From 5b57905b21e591ebafe8c34f7940920e5e61e838 Mon Sep 17 00:00:00 2001 From: Thomas Constans Date: Sun, 15 Feb 2026 10:00:59 +0100 Subject: [PATCH] various fix switch from cron to systemd bypass hadoly anubis protection --- handlers/main.yml | 5 ++++- tasks/cron.yml | 5 +++++ tasks/install.yml | 17 ++++++++++++----- tasks/repo.yml | 6 ++---- templates/borg_backup.service | 6 +++--- 5 files changed, 26 insertions(+), 13 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 345037b..ca1f078 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,2 +1,5 @@ --- -# handlers file for borg_client \ No newline at end of file +# handlers file for borg_client +- name: reload systemd + ansible.builtin.systemd_service: + daemon_reload: true \ No newline at end of file diff --git a/tasks/cron.yml b/tasks/cron.yml index 6e52924..70783f2 100644 --- a/tasks/cron.yml +++ b/tasks/cron.yml @@ -1,3 +1,8 @@ +- name: remove old cronfile + ansible.builtin.file: + path: /etc/cron.d/backup + state: absent + - name: Deploy systemd service and timer unit files ansible.builtin.template: src: "{{ item }}" diff --git a/tasks/install.yml b/tasks/install.yml index bf3abff..3cc8a7c 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -24,12 +24,19 @@ state: directory - name: get borgbackup script - ansible.builtin.get_url: - url: "{{ item.url }}" - mode: "{{ item.mode }}" + delegate_to: localhost + become: false + ansible.builtin.git: + repo: "ssh://git@git-ssh.hadoly.fr:6900/CS_CT/borg.git" + dest: "/home/tom/tmp/borg" + +- name: copy script + ansible.builtin.copy: + src: /home/tom/tmp/borg/borg.sh dest: "{{ borg_script_dir }}" - loop: - - { url: "https://git.hadoly.fr/CS_CT/borg/raw/tag/1.0/borg.sh", mode: "0700" } + mode: 0700 + owner: root + group: root - name: get borgbackup config vars: diff --git a/tasks/repo.yml b/tasks/repo.yml index c58eeef..1e5a094 100644 --- a/tasks/repo.yml +++ b/tasks/repo.yml @@ -9,7 +9,7 @@ owner: root group: root -- name: create repo +- name: create repo directory file: path: "{{ borg_remote_dir }}{{ inventory_hostname }}" state: directory @@ -37,15 +37,13 @@ delegate_to: "{{ borg_server }}" - name: check if repository is created - tags: wip delegate_to: "{{ borg_server }}" ansible.builtin.stat: path: "{{ borg_remote_dir }}{{ inventory_hostname }}/config" register: repo_content - name: create repository - tags: wip - when: repo_content.stat.isfile is not defined + when: repo_content.stat.exists == false ansible.builtin.command: "/usr/bin/borg init --encryption=keyfile {{ borg_account }}@{{ borg_server }}:{{ borg_remote_dir }}{{ inventory_hostname }}" environment: BORG_PASSPHRASE: "{{ borg_passphrase }}" diff --git a/templates/borg_backup.service b/templates/borg_backup.service index 30d7bf9..0de146f 100644 --- a/templates/borg_backup.service +++ b/templates/borg_backup.service @@ -1,9 +1,9 @@ # {{ansible_managed}} # this file was created from the role: {{ ansible_role_name }} [Unit] -Description = get installed packages list +Description = do a borg backup [Service] Type = oneshot -ExecStart = {{ borg_script_dir }}/borg.sh -User = tom \ No newline at end of file +ExecStart = {{ borg_script_dir }}/borg.sh create +User = root \ No newline at end of file