improve restic self-update handling

2024-12-11 23:41:32 +01:00 · 2021-08-03 23:16:34 +02:00 · 2021-08-03 23:16:34 +02:00 · 67294c1489
commit 67294c1489
parent 1b6c55473c
8 changed files with 58 additions and 49 deletions
--- a/README.md
+++ b/README.md
@ -77,6 +77,7 @@ ansible-galaxy install arillso.restic
 | `restic_schedule_type` | `systemd`                           | Here you can define if we create a ``cronjob`` or a ``systemd`` timer. If it fails to create a systemd timer, a cronjob will be created. |
 | `restic_dir_owner`     | `'{{ansible_user}}'`                | The owner of all created dirs                                               |
 | `restic_dir_group`     | `'{{ansible_user}}'`                | The group of all created dirs                                               |
 | `restic_no_log`        | `true`                              | set to false to see hidden ansible logs                                     |
 ### Repos
 Restic stores data in repositories. You have to specify at least one repository
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -11,6 +11,7 @@ restic_backups: []
 restic_create_schedule: "{{ restic_create_cron }}"
 restic_schedule_type: "systemd"
 # restic_schedule_type: "cronjob"
 restic_no_log: true
 restic_dir_owner: '{{ ansible_user | default(ansible_user_id) }}'
 restic_dir_group: '{{ ansible_user | default(ansible_user_id) }}'
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -7,6 +7,7 @@
    daemon_reload: true
    masked: false
  with_items: '{{ restic_backups }}'
  ignore_errors: true
  when:
    - restic_create_schedule
    - item.name is defined
--- a/tasks/backup.yml
+++ b/tasks/backup.yml
@ -12,7 +12,7 @@
    mode: '0700'
    owner: '{{ restic_dir_owner }}'
    group: '{{ restic_dir_group }}'
-  no_log: true
+  no_log: "{{ restic_no_log }}"
  with_items: '{{ restic_backups }}'
  when:
    - item.name is defined
@ -27,7 +27,7 @@
    mode: '0700'
    owner: '{{ restic_dir_owner }}'
    group: '{{ restic_dir_group }}'
-  no_log: true
+  no_log: "{{ restic_no_log }}"
  with_items: '{{ restic_backups }}'
  when:
    - item.name is defined
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@ -12,7 +12,7 @@
    AWS_DEFAULT_REGION: '{{ item.value.aws_default_region | default("") }}'
    B2_ACCOUNT_ID: '{{ item.value.b2_account_id | default("") }}'
    B2_ACCOUNT_KEY: '{{ item.value.b2_account_key | default("") }}'
-  no_log: true
+  no_log: "{{ restic_no_log }}"
  register: restic_init
  changed_when: "'created restic repository' in restic_init.stdout"
  failed_when:
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -1,47 +1,51 @@
 ---
- name: Download client binary
+- name: install and verify restic binary
-  get_url:
+  block:
-    url: '{{ restic_url }}'
+    - name: Download client binary
-    dest: '{{ restic_download_path }}/restic.bz2'
+      ansible.builtin.get_url:
-    force: true
+        url: '{{ restic_url }}'
-  register: get_url_restic
+        dest: '{{ restic_download_path }}/restic.bz2'
        force: true
      register: get_url_restic
-# TODO: This needs to become independent of the shell module to actually work
+    # TODO: This needs to become independent of the shell module to actually work
-# on every system. We could use a distribution specific aproach, but this would
+    - name: Decompress the binary
-# conflict with the current structure in tasks/distribution/
+      ansible.builtin.shell: "bzip2 -dc {{ get_url_restic.dest }} > {{ restic_bin_bath }}"
- name: Decompress the binary
+      args:
-  shell: "bzip2 -dc {{ get_url_restic.dest }} > {{ restic_bin_bath }}"
+        creates: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
  args:
    creates: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
- name: Ensure permissions are correct
+    - name: Ensure permissions are correct
-  file:
+      ansible.builtin.file:
-    path: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
+        path: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
-    mode: '0755'
+        mode: '0755'
-    owner: '{{ restic_dir_owner }}'
+        owner: '{{ restic_dir_owner }}'
-    group: '{{ restic_dir_group }}'
+        group: '{{ restic_dir_group }}'
- name: Test the binary
+    - name: Test the binary
-  ansible.builtin.command: "{{ restic_bin_bath }} version"
+      ansible.builtin.command: "{{ restic_bin_bath }} version"
-  ignore_errors: true
+      ignore_errors: true
-  register: restic_test_result
+      register: restic_test_result
- name: Remove faulty binary
+    - name: Remove faulty binary
-  file:
+      ansible.builtin.file:
-    path: '{{ restic_bin_bath }}'
+        path: '{{ restic_bin_bath }}'
-    state: absent
+        state: absent
-  when: "'FAILED' in restic_test_result.stderr"
+      when: "'FAILED' in restic_test_result.stderr"
- name: Fail if restic could not be installed
+    - name: Fail if restic could not be installed
-  fail:
+      ansible.builtin.fail:
-    msg: >-
+        msg: >-
-      Restic binary has been faulty and has been removed.
+          Restic binary has been faulty and has been removed.
-      Try to re-run the role and make sure you have bzip2 installed!
+          Try to re-run the role and make sure you have bzip2 installed!
-  when: "'FAILED' in restic_test_result.stderr"
+      when: "'FAILED' in restic_test_result.stderr"
- name: Create symbolic link to the correct version
+    - name: Create symbolic link to the correct version
-  file:
+      ansible.builtin.file:
-    src: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
+        src: '{{ restic_download_path }}/bin/restic-{{ restic_version }}'
-    path: '{{ restic_install_path }}/restic'
+        path: '{{ restic_install_path }}/restic'
-    state: link
+        state: link
-    force: true
+        force: true
  rescue:
    - name: try restic self-update
      become: true
      ansible.builtin.command: "{{ restic_install_path }}/restic self-update"
--- a/tasks/schedule.yml
+++ b/tasks/schedule.yml
@ -9,7 +9,7 @@
        owner: 'root'
        group: 'root'
        mode: '0644'
-      no_log: true
+      no_log: "{{ restic_no_log }}"
      with_items: '{{ restic_backups }}'
      notify: systemctl restart restic.timer
      when:
@ -24,7 +24,7 @@
        owner: 'root'
        group: 'root'
        mode: '0644'
-      no_log: true
+      no_log: "{{ restic_no_log }}"
      with_items: '{{ restic_backups }}'
      when:
        - item.name is defined
@ -38,7 +38,7 @@
        owner: 'root'
        group: 'root'
        mode: '0644'
-      no_log: true
+      no_log: "{{ restic_no_log }}"
      with_items: '{{ restic_backups }}'
      when:
        - item.name is defined
@ -83,7 +83,7 @@
        cron_file: '/etc/crontab'
        user: 'root'
      become: true
-      no_log: true
+      no_log: "{{ restic_no_log }}"
      with_items: '{{ restic_backups }}'
      when:
        - item.name is defined
@ -109,7 +109,7 @@
    cron_file: '/etc/crontab'
    user: 'root'
  become: true
-  no_log: true
+  no_log: "{{ restic_no_log }}"
  with_items: '{{ restic_backups }}'
  when:
    - restic_create_schedule | bool
@ -124,6 +124,7 @@
    enabled: false
    masked: true
  with_items: '{{ restic_backups }}'
  ignore_errors: true
  when:
    - restic_create_schedule | bool
    - item.name is defined
@ -137,6 +138,7 @@
    enabled: false
    masked: true
  with_items: '{{ restic_backups }}'
  ignore_errors: true
  when:
    - restic_create_schedule | bool
    - item.name is defined
--- a/vars/main.yml
+++ b/vars/main.yml
@ -10,5 +10,5 @@ restic_os_variables:
  paths:
    - 'vars'
-playbook_version_number: 15  # should be int
+playbook_version_number: 16  # should be int
 playbook_version_path: 'do1jlr.restic.version'