diff --git a/README.md b/README.md index 2171f27..33a0e36 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,7 @@ defined in vars/main.yml and vars/CentOS.yml * ldap_ssl_key_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_privkey.pem * ldap_ldif_files - optional list of ldif files to send to server and inject. Will be templated. need absolute path + * ldap_backup_dir: /srv/backups/ldap/ Dependencies diff --git a/TODO b/TODO deleted file mode 100644 index e725a7b..0000000 --- a/TODO +++ /dev/null @@ -1 +0,0 @@ -deployer et planifier script de backup \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml index fc98391..5bff88d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -68,3 +68,4 @@ ldap_entries: attributes: olcOverlay: "{2}unique" olcUniqueURI: ldap:///?uid?sub? +ldap_backup_dir: /srv/backups/ldap/ diff --git a/tasks/backup.yml b/tasks/backup.yml new file mode 100644 index 0000000..69bdc69 --- /dev/null +++ b/tasks/backup.yml @@ -0,0 +1,31 @@ +--- + - name: create root bin and backup dirs + ansible.builtin.file: + path: "{{ item }}" + state: directory + owner: root + group: root + mode: 0700 + loop: + - "{{ ldap_backup_dir }}" + - /root/bin + + + - name: deploy backup script + ansible.builtin.git: + repo: https://infra.opendoor.fr/git/tom/Ldap_backup.git + dest: /root/bin/ldap_backup + + - name: backup script permissions + ansible.builtin.file: + path: /root/bin/ldap_backup/ldap_backup.sh + mode: 700 + + - name: backup script cron + ansible.builtin.cron: + name: ldap_backup + cron_file: ldap_backup + user: root + hour: "01" + minute: "00" + job: "/root/bin/ldap_backup/ldap_backup.sh {{ ldap_backup_dir }}" diff --git a/tasks/main.yml b/tasks/main.yml index 016c8a4..cc1944c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -203,3 +203,7 @@ loop: "{{ ldap_entries }}" when: ldap_entries is defined ignore_errors: true + +- name: setup backup + import_tasks: backup.yml + tags: backup_ldap