From be67d02be87d99eb905d14d4cdfd7f263231c029 Mon Sep 17 00:00:00 2001 From: Ricard Illa Date: Fri, 4 Nov 2022 14:34:44 +0100 Subject: [PATCH] btrbk role --- deploy.yml | 9 +++++++++ roles/btrbk/tasks/alpine.yml | 7 +++++++ roles/btrbk/tasks/debian.yml | 6 ++++++ roles/btrbk/tasks/main.yml | 13 +++++++++++++ roles/cryptoraid/tasks/alpine.yml | 2 -- roles/users/tasks/btrbk.yml | 32 +++++++++++++++++++++++++++++++ 6 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 roles/btrbk/tasks/alpine.yml create mode 100644 roles/btrbk/tasks/debian.yml create mode 100644 roles/btrbk/tasks/main.yml create mode 100644 roles/users/tasks/btrbk.yml diff --git a/deploy.yml b/deploy.yml index 248cd81..819161e 100644 --- a/deploy.yml +++ b/deploy.yml @@ -75,6 +75,7 @@ users: - rilla - ansible + - btrbk - builder - gopass - woodpecker @@ -110,6 +111,14 @@ roles: - wifi +- name: btrbk + hosts: + - narwhal + - suricata + become: true + roles: + - btrbk + - name: caladan-specific things hosts: caladan become: true diff --git a/roles/btrbk/tasks/alpine.yml b/roles/btrbk/tasks/alpine.yml new file mode 100644 index 0000000..c4b4b7c --- /dev/null +++ b/roles/btrbk/tasks/alpine.yml @@ -0,0 +1,7 @@ +--- +- name: install packages + apk: + name: + - btrbk + - coreutils # needed by btrbk + - btrfs-progs diff --git a/roles/btrbk/tasks/debian.yml b/roles/btrbk/tasks/debian.yml new file mode 100644 index 0000000..3d8ae55 --- /dev/null +++ b/roles/btrbk/tasks/debian.yml @@ -0,0 +1,6 @@ +--- +- name: install packages + apt: + name: + - btrbk + - btrfs-progs diff --git a/roles/btrbk/tasks/main.yml b/roles/btrbk/tasks/main.yml new file mode 100644 index 0000000..6efa87f --- /dev/null +++ b/roles/btrbk/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: alpine setup + include_tasks: alpine.yml + when: ansible_distribution == "Alpine" + +- name: debian/ubuntu setup + include_tasks: debian.yml + when: ansible_distribution in ["Debian", "Ubuntu"] + +- name: copy btrbk config + copy: + src: "host_files/btrbk/{{ ansible_hostname }}/btrbk.conf" + dest: /etc/btrbk/btrbk.conf diff --git a/roles/cryptoraid/tasks/alpine.yml b/roles/cryptoraid/tasks/alpine.yml index 3f13480..c534065 100644 --- a/roles/cryptoraid/tasks/alpine.yml +++ b/roles/cryptoraid/tasks/alpine.yml @@ -2,8 +2,6 @@ - name: install packages apk: name: - - btrbk - - coreutils # needed by btrbk - btrfs-progs - cryptsetup - gnupg diff --git a/roles/users/tasks/btrbk.yml b/roles/users/tasks/btrbk.yml new file mode 100644 index 0000000..6e12566 --- /dev/null +++ b/roles/users/tasks/btrbk.yml @@ -0,0 +1,32 @@ +--- +- name: create group 'btrbk' + group: + name: btrbk + gid: 505 + +- name: create user 'btrbk' + user: + name: btrbk + uid: 505 + group: btrbk + home: /var/lib/btrbk + password: "*" # disabled password but can be accessed with SSH + groups: + - wheel + append: true + +- name: make sure btrbk owns its home + file: + state: directory + path: /var/lib/btrbk + owner: brtrbk + group: brtrbk + mode: '2755' + +- name: commit btrbk's home to lbu + lbu: + include: + - /var/lib/btrbk + exclude: + - /var/lib/btrbk/.ash_history + when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]