > {{ restic_bin_bath }}" + args: + creates: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' -- name: Ensure permissions are correct - file: - path: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' - mode: '0755' - owner: '{{ restic_dir_owner }}' - group: '{{ restic_dir_group }}' + - name: Ensure permissions are correct + ansible.builtin.file: + path: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' + mode: '0755' + owner: '{{ restic_dir_owner }}' + group: '{{ restic_dir_group }}' -- name: Test the binary - ansible.builtin.command: "{{ restic_bin_bath }} version" - ignore_errors: true - register: restic_test_result + - name: Test the binary + ansible.builtin.command: "{{ restic_bin_bath }} version" + ignore_errors: true + register: restic_test_result -- name: Remove faulty binary - file: - path: '{{ restic_bin_bath }}' - state: absent - when: "'FAILED' in restic_test_result.stderr" + - name: Remove faulty binary + ansible.builtin.file: + path: '{{ restic_bin_bath }}' + state: absent + when: "'FAILED' in restic_test_result.stderr" -- name: Fail if restic could not be installed - fail: - msg: >- - Restic binary has been faulty and has been removed. - Try to re-run the role and make sure you have bzip2 installed! - when: "'FAILED' in restic_test_result.stderr" + - name: Fail if restic could not be installed + ansible.builtin.fail: + msg: >- + Restic binary has been faulty and has been removed. + Try to re-run the role and make sure you have bzip2 installed! + when: "'FAILED' in restic_test_result.stderr" -- name: Create symbolic link to the correct version - file: - src: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' - path: '{{ restic_install_path }}/restic' - state: link - force: true + - name: Create symbolic link to the correct version + ansible.builtin.file: + src: '{{ restic_download_path }}/bin/restic-{{ restic_version }}' + path: '{{ restic_install_path }}/restic' + state: link + force: true + rescue: + - name: try restic self-update + become: true + ansible.builtin.command: "{{ restic_install_path }}/restic self-update" diff --git a/tasks/schedule.yml b/tasks/schedule.yml index 551ca3c..54a02cc 100644 --- a/tasks/schedule.yml +++ b/tasks/schedule.yml @@ -9,7 +9,7 @@ owner: 'root' group: 'root' mode: '0644' - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' notify: systemctl restart restic.timer when: @@ -24,7 +24,7 @@ owner: 'root' group: 'root' mode: '0644' - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - item.name is defined @@ -38,7 +38,7 @@ owner: 'root' group: 'root' mode: '0644' - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - item.name is defined @@ -83,7 +83,7 @@ cron_file: '/etc/crontab' user: 'root' become: true - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - item.name is defined @@ -109,7 +109,7 @@ cron_file: '/etc/crontab' user: 'root' become: true - no_log: true + no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: - restic_create_schedule | bool @@ -124,6 +124,7 @@ enabled: false masked: true with_items: '{{ restic_backups }}' + ignore_errors: true when: - restic_create_schedule | bool - item.name is defined @@ -137,6 +138,7 @@ enabled: false masked: true with_items: '{{ restic_backups }}' + ignore_errors: true when: - restic_create_schedule | bool - item.name is defined diff --git a/vars/main.yml b/vars/main.yml index 98e0544..d68ad23 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -10,5 +10,5 @@ restic_os_variables: paths: - 'vars' -playbook_version_number: 15 # should be int +playbook_version_number: 16 # should be int playbook_version_path: 'do1jlr.restic.version'