ansible-collections/ansible-collection-bareos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init

Browse Source
This commit is contained in:
Andrey Sokolovskiy 2024-03-03 05:37:23 +07:00
commit 1e742cb29c
88 changed files with 5051 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
.cache
.DS_Store
.icloud

12
.yamllint Normal file
View File

@ -0,0 +1,12 @@
---
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
line-length: disable
truthy: disable

1
README.md Normal file
View File

@ -0,0 +1 @@
A collection of roles for Bareos

17
galaxy.yml Normal file
View File

@ -0,0 +1,17 @@
---
namespace: anry
name: bareos
version: 3.0.0
readme: README.md
authors:
- Anry <anry.so@mgmail.com>
description: A collection of roles for Bareos
license_file: 'LICENSE'
tags:
- linux
- bareos
- backup
dependencies:
ansible.posix: "*"
repository: https://git.unbind.ru/ansible-collections/ansible-collection-bareos.git
build_ignore: []

2
meta/runtime.yml Normal file
View File

@ -0,0 +1,2 @@
---
requires_ansible: '>=2.9.10'

5
requirements.yml Normal file
View File

@ -0,0 +1,5 @@
---
collections:
- name: ansible.posix
- name: community.crypto
- name: community.general

202
roles/bareos_console/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

48
roles/bareos_console/README.md Normal file
View File

@ -0,0 +1,48 @@
# [Ansible role bareos_console](#bareos_console)
Install and configure [Bareos](https://www.bareos.com/) Console (bconsole) on your system.
## [Example Playbook](#example-playbook)
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_console
bareos_console_directors:
- name: bareos-dir
address: localhost
password: "MySuperSecretPassword"
description: "Bareos Console credentials for local Director"
tls_enable: yes
tls_verify_peer: no
```
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bareos_repository
```
## [Role Variables](#role-variables)
```yaml
---
# defaults file for bareos_console
bareos_console_directors: []
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt]

4
roles/bareos_console/defaults/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
# defaults file for bareos_console
bareos_console_directors: []

14
roles/bareos_console/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,14 @@
---
# # bareos_dir_messages: Daemon
argument_specs:
main:
short_description: "Install and configure BareOS Console (bconsole) on your system."
description: >
Install and configure BareOS Console (bconsole) on your system.
author: Robert de Bock
options:
bareos_console_directors:
type: "list"
description: "A list of directors to connect to."

42
roles/bareos_console/meta/main.yml Normal file
View File

@ -0,0 +1,42 @@
---
galaxy_info:
author: anry
role_name: bareos_console
description: Install and configure [Bareos](https://www.bareos.com/) Console (bconsole) on your system.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "7"
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: opensuse
versions:
- all
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- backup
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

4
roles/bareos_console/requirements.yml Normal file
View File

@ -0,0 +1,4 @@
---
roles:
- name: anry.bootstrap
- name: anry.bareos_repository

53
roles/bareos_console/tasks/assert.yml Normal file
View File

@ -0,0 +1,53 @@
---
- name: assert | Test bareos_console_directors
ansible.builtin.assert:
that:
- bareos_console_directors is iterable
quiet: yes
when:
- bareos_console_directors is defined
- name: assert | Test items in bareos_console_directors are set correctly
ansible.builtin.assert:
that:
- item.name is defined
- item.name is string
- item.name != ""
- item.address is defined
- item.address is string
- item.address != ""
- item.password is defined
- item.password is string
- item.password != ""
- item.description is defined
- item.description is string
- item.description != ""
quiet: yes
loop: "{{ bareos_console_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- bareos_console_directors is defined
- name: assert | Test item tls_enable in bareos_console_directors
ansible.builtin.assert:
that:
- item.tls_enable is boolean
quiet: yes
loop: "{{ bareos_console_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- item.tls_enable is defined
- name: assert | Test item tls_verify_peer in bareos_console_directors
ansible.builtin.assert:
that:
- item.tls_verify_peer is boolean
quiet: yes
loop: "{{ bareos_console_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- item.tls_verify_peer is defined

24
roles/bareos_console/tasks/main.yml Normal file
View File

@ -0,0 +1,24 @@
---
# tasks file for bareos_console
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Install bareos-console
ansible.builtin.package:
name: bareos-bconsole
state: present
- name: Place bconsole.conf
ansible.builtin.template:
src: bconsole.conf.j2
dest: /etc/bareos/bconsole.conf
owner: root
group: bareos
mode: "0640"
validate: /usr/sbin/bconsole --test-config --config %s
when:
- bareos_console_directors is defined

0
roles/bareos_console/templates/.gitkeep Normal file
View File

24
roles/bareos_console/templates/bconsole.conf.j2 Normal file
View File

@ -0,0 +1,24 @@
{{ ansible_managed | comment }}
{% if bareos_console_directors is defined %}
{% for director in bareos_console_directors %}
Director {
Name = "{{ director.name }}"
{% if director.description is defined %}
Description = "{{ director.description }}"
{% endif %}
{% if director.address is defined %}
Address = "{{ director.address }}"
{% endif %}
{% if director.password is defined %}
Password = "[md5]{{ director.password | md5 }}"
{% endif %}
{% if director.tls_enable is defined %}
TLS Enable = {{ director.tls_enable | ternary('Yes', 'No') }}
{% endif %}
{% if director.tls_verify_peer is defined %}
TLS Verify Peer = {{ director.tls_verify_peer | ternary('Yes', 'No') }}
{% endif %}
}
{% endfor %}
{% endif %}

202
roles/bareos_dir/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

391
roles/bareos_dir/README.md Normal file
View File

@ -0,0 +1,391 @@
# [Ansible role bareos_dir](#bareos_dir)
Install and configure [Bareos](https://www.bareos.com/) Director.
|GitHub|GitLab|Downloads|Version|
|------|------|---------|-------|
|[![github](https://github.com/anry/ansible-role-bareos_dir/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_dir/actions)|[![gitlab](https://gitlab.com/anry-iac/ansible-role-bareos_dir/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_dir)|[![downloads](https://img.shields.io/ansible/role/d/anry/bareos_dir)](https://galaxy.ansible.com/anry/bareos_dir)|[![Version](https://img.shields.io/github/release/anry/ansible-role-bareos_dir.svg)](https://github.com/anry/ansible-role-bareos_dir/releases/)|
## [Example Playbook](#example-playbook)
This example is taken from [`molecule/default/converge.yml`](https://github.com/anry/ansible-role-bareos_dir/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_dir
bareos_dir_backup_configurations: yes
bareos_dir_install_debug_packages: yes
bareos_dir_catalogs:
- name: MyCatalog
dbname: bareos
dbuser: bareos
dbpassword: ""
bareos_dir_consoles:
- name: bareos-mon
description: "Restricted console used by tray-monitor to get the status of the director."
password: "MySecretPassword"
commandacl:
- status
- .status
jobacl:
- "*all"
bareos_dir_clients:
- name: bareos-fd
address: 127.0.0.1
password: "MySecretPassword"
maximum_concurrent_jobs: 3
heartbeat_interval: 60
- name: "disabled-client"
enabled: no
bareos_dir_filesets:
- name: LinuxAll
description: "Backup all regular filesystems, determined by filesystem type."
include:
files:
- /
exclude_dirs_containing: nobackup
options:
signature: MD5
one_fs: no
fs_types:
- btrfs
- ext2
- ext3
- ext4
- reiserfs
- jfs
- vfat
- xfs
- zfs
compression: GZIP
exclude:
files:
- /var/lib/bareos
- /var/lib/bareos/storage
- /proc
- /tmp
- /var/tmp
- /.journal
- /.fsck
- name: disabled-fileset
enabled: no
bareos_dir_jobdefs:
- name: DefaultJob-1
type: Backup
level: Incremental
fileset: SelfTest
schedule: WeeklyCycle
storage: File-1
messages: Standard
pool: Full
priority: 10
write_bootstrap: "/var/lib/bareos/%c.bsr"
full_backup_pool: Full
differential_backup_pool: Differential
incremental_backup_pool: Incremental
- name: "disabled-jobdef"
enabled: no
bareos_dir_jobs:
- name: my_job
description: "My backup job"
pool: Full
type: Backup
client: bareos-fd
fileset: LinuxAll
storage: File-1
messages: Standard
- name: disabled_job
enabled: no
- name: BackupCatalog
description: "Backup the catalog database (after the nightly save)"
jobdefs: DefaultJob
level: Full
fileset: Catalog
client: bareos-fd
schedule: WeeklyCycleAfterBackup
runbeforejob: "/usr/lib/bareos/scripts/make_catalog_backup MyCatalog"
runafterjob: "/usr/lib/bareos/scripts/delete_catalog_backup MyCatalog"
write_bootstrap: '|/usr/bin/bsmtp -h localhost -f \"\(Bareos\) \" -s \"Bootstrap for Job %j\" root'
priority: 11
maximum_concurrent_jobs: 2
bareos_dir_messages:
- name: "Standard"
description: "Send relevant messages to the Director."
append:
- file: "/var/log/bareos/bareos.log"
messages:
- all
- "!skipped"
- "!terminate"
catalog:
- all
- "!skipped"
- "!saved"
- "!audit"
console:
- all
- "!skipped"
- "!saved"
- name: "disabled-message"
enabled: no
- name: Daemon
description: "Message delivery for daemon messages (no job)."
mailcommand: '/usr/bin/bsmtp -h localhost -f \"\(Bareos\) \<%r\>\" -s \"Bareos daemon message\" %r'
mail:
- to: root
messages:
- all
- "!skipped"
- "!audit"
console:
- all
- "!skipped"
- "!saved"
- "!audit"
append:
- file: "/var/log/bareos/bareos.log"
messages:
- all
- "!skipped"
- "!audit"
- file: "/var/log/bareos/bareos-audit.log"
messages:
- audit
- name: RestoreFiles
description: "Standard Restore template. Only one such job is needed for all standard Jobs/Clients/Storage ..."
type: Restore
client: bareos-fd
fileset: LinuxAll
storage: File-1
pool: Incremental
messages: Standard
where: "/tmp/bareos-restores"
bareos_dir_pools:
- name: Full
pool_type: Backup
recycle: yes
autoprune: yes
volume_retention: 365 days
maximum_volume_bytes: 50G
maximum_volumes: 100
label_format: "Full-"
- name: "disabled-pool"
enabled: no
bareos_dir_profiles:
- name: webui-admin
jobacl:
- "*all*"
clientacl:
- "*all*"
storageacl:
- "*all*"
scheduleacl:
- "*all*"
poolacl:
- "*all*"
commandacl:
- "!.bvfs_clear_cache"
- "!.exit"
- "!.sql"
- "!configure"
- "!create"
- "!delete"
- "!purge"
- "!prune"
- "!sqlquery"
- "!umount"
- "!unmount"
- "*all*"
filesetacl:
- "*all*"
catalogacl:
- "*all*"
whereacl:
- "*all*"
pluginoptionsacl:
- "*all*"
- name: "disabled-message"
enabled: no
bareos_dir_schedules:
- name: WeeklyCycle
run:
- Full 1st sat at 21:00
- Differential 2nd-5th sat at 21:00
- Incremental mon-fri at 21:00
- name: WeeklyCycleAfterBackup
description: This schedule does the catalog. It starts after the WeeklyCycle.
run:
- Full mon-fri at 21:10
- name: "disabled-schedule"
enabled: no
bareos_dir_storages:
- name: File-1
address: dir-1
password: "MySecretPassword"
device: FileStorage
media_type: File
tls_enable: yes
tls_verify_peer: no
maximum_concurrent_jobs: 3
- name: "disabled-storage"
enabled: no
```
The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/anry/ansible-role-bareos_dir/blob/master/molecule/default/prepare.yml):
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bootstrap
# The roles buildtools, python_pip and postgres are required.
# bareos-dir needs to connect to a database.
- role: anry.roles.buildtools
# EPEL is required for RHEL7.
- role: anry.roles.epel
- role: anry.roles.python_pip
- role: anry.roles.postgres
# The roles core_dependencies and postfix are required for the `bareos_role`: "dir".
# bareos-dir needs to send emails.
# - role: anry.roles.core_dependencies
# - role: anry.roles.postfix
- role: anry.roles.bareos_repository
bareos_repository_enable_tracebacks: yes
```
Also see a [full explanation and example](https://anry.nl/how-to-use-these-roles.html) on how to use these roles.
## [Role Variables](#role-variables)
The default values for the variables are set in [`defaults/main.yml`](https://github.com/anry/ansible-role-bareos_dir/blob/master/defaults/main.yml):
```yaml
---
# defaults file for bareos_dir
# The director has these configuration parameters.
# Backup the configuration files.
bareos_dir_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_dir_install_debug_packages: no
# The hostname of the Director.
bareos_dir_hostname: "{{ inventory_hostname }}"
# The password for the Director.
bareos_dir_password: "secretpassword"
# The query file.
bareos_dir_queryfile: "/usr/lib/bareos/scripts/query.sql"
# The maximum number of concurrent jobs.
bareos_dir_max_concurrent_jobs: 100
# The messages configuration to use.
bareos_dir_message: Daemon
# Enable TLS.
bareos_dir_tls_enable: yes
# Verify the peer.
bareos_dir_tls_verify_peer: no
# A list of catalogs to configure.
bareos_dir_catalogs: []
# A list of consoled to configure.
bareos_dir_consoles: []
# A list of clients to configure.
bareos_dir_clients: []
# A list of filesets to configure.
bareos_dir_filesets: []
# A list of jobdefs to configure
bareos_dir_jobdefs: []
# A list of jobs to configure.
bareos_dir_jobs: []
# A list of messages to configure.
bareos_dir_messages: []
# A list of pools to configure.
bareos_dir_pools: []
# A list of profiles to configure.
bareos_dir_profiles: []
# A list of schedules to configure.
bareos_dir_schedules: []
# A list of storages to configure.
bareos_dir_storages: []
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt](https://github.com/anry/ansible-role-bareos_dir/blob/master/requirements.txt).
## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|-------------|--------|--------|
|[anry.bootstrap](https://galaxy.ansible.com/anry/bootstrap)|[![Build Status GitHub](https://github.com/anry/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bootstrap)|
|[anry.bareos_repository](https://galaxy.ansible.com/anry/bareos_repository)|[![Build Status GitHub](https://github.com/anry/ansible-role-bareos_repository/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_repository/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bareos_repository/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_repository)|
|[anry.buildtools](https://galaxy.ansible.com/anry/buildtools)|[![Build Status GitHub](https://github.com/anry/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-buildtools/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-buildtools)|
|[anry.epel](https://galaxy.ansible.com/anry/epel)|[![Build Status GitHub](https://github.com/anry/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-epel/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-epel)|
|[anry.python_pip](https://galaxy.ansible.com/anry/python_pip)|[![Build Status GitHub](https://github.com/anry/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-python_pip/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-python_pip)|
|[anry.postgres](https://galaxy.ansible.com/anry/postgres)|[![Build Status GitHub](https://github.com/anry/ansible-role-postgres/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-postgres/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-postgres/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-postgres)|
## [Context](#context)
This role is a part of many compatible roles. Have a look at [the documentation of these roles](https://anry.nl/) for further information.
Here is an overview of related roles:
![dependencies](https://raw.githubusercontent.com/anry/ansible-role-bareos_dir/png/requirements.png "Dependencies")
## [Compatibility](#compatibility)
This role has been tested on these [container images](https://hub.docker.com/u/anry):
|container|tags|
|---------|----|
|[Debian](https://hub.docker.com/r/anry/debian)|bookworm, bullseye, buster|
|[EL](https://hub.docker.com/r/anry/enterpriselinux)|7, 8, 9|
|[Fedora](https://hub.docker.com/r/anry/fedora/)|38, 39|
|[opensuse](https://hub.docker.com/r/anry/opensuse)|all|
|[Ubuntu](https://hub.docker.com/r/anry/ubuntu)|jammy, focal|
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in [GitHub](https://github.com/anry/ansible-role-bareos_dir/issues).
## [License](#license)
[Apache-2.0](https://github.com/anry/ansible-role-bareos_dir/blob/master/LICENSE).
## [Author Information](#author-information)
[anry](https://anry.nl/)
Please consider [sponsoring me](https://github.com/sponsors/anry).

64
roles/bareos_dir/defaults/main.yml Normal file
View File

@ -0,0 +1,64 @@
---
# defaults file for bareos_dir
# The director has these configuration parameters.
# Backup the configuration files.
bareos_dir_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_dir_install_debug_packages: no
# The hostname of the Director.
bareos_dir_hostname: "{{ inventory_hostname }}"
# The password for the Director.
bareos_dir_password: "secretpassword"
# The query file.
bareos_dir_queryfile: "/usr/lib/bareos/scripts/query.sql"
# The maximum number of concurrent jobs.
bareos_dir_max_concurrent_jobs: 100
# The messages configuration to use.
bareos_dir_message: Daemon
# Enable TLS.
bareos_dir_tls_enable: yes
# Verify the peer.
bareos_dir_tls_verify_peer: no
# A list of catalogs to configure.
bareos_dir_catalogs: []
# A list of consoled to configure.
bareos_dir_consoles: []
# A list of clients to configure.
bareos_dir_clients: []
# A list of filesets to configure.
bareos_dir_filesets: []
# A list of jobdefs to configure
bareos_dir_jobdefs: []
# A list of jobs to configure.
bareos_dir_jobs: []
# A list of messages to configure.
bareos_dir_messages: []
# A list of pools to configure.
bareos_dir_pools: []
# A list of profiles to configure.
bareos_dir_profiles: []
# A list of schedules to configure.
bareos_dir_schedules: []
# A list of storages to configure.
bareos_dir_storages: []

23
roles/bareos_dir/handlers/main.yml Normal file
View File

@ -0,0 +1,23 @@
---
# handlers file for bareos_dir
- name: Write results of database setup to file
ansible.builtin.copy:
content: "{{ item.stdout }}"
dest: "/var/log/bareos/{{ item.cmd[0] | basename }}.log"
mode: "0640"
loop: "{{ bareos_setup_database.results }}"
loop_control:
label: "{{ item.cmd[0] | basename | default('Command was skipped') }}"
when:
- item.stdout is defined
- name: Check configuration
ansible.builtin.command: "bareos-dir --test-config"
changed_when: false
become_user: bareos
- name: Reload bareos-dir
ansible.builtin.service:
name: bareos-dir
state: reloaded

89
roles/bareos_dir/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,89 @@
---
argument_specs:
main:
short_description: "Install and configure BareOS Director on your system."
description: >
Install and configure BareOS Director on your system.
author: Robert de Bock
options:
bareos_dir_backup_configurations:
type: "bool"
default: no
description: "Backup the configuration files."
bareos_dir_hostname:
type: "str"
default: "{{ inventory_hostname }}"
description: "The hostname of the Director."
bareos_dir_password:
type: "str"
default: "secretpassword"
description: "The password for the Director."
bareos_dir_queryfile:
type: "str"
default: "/usr/lib/bareos/scripts/query.sql"
description: "The query file."
bareos_dir_max_concurrent_jobs:
type: "int"
default: 10
description: "The maximum number of concurrent jobs."
bareos_dir_message:
type: "str"
default: "Daemon"
description: "The messages configuration to use."
bareos_dir_tls_enable:
type: "bool"
default: yes
description: "Enable TLS."
bareos_dir_tls_verify_peer:
type: "bool"
default: no
description: "Verify the peer."
bareos_dir_catalogs:
type: "list"
default: []
description: "A list of catalogs to configure."
bareos_dir_consoles:
type: "list"
default: []
description: "A list of consoled to configure."
bareos_dir_clients:
type: "list"
default: []
description: "A list of clients to configure."
bareos_dir_filesets:
type: "list"
default: []
description: "A list of filesets to configure."
bareos_dir_jobdefs:
type: "list"
default: []
description: "A list of jobdefs to configure."
bareos_dir_jobs:
type: "list"
default: []
description: "A list of jobs to configure."
bareos_dir_messages:
type: "list"
default: []
description: "A list of messages to configure."
bareos_dir_pools:
type: "list"
default: []
description: "A list of pools to configure."
bareos_dir_profiles:
type: "list"
default: []
description: "A list of profiles to configure."
bareos_dir_schedules:
type: "list"
default: []
description: "A list of schedules to configure."
bareos_dir_storages:
type: "list"
default: []
description: "A list of storages to configure."
bareos_dir_install_debug_packages:
type: "bool"
default: no
description: "Install debug packages. This requires the debug repositories to be enabled."

41
roles/bareos_dir/meta/main.yml Normal file
View File

@ -0,0 +1,41 @@
---
galaxy_info:
author: anry
role_name: bareos_dir
description: Install and configure [Bareos](https://www.bareos.com/) Director.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "7"
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: opensuse
versions:
- all
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

13
roles/bareos_dir/requirements.yml Normal file
View File

@ -0,0 +1,13 @@
---
roles:
- name: anry.bootstrap
- name: anry.bareos_repository
# The `buildtools`, `python_pip` and `postgres` roles provide a database.
- name: anry.buildtools
# EPEL is required for python-pip on RHEL7.
- name: anry.epel
- name: anry.python_pip
- name: anry.postgres
# The `core_dependencies` and `postfix` roles provide mailing capabilities for the `bareos_role`: "dir".
# - name: anry.core_dependencies
# - name: anry.postfix

145
roles/bareos_dir/tasks/assert.yml Normal file
View File

@ -0,0 +1,145 @@
---
- name: assert | Test bareos_dir_backup_configurations
ansible.builtin.assert:
that:
- bareos_dir_backup_configurations is defined
- bareos_dir_backup_configurations is boolean
quiet: yes
- name: assert | Test bareos_dir_hostname
ansible.builtin.assert:
that:
- bareos_dir_hostname is defined
- bareos_dir_hostname is string
- bareos_dir_hostname != ""
quiet: yes
- name: assert | Test bareos_dir_password
ansible.builtin.assert:
that:
- bareos_dir_password is defined
- bareos_dir_password is string
- bareos_dir_password != ""
quiet: yes
- name: assert | Test bareos_dir_queryfile
ansible.builtin.assert:
that:
- bareos_dir_queryfile is defined
- bareos_dir_queryfile is string
- bareos_dir_queryfile != ""
quiet: yes
- name: assert | Test bareos_dir_max_concurrent_jobs
ansible.builtin.assert:
that:
- bareos_dir_max_concurrent_jobs is defined
- bareos_dir_max_concurrent_jobs is number
quiet: yes
- name: assert | Test bareos_dir_message
ansible.builtin.assert:
that:
- bareos_dir_message is defined
- bareos_dir_message is string
- bareos_dir_message != ""
quiet: yes
- name: assert | Test bareos_dir_tls_enable
ansible.builtin.assert:
that:
- bareos_dir_tls_enable is defined
- bareos_dir_tls_enable is boolean
quiet: yes
- name: assert | Test bareos_dir_tls_verify_peer
ansible.builtin.assert:
that:
- bareos_dir_tls_verify_peer is defined
- bareos_dir_tls_verify_peer is boolean
quiet: yes
- name: assert | Test bareos_dir_catalogs
ansible.builtin.assert:
that:
- bareos_dir_catalogs is defined
- bareos_dir_catalogs is iterable
quiet: yes
- name: assert | Test bareos_dir_consoles
ansible.builtin.assert:
that:
- bareos_dir_consoles is defined
- bareos_dir_consoles is iterable
quiet: yes
- name: assert | Test bareos_dir_clients
ansible.builtin.assert:
that:
- bareos_dir_clients is defined
- bareos_dir_clients is iterable
quiet: yes
- name: assert | Test bareos_dir_filesets
ansible.builtin.assert:
that:
- bareos_dir_filesets is defined
- bareos_dir_filesets is iterable
quiet: yes
- name: assert | Test bareos_dir_jobdefs
ansible.builtin.assert:
that:
- bareos_dir_jobdefs is defined
- bareos_dir_jobdefs is iterable
quiet: yes
- name: assert | Test bareos_dir_jobs
ansible.builtin.assert:
that:
- bareos_dir_jobs is defined
- bareos_dir_jobs is iterable
quiet: yes
- name: assert | Test bareos_dir_messages
ansible.builtin.assert:
that:
- bareos_dir_messages is defined
- bareos_dir_messages is iterable
quiet: yes
- name: assert | Test bareos_dir_pools
ansible.builtin.assert:
that:
- bareos_dir_pools is defined
- bareos_dir_pools is iterable
quiet: yes
- name: assert | Test bareos_dir_profiles
ansible.builtin.assert:
that:
- bareos_dir_profiles is defined
- bareos_dir_profiles is iterable
quiet: yes
- name: assert | Test bareos_dir_schedules
ansible.builtin.assert:
that:
- bareos_dir_schedules is defined
- bareos_dir_schedules is iterable
quiet: yes
- name: assert | Test bareos_dir_storages
ansible.builtin.assert:
that:
- bareos_dir_storages is defined
- bareos_dir_storages is iterable
quiet: yes
- name: assert | Test bareos_dir_install_debug_packages
ansible.builtin.assert:
that:
- bareos_dir_install_debug_packages is defined
- bareos_dir_install_debug_packages is boolean
quiet: yes

242
roles/bareos_dir/tasks/main.yml Normal file
View File

@ -0,0 +1,242 @@
---
# tasks file for bareos_dir
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Prevent db installation (apt)
ansible.builtin.debconf:
name: bareos-database-common
question: bareos-database-common/dbconfig-install
value: "false"
vtype: boolean
when:
- ansible_pkg_mgr in [ "apt" ]
- name: Install requirements
ansible.builtin.package:
name: "{{ bareos_dir_requirements }}"
- name: Install packages
ansible.builtin.package:
name: "{{ bareos_dir_packages }}"
- name: Install debug packages
ansible.builtin.package:
name: "{{ bareos_dir_debug_packages }}"
when:
- bareos_dir_install_debug_packages
- name: Run database setup scripts
ansible.builtin.command:
cmd: "{{ item }}"
creates: "/var/log/bareos/{{ item | basename }}.log"
become_user: postgres
become: true
register: bareos_setup_database
loop: "{{ bareos_dir_install_scripts }}"
loop_control:
label: "{{ item | basename }}"
notify:
- Write results of database setup to file
- name: Run handlers
ansible.builtin.meta: flush_handlers
- name: Place bareos-dir.conf
ansible.builtin.template:
src: bareos-dir.conf.j2
dest: "/etc/bareos/bareos-dir.d/director/bareos-dir.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place catalog
ansible.builtin.template:
src: catalog.conf.j2
dest: "/etc/bareos/bareos-dir.d/catalog/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_catalogs }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place console
ansible.builtin.template:
src: console.conf.j2
dest: "/etc/bareos/bareos-dir.d/console/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0644"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_consoles }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place client
ansible.builtin.template:
src: client.conf.j2
dest: "/etc/bareos/bareos-dir.d/client/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_clients }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place fileset
ansible.builtin.template:
src: fileset.conf.j2
dest: "/etc/bareos/bareos-dir.d/fileset/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_filesets }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place job
ansible.builtin.template:
src: job.conf.j2
dest: "/etc/bareos/bareos-dir.d/job/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
vars:
bareos_dir_template_type: Job
loop: "{{ bareos_dir_jobs }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place jobdef
ansible.builtin.template:
src: job.conf.j2
dest: "/etc/bareos/bareos-dir.d/jobdefs/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
vars:
bareos_dir_template_type: JobDefs
loop: "{{ bareos_dir_jobdefs }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place message
ansible.builtin.template:
src: message.conf.j2
dest: "/etc/bareos/bareos-dir.d/messages/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_messages }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place pool
ansible.builtin.template:
src: pool.conf.j2
dest: "/etc/bareos/bareos-dir.d/pool/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_pools }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place profile
ansible.builtin.template:
src: profile.conf.j2
dest: "/etc/bareos/bareos-dir.d/profile/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0644"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_profiles }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place schedule
ansible.builtin.template:
src: schedule.conf.j2
dest: "/etc/bareos/bareos-dir.d/schedule/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0644"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_schedules }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Place storage
ansible.builtin.template:
src: storage.conf.j2
dest: "/etc/bareos/bareos-dir.d/storage/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_dir_backup_configurations }}"
loop: "{{ bareos_dir_storages }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Reload bareos-dir
- name: Start bareos-dir
ansible.builtin.service:
name: bareos-dir
state: started
enabled: yes
- name: Place cron to update bvfs
ansible.builtin.cron:
name: bareos bvfs update
user: root
job: echo .bvfs_update | bconsole
hour: '6'
minute: '0'

0
roles/bareos_dir/templates/.gitkeep Normal file
View File

17
roles/bareos_dir/templates/bareos-dir.conf.j2 Normal file
View File

@ -0,0 +1,17 @@
{{ ansible_managed | comment }}
Director {
Name = "{{ bareos_dir_hostname }}"
Password = "{{ bareos_dir_password }}"
QueryFile = "{{ bareos_dir_queryfile }}"
{% if bareos_dir_max_concurrent_jobs != 1 %}
Maximum Concurrent Jobs = {{ bareos_dir_max_concurrent_jobs }}
{% endif %}
Messages = "{{ bareos_dir_message }}"
{% if not bareos_dir_tls_enable %}
TLS Enable = No
{% endif %}
{% if bareos_dir_tls_verify_peer %}
TLS Verify Peer = Yes
{% endif %}
}

12
roles/bareos_dir/templates/catalog.conf.j2 Normal file
View File

@ -0,0 +1,12 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Catalog {
Name = {{ item.name }}
dbname = "{{ item.dbname }}"
dbuser = "{{ item.dbuser }}"
dbpassword = "{{ item.dbpassword }}"
}
{% else %}
# This file is not enabled.
{% endif %}

29
roles/bareos_dir/templates/client.conf.j2 Normal file
View File

@ -0,0 +1,29 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Client {
Name = "{{ item.name }}"
Address = "{{ item.address }}"
Password = "{{ item.password }}"
{% if item.maximum_concurrent_jobs is defined %}
Maximum Concurrent Jobs = {{ item.maximum_concurrent_jobs }}
{% endif %}
{% if item.connection_from_client_to_director is defined %}
Connection From Client To Director = {{ item.connection_from_client_to_director | ternary('Yes', 'No') }}
{% endif %}
{% if item.connection_from_director_to_client is defined %}
Connection From Director To Client = {{ item.connection_from_director_to_client | ternary('Yes', 'No') }}
{% endif %}
{% if item.heartbeat_interval is defined %}
Heartbeat Interval = {{ item.heartbeat_interval }}
{% endif %}
{% if item.tls_enable is defined %}
TLS Enable = {{ item.tls_enable | ternary('Yes', 'No') }}
{% endif %}
{% if item.tls_verify_peer is defined %}
TLS Verify Peer = {{ item.tls_verify_peer | ternary('Yes', 'No') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

25
roles/bareos_dir/templates/console.conf.j2 Normal file
View File

@ -0,0 +1,25 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Console {
Name = "{{ item.name }}"
{% if item.description is defined %}
Description = "{{ item.description }}"
{% endif %}
Password = "{{ item.password }}"
{% if item.commandacl is defined %}
CommandACL = {{ item.commandacl | join(', ') }}
{% endif %}
{% if item.jobacl is defined %}
JobACL = {{ item.jobacl | join(', ') }}
{% endif %}
{% if item.profile is defined %}
Profile = "{{ item.profile }}"
{% endif %}
{% if item.tlsenable is defined %}
TlsEnable = {{ item.tlsenable | ternary('Yes', 'No') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

40
roles/bareos_dir/templates/fileset.conf.j2 Normal file
View File

@ -0,0 +1,40 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
FileSet {
Name = "{{ item.name }}"
Description = "{{ item.description }}"
Include {
Options {
Signature = {{ item.include.options.signature }}
{% if item.include.options.one_fs is defined %}
One FS = {{ item.include.options.one_fs | ternary('Yes', 'No') }}
{% endif %}
{% if item.include.options.fs_types is defined %}
{% for fs_type in item.include.options.fs_types %}
FS Type = {{ fs_type }}
{% endfor %}
{% endif %}
{% if item.include.options.compression is defined %}
Compression = {{ item.include.options.compression }}
{% endif %}
}
{% if item.include.exclude_dirs_containing is defined %}
Exclude Dir Containing = {{ item.include.exclude_dirs_containing }}
{% endif %}
{% for file in item.include.files %}
File = {{ file }}
{% endfor %}
}
{% if item.exclude is defined %}
Exclude {
{% for file in item.exclude.files %}
File = {{ file }}
{% endfor %}
}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

51
roles/bareos_dir/templates/job.conf.j2 Normal file
View File

@ -0,0 +1,51 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
{{ bareos_dir_template_type }} {
Name = "{{ item.name }}"
{% if item.messages is defined %}
Messages = "{{ item.messages }}"
{% endif %}
{% if item.pool is defined %}
Pool = {{ item.pool }}
{% endif %}
{% if item.type is defined %}
Type = {{ item.type }}
{% endif %}
{% if item.description is defined %}
Description = "{{ item.description }}"
{% endif %}
{% if item.client is defined %}
Client = "{{ item.client }}"
{% endif %}
{% if item.fileset is defined %}
FileSet = "{{ item.fileset }}"
{% endif %}
{% if item.storage is defined %}
Storage = "{{ item.storage }}"
{% endif %}
{% if item.jobdefs is defined %}
Job Defs = "{{ item.jobdefs }}"
{% endif %}
{% if item.level is defined %}
Level = {{ item.level }}
{% endif %}
{% if item.schedule is defined %}
Schedule = "{{ item.schedule }}"
{% endif %}
{% if item.runbeforejob is defined %}
Run Before Job = "{{ item.runbeforejob }}"
{% endif %}
{% if item.runafterjob is defined %}
Run After Job = "{{ item.runafterjob }}"
{% endif %}
{% if item.where is defined %}
Where = "{{ item.where }}"
{% endif %}
{% if item.maximum_concurrent_jobs is defined %}
Maximum Concurrent Jobs = {{ item.maximum_concurrent_jobs }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

29
roles/bareos_dir/templates/message.conf.j2 Normal file
View File

@ -0,0 +1,29 @@
{{ ansible_managed | comment}}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Messages {
Name = "{{ item.name }}"
Description = "{{ item.description }}"
{% if item.append is defined %}
{% for append in item.append %}
Append = "{{ append.file }}" = {{ append.messages | join(', ') }}
{% endfor %}
{% endif %}
{% if item.catalog is defined %}
Catalog = {{ item.catalog | join(', ') }}
{% endif %}
{% if item.console is defined %}
Console = {{ item.console | join(', ') }}
{% endif %}
{% if item.mailcommand is defined %}
mailcommand = "{{ item.mailcommand }}"
{% endif %}
{% if item.mail is defined %}
{% for mail in item.mail %}
mail = {{ mail.to }} = {{ mail.messages | join(', ') }}
{% endfor %}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

28
roles/bareos_dir/templates/pool.conf.j2 Normal file
View File

@ -0,0 +1,28 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Pool {
Name = {{ item.name }}
Pool Type = {{ item.pool_type }}
{% if item.recycle is defined %}
Recycle = {{ item.recycle | ternary('Yes', 'No') }}
{% endif %}
{% if item.autoprune is defined %}
AutoPrune = {{ item.autoprune | ternary('Yes', 'No') }}
{% endif %}
{% if item.volume_retention is defined %}
Volume Retention = {{ item.volume_retention }}
{% endif %}
{% if item.maximum_volume_bytes is defined %}
Maximum Volume Bytes = {{ item.maximum_volume_bytes }}
{% endif %}
{% if item.maximum_volumes is defined %}
Maximum Volumes = {{ item.maximum_volumes }}
{% endif %}
{% if item.label_format is defined %}
Label Format = "{{ item.label_format }}"
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

19
roles/bareos_dir/templates/profile.conf.j2 Normal file
View File

@ -0,0 +1,19 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Profile {
Name = "{{ item.name }}"
JobAcl = "{{ item.jobacl | join('", "') }}"
ClientAcl = "{{ item.clientacl | join('", "') }}"
StorageAcl = "{{ item.storageacl | join('", "') }}"
ScheduleAcl = "{{ item.scheduleacl | join('", "') }}"
PoolAcl = "{{ item.poolacl | join('", "') }}"
CommandAcl = "{{ item.commandacl | join('", "') }}"
FileSetAcl = "{{ item.filesetacl | join('", "') }}"
CatalogAcl = "{{ item.catalogacl | join('", "') }}"
WhereAcl = "{{ item.whereacl | join('", "') }}"
PluginOptionsAcl = "{{ item.pluginoptionsacl | join('", "') }}"
}
{% else %}
# This file is not enabled.
{% endif %}

15
roles/bareos_dir/templates/schedule.conf.j2 Normal file
View File

@ -0,0 +1,15 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Schedule {
Name = "{{ item.name }}"
{% if item.description is defined %}
Description = "{{ item.description }}"
{% endif %}
{% for run in item.run %}
Run = {{ run }}
{% endfor %}
}
{% else %}
# This file is not enabled.
{% endif %}

22
roles/bareos_dir/templates/storage.conf.j2 Normal file
View File

@ -0,0 +1,22 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Storage {
Name = "{{ item.name }}"
Address = "{{ item.address }}"
Password = "{{ item.password }}"
Device = "{{ item.device }}"
Media Type = "{{ item.media_type }}"
{% if item.tls_enable is defined %}
TLS Enable = {{ item.tls_enable | ternary('Yes', 'No') }}
{% endif %}
{% if item.tls_verify_peer is defined %}
TLS Verify Peer = {{ item.tls_verify_peer | ternary('Yes', 'No') }}
{% endif %}
{% if item.maximum_concurrent_jobs is defined %}
Maximum Concurrent Jobs = {{ item.maximum_concurrent_jobs }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

33
roles/bareos_dir/vars/main.yml Normal file
View File

@ -0,0 +1,33 @@
---
# vars file for bareos_dir
# The requirements for bareos-dir.
_bareos_dir_requirements:
default: []
Debian:
- procps
bareos_dir_requirements: "{{ _bareos_dir_requirements[ansible_os_family] | default(_bareos_dir_requirements['default']) }}"
# The packages to install.
bareos_dir_packages:
- bareos-database-postgresql
- bareos-database-tools
- bareos-director
# A list of script to setup the database.
bareos_dir_install_scripts:
- /usr/lib/bareos/scripts/create_bareos_database
- /usr/lib/bareos/scripts/make_bareos_tables
- /usr/lib/bareos/scripts/grant_bareos_privileges
_bareos_dir_debug_packages:
default:
- "bareos-director-debuginfo"
- gdb
Debian:
- "bareos-dbg"
- gdb
RedHat-7:
- "bareos-debuginfo"
- gdb
bareos_dir_debug_packages: "{{ _bareos_dir_debug_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_bareos_dir_debug_packages[ansible_os_family] | default(_bareos_dir_debug_packages['default'])) }}"

202
roles/bareos_fd/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

268
roles/bareos_fd/README.md Normal file
View File

@ -0,0 +1,268 @@
# [Ansible role bareos_fd](#bareos_fd)
Install and configure [Bareos](https://www.bareos.com/) File Daemon.
|GitHub|GitLab|Downloads|Version|
|------|------|---------|-------|
|[![github](https://github.com/anry/ansible-role-bareos_fd/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_fd/actions)|[![gitlab](https://gitlab.com/anry-iac/ansible-role-bareos_fd/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_fd)|[![downloads](https://img.shields.io/ansible/role/d/anry/bareos_fd)](https://galaxy.ansible.com/anry/bareos_fd)|[![Version](https://img.shields.io/github/release/anry/ansible-role-bareos_fd.svg)](https://github.com/anry/ansible-role-bareos_fd/releases/)|
## [Example Playbook](#example-playbook)
This example is taken from [`molecule/default/converge.yml`](https://github.com/anry/ansible-role-bareos_fd/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_fd
bareos_fd_backup_configurations: yes
bareos_fd_install_debug_packages: yes
bareos_fd_encryption_enabled: yes
bareos_fd_encryption_private_key: |
-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAvFS5DDxBm2Hgf6LM2QnU3eKTw6PHpCBESjuqoKDnwnjL9wXH
GAO77b3lPXKFPZfrXUH41FxJt1wWuRXWjJfR4XI7RLmG5XGgbvKamnhCK48aZelN
oFa2Midto1Gydnb/I2I7GTA2fmx65mS4DTlXPn/phZJx9akUwJ1kRWVJgzuzimJ8
0YPqKbLPBRz86PWjAfTmYP4a7iuCTOlPqNIxGgCFUi5KIeFQZ3V8eO4iwVE8FhSK
/d1ykdiKlPAWjhcjDsTaQmWQd+IGi20bdzDrOevNUvaR7xGYbPczHDRVYveuEddl
4up8teWGczQxiIYhIR6n0F9wqFK2AzZGbXOKBLkiPKocKQ/X1glEgLc1jy16YYA4
vNXc3D+wxKNgnEcZ/YtDOZ746/k+4y8QuLaycA62BaD0hV/UxRHhJX1/gCkjkuU/
F4ZFP52nMDlyB9uMY1rkUJgNWvgT/GyycPDHFJl04rAM+zl/wFHajy9Dfi8WxzKl
NILvDmSpoyZJww1mhKAFzkRf9ThtoZvs9ctA12QQJdSWWL9kPjJjw0RlBAwKnmBu
C/1wzBL3O9z8OSbJh9LixtfzR6X96ojgUxwQYsXcvcUopCHIAti6INRghbx4AWY8
5Jq4C8/OiY2LdHDBoxHY3gnqyKnzCqHZRbE2XUxkPkHXjoOlFX6KqYy49CkCAwEA
AQKCAgAAnUlyA4l5oEr8E3MEcxVR2E7nXi2SMNlKtLEskYwd7irk+S7lhCZJj4TF
iUUv639MZD/CB4ui2ytKV8LE4zue7y7ua0AFi6Nq829KAhHKs3UbMhw9J/vPqwq7
5fNIIo3plCLAnLZc6LyaB5BQfnu8DHCKblOx4i77nFYV4jbpMRJpmvX8Em+FZSIa
OT1r3GMf2FzLl5ZUK+ScgmknikFLZ26V8Rncp6jxZ+3XoF/xiRCpm2+Vgm5MK1aK
StsWEFSp6THmSBgt6iK5BaWuLam40crvWYrKrHxMgwIC/x9o44CXOORlN8l2XH6F
T+uxYTqrS7pbuHeo6ZOzMhXZbP5CCpNQdMrJMgtOJsdxoC9viKfAvSbvl+tlwMeb
pAcSxBQ69DRcxbR/Mb5AdZ0KQObdxeeRdHfJBcZypzuARfhxIKqGKVKtxUSE+Gc1
kq7X9rdqxEBmDHULxnDfqjtf2LVqZao3moCbMqs+sX2rP7pD7TSlnsLNdsDx3yud
X1583lSxSCWIt4i74Elep1BEelO1S+cv0n60czT6IPkpkhr+/X8Vzu48oaGwFvoO
XUFMvzjNZbUv4/FcbISjcnuuXFGQZY9vXvhGtgnwQ+twOyllaGMvogEg0gNSOy1+
8yLNrN3QiZlKjFhIBNsJLCvmq5l3u09ijlGl5AxNoYE4wyLg/QKCAQEA4XVLlYeR
zYXibWlYJHdxf7rHnnbUwdww8NRdi6If/48MjEkHrHHK1K+4j/JoKuaKT1kOT9Mk
DgFQJYWXYPo6gFEXLqmjrAVDrHUFPi0Va5F6u/6I18jVmwJzvAkdO79LGNewmawL
mluA/SZAq12nnncbJGA1zn2nTri1Ld/2az1IztYEZGpJf6SU7HQIGqV5hKYTS1NV
TL9wehaCht0RiZh+xOZTENpuCgslBPI7NN82kAAD3/jtbOf37QJ7pkVYhC38r8Vo
dhdOR1STC/30IybiPYacHFTOIhtpbAD5CMkH6/Y5+40LAboqP9uO1rKHSJamj2kn
NqUHIhoi3nz87QKCAQEA1dfisgifNE25MsS5QvFMffuJwe7fyrZlDPnfxuqjEYfw
/Oi/FJ8Ov1tu/9FSkDzFuu+gKHLQ06OVKLJXCdsKSz4uVK+5LLAxbHn8APEarHU/
ZjC8NV0g+lJhSOAEHnYAZOBipCt0eBZA0eoxDLk3U7ZpvdgUA3VwaWxsSCfGdkcs
CtS3GVLKX5IvufY0DXEHTOXdM0lN0F7lzN2lNeqW/7eBItSUACmT5zaljhpRXWBO
ivdicD6jX5v8egwxRS1hIQr+8XRtY7xILBMlOw0y3oxtjv6jPdX0wpc1TdjyN2eB
RlyP5ifNMrve+3e5640rhtoAUdheSner6ncvexEorQKCAQBaE8sHCwst2fgFTrlw
mGg4aB+pKEEI0ziaf76AM14ldLnGssbmFvC62RocKPWFbmaEHUiii/Ezx0KGO0Gn
9VG6QqvIcO57o/7NwFM/7DNKru0ifyedTxhIvkoPLnUHkf4nBsYAH8Ti/vwiKE5e
KST3Iw8tEWNuBLX7tcBte7WwUuPr/4XxuKV04gS+E/3I56QNY20CA2FpMHN309aC
m4COQOclNACsExkz2hAIUd9l2GisT9U8fvAdOvDLONq+K6aZ6OW0NGLwC4+y4A+A
Ew6fnMF3Y3iruRZCekE8bYcSA3+uvsmbv1ZOclq++LGxBdMXJVmWoqSQKI8ZCOg1
jCphAoIBAEmpLuaiv6x1pXjOeP6NPgsbjW1nSmF6iL56iFHt2zQbvrBvv/pre9oA
tfCa+zTCKl5lUqb8PeDZNXUqUX8Mm7QlfDIhwciZ/LxgHKV6Z/TGAovB9+Lt7IEt
xWMj/2c6wJH/FRt1+I2xJKzqXfEDEALfD/ecKfCzEIDQH1CPmvZ9N7eXZGbttNZM
9fG51F5Y8+nSOGsFMi+3sLLsGo/C+jal0G7eCQkxSUhY85hKioJ+vS9zXc5KVV6G
zeaAsqwgoJeQQReNQm0bm0TLZ4S63C3683ZRUovnWoN5MJxbQbxCBC7njY37Ydy7
CGlY6YsxOrAeAgQvYvOF24tNeOaMl5UCggEBAJ7LRUjNlGZ4xcCLNRIV9imXxo48
eQiDC298h+wPzKOjFNp7c/+QQZRsVaKJLIY2FnsEA4ZJZx+oT4wL/3smYCBP/aMD
vLWTarp6unKnzvopBMarFpk3RTqzv8txMjz3kr8WiIhr8geFagjE/ujcuBOu17k8
/qc6HNLy0e4bK648oBAq4C5qxid33zc06eRed2EOSqXdHwHgfBKlRwqCIYkiWlq/
SWAk+9svFT9HvziCtFzH5GdsM24W0KtOsTxUiil89ybQW2uWWm5HB3OuATmb0JZA
cz+WiXCcYLVId8gl/hXkKBjRVEhhKsmnab8Jg2HlwGXuAdwqP5/GwxsM41g=
-----END RSA PRIVATE KEY-----
bareos_fd_encryption_master_public_key: |
-----BEGIN CERTIFICATE-----
MIIDyjCCArKgAwIBAgIJAIAjOIGqAGRwMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYD
VQQGEwJOTDEQMA4GA1UECAwHVVRSRUNIVDESMBAGA1UEBwwJQnJldWtlbGVuMSIw
IAYDVQQKDBlBZGZpbmlzIElUIE5lZGVybGFuZCBCLlYuMQ8wDQYDVQQDDAZiYXJl
b3MxKDAmBgkqhkiG9w0BCQEWGXJvYmVydC5kZWJvY2tAYWRmaW5pcy5jb20wHhcN
MjMwOTExMDg1MzA0WhcNMjMxMDExMDg1MzA0WjCBkjELMAkGA1UEBhMCTkwxEDAO
BgNVBAgMB1VUUkVDSFQxEjAQBgNVBAcMCUJyZXVrZWxlbjEiMCAGA1UECgwZQWRm
aW5pcyBJVCBOZWRlcmxhbmQgQi5WLjEPMA0GA1UEAwwGYmFyZW9zMSgwJgYJKoZI
hvcNAQkBFhlyb2JlcnQuZGVib2NrQGFkZmluaXMuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAxFjcLKHDTf8dcT4kKtyZlIh4Zh7zNglaa6SJNBGW
pmcvtgfR9aBCDbcEphcssdytrXIiLsCEfv1h63o58UXePKYJMtNzbn6NNyzamxB9
CM4oHWr/td8i6fYaYXmqOxOimX707joWPlTB9+/rKWFrxwyg08oVGFdBNR6GmWek
Y5aRaEMwRBhh+bSVR9/Rj/QmqlF9pCB9/TtY3hhBdQkcy1tLTDo7Mf/Z4gLpk7d2
vRmpvVY8JloXjzuJNgVNbzY09pylqe78m9UsrJGBlzocZO5+AnO7wsqMAtUvplOM
oE7GHrg1FpfLjY3bqTQka/fVd1bDt5eDjAJnPqO1RYpKjQIDAQABoyEwHzAdBgNV
HQ4EFgQURTeY0pPxExJwTelsdBXr5PxgOdAwDQYJKoZIhvcNAQELBQADggEBALCi
urw+j1Yg2QDkOzMxmr6r0O/kF3WfrfpcevOCGVN0GxdxP/nGcfAh8feq4xj4oAnS
2CyhNfPPi+rIO1T0EkZWwL/kTByMGoR9Qc+juMgJ1HTYP6nEnBOXPMo1OyUdK5K3
MefQpNgHdWNSjWtLuW3YW8rkIeF8ZjmlXOSmBdOmqFi7p3OwwF8FnuXze1RLTgPL
VeI8D8DtzbX+mocuYxfIAFEmRXAmMeimXgwrVyI+w8+3IRGw8rDje0pFZX5X2aED
Gcz2IVF2cw5k1ryYW5kN027oK9igd8qc6dcJC6nMJw1kLbBdo68Eq3EOx92Fljlg
Wa7Dw2pD6yQGl/dfgQg=
-----END CERTIFICATE-----
bareos_fd_directors:
- name: "bareos-dir"
password: "secretpassword"
monitor: no
connection_from_client_to_director: yes
connection_from_director_to_client: no
tls_enable: yes
tls_verify_peer: no
- name: "disabled-director"
enabled: no
bareos_fd_messages:
- name: "Standard"
director:
server: bareos-dir
messages:
- all
- "!skipped"
- "!restored"
description: "Send relevant messages to the Director."
append:
file: "/var/log/bareos/bareos.log"
messages:
- all
- "!skipped"
- "!terminate"
console:
- all
- "!skipped"
- "!saved"
- name: "disabled-message"
enabled: no
```
The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/anry/ansible-role-bareos_fd/blob/master/molecule/default/prepare.yml):
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bootstrap
- role: anry.roles.bareos_repository
bareos_repository_enable_tracebacks: yes
```
Also see a [full explanation and example](https://anry.nl/how-to-use-these-roles.html) on how to use these roles.
## [Role Variables](#role-variables)
The default values for the variables are set in [`defaults/main.yml`](https://github.com/anry/ansible-role-bareos_fd/blob/master/defaults/main.yml):
```yaml
---
# defaults file for bareos_fd
# The client has these configuration parameters.
# Backup existing configurations.
bareos_fd_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_fd_install_debug_packages: no
# The hostname of the File Daemon.
bareos_fd_hostname: "{{ inventory_hostname }}"
# The maximum bandwidth to use.
bareos_fd_max_job_bandwidth: "10 mb/s"
# The message to use.
bareos_fd_message: "Standard"
# The maximum number of concurrent jobs.
bareos_fd_maximum_concurrent_jobs: 20
# Enable TLS.
bareos_fd_tls_enable: yes
# Verify the peer.
bareos_fd_tls_verify_peer: no
# The inteval in seconds to send a heartbeat.
bareos_fd_heartbeat_interval: 0
# The Directors to connect to.
bareos_fd_directors:
- name: "bareos-dir"
password: "secretpassword"
monitor: no
description: "Allow the configured Director to access this file daemon."
- name: bareos-mon
password: "secretpassword"
monitor: yes
description: "Restricted Director, used by tray-monitor to get the status of this file daemon."
# The Messages to configure.
bareos_fd_messages:
- name: "Standard"
director:
server: bareos-dir
messages:
- all
- "!skipped"
- "!restored"
description: "Send relevant messages to the Director."
# For encryption of data, set this to `yes`.
bareos_fd_encryption_enabled: no
# You may bring your own private key. If not specified, a new one will be generated.
bareos_fd_encryption_private_key: ""
# The master public key to use.
bareos_fd_encryption_master_public_key: ""
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt](https://github.com/anry/ansible-role-bareos_fd/blob/master/requirements.txt).
## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|-------------|--------|--------|
|[anry.bootstrap](https://galaxy.ansible.com/anry/bootstrap)|[![Build Status GitHub](https://github.com/anry/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bootstrap)|
|[anry.bareos_repository](https://galaxy.ansible.com/anry/bareos_repository)|[![Build Status GitHub](https://github.com/anry/ansible-role-bareos_repository/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_repository/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bareos_repository/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_repository)|
## [Context](#context)
This role is a part of many compatible roles. Have a look at [the documentation of these roles](https://anry.nl/) for further information.
Here is an overview of related roles:
![dependencies](https://raw.githubusercontent.com/anry/ansible-role-bareos_fd/png/requirements.png "Dependencies")
## [Compatibility](#compatibility)
This role has been tested on these [container images](https://hub.docker.com/u/anry):
|container|tags|
|---------|----|
|[Debian](https://hub.docker.com/r/anry/debian)|bookworm, bullseye, buster|
|[EL](https://hub.docker.com/r/anry/enterpriselinux)|7, 8, 9|
|[Fedora](https://hub.docker.com/r/anry/fedora/)|38, 39|
|[opensuse](https://hub.docker.com/r/anry/opensuse)|all|
|[Ubuntu](https://hub.docker.com/r/anry/ubuntu)|jammy, focal|
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in [GitHub](https://github.com/anry/ansible-role-bareos_fd/issues).
## [License](#license)
[Apache-2.0](https://github.com/anry/ansible-role-bareos_fd/blob/master/LICENSE).
## [Author Information](#author-information)
[anry](https://anry.nl/)
Please consider [sponsoring me](https://github.com/sponsors/anry).

62
roles/bareos_fd/defaults/main.yml Normal file
View File

@ -0,0 +1,62 @@
---
# defaults file for bareos_fd
# The client has these configuration parameters.
# Backup existing configurations.
bareos_fd_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_fd_install_debug_packages: no
# The hostname of the File Daemon.
bareos_fd_hostname: "{{ inventory_hostname }}"
# The maximum bandwidth to use.
bareos_fd_max_job_bandwidth: "10 mb/s"
# The message to use.
bareos_fd_message: "Standard"
# The maximum number of concurrent jobs.
bareos_fd_maximum_concurrent_jobs: 20
# Enable TLS.
bareos_fd_tls_enable: yes
# Verify the peer.
bareos_fd_tls_verify_peer: no
# The inteval in seconds to send a heartbeat.
bareos_fd_heartbeat_interval: 0
# The Directors to connect to.
bareos_fd_directors:
- name: "bareos-dir"
password: "secretpassword"
monitor: no
description: "Allow the configured Director to access this file daemon."
- name: bareos-mon
password: "secretpassword"
monitor: yes
description: "Restricted Director, used by tray-monitor to get the status of this file daemon."
# The Messages to configure.
bareos_fd_messages:
- name: "Standard"
director:
server: bareos-dir
messages:
- all
- "!skipped"
- "!restored"
description: "Send relevant messages to the Director."
# For encryption of data, set this to `yes`.
bareos_fd_encryption_enabled: no
# You may bring your own private key. If not specified, a new one will be generated.
bareos_fd_encryption_private_key: ""
# The master public key to use.
bareos_fd_encryption_master_public_key: ""

11
roles/bareos_fd/handlers/main.yml Normal file
View File

@ -0,0 +1,11 @@
---
# handlers file for bareos_fd
- name: Check configuration
ansible.builtin.command: "/usr/sbin/bareos-fd --test-config"
changed_when: false
- name: Restart bareos-filedaemon
ansible.builtin.service:
name: "{{ bareos_fd_service }}"
state: restarted

67
roles/bareos_fd/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,67 @@
---
# # bareos_dir_messages: Daemon
argument_specs:
main:
short_description: "Install and configure BareOS File Daemon on your system."
description: >
Install and configure BareOS File Daemon on your system.
author: Robert de Bock
options:
bareos_fd_backup_configurations:
type: "bool"
default: no
description: "Backup existing configurations."
bareos_fd_install_debug_packages:
type: "bool"
default: no
description: "Install debug packages. This requires the debug repositories to be enabled."
bareos_fd_hostname:
type: "str"
default: "{{ inventory_hostname }}"
description: "The hostname of the File Daemon."
bareos_fd_max_job_bandwidth:
type: "str"
default: "10 mb/s"
description: "The maximum bandwidth to use."
bareos_fd_message:
type: "str"
default: "Standard"
description: "The message to use."
bareos_fd_maximum_concurrent_jobs:
type: "int"
default: 20
description: "The maximum number of concurrent jobs."
bareos_fd_tls_enable:
type: "bool"
default: yes
description: "Enable TLS."
bareos_fd_tls_verify_peer:
type: "bool"
default: no
description: "Verify the peer."
bareos_fd_heartbeat_interval:
type: "int"
default: 0
description: "The inteval in seconds to send a heartbeat."
bareos_fd_directors:
type: "list"
default: []
description: "The Directors to connect to."
bareos_fd_messages:
type: "list"
default: []
description: "The Messages to configure."
bareos_fd_encryption_enabled:
type: "bool"
default: no
description: "For encryption of data, set this to `yes`."
bareos_fd_encryption_private_key:
type: "str"
default: ""
description: "You may bring your own private key. If not specified, a new one will be generated."
bareos_fd_encryption_master_public_key:
type: "str"
default: ""
description: "The master public key to use."

41
roles/bareos_fd/meta/main.yml Normal file
View File

@ -0,0 +1,41 @@
---
galaxy_info:
author: anry
role_name: bareos_fd
description: Install and configure [Bareos](https://www.bareos.com/) File Daemon.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "7"
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: opensuse
versions:
- all
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

7
roles/bareos_fd/requirements.yml Normal file
View File

@ -0,0 +1,7 @@
---
roles:
- name: anry.bootstrap
- name: anry.bareos_repository
collections:
- name: community.crypto

100
roles/bareos_fd/tasks/assert.yml Normal file
View File

@ -0,0 +1,100 @@
---
- name: assert | Test bareos_backup_configurations
ansible.builtin.assert:
that:
- bareos_fd_backup_configurations is defined
- bareos_fd_backup_configurations is boolean
quiet: yes
- name: assert | Test bareos_fd_hostname
ansible.builtin.assert:
that:
- bareos_fd_hostname is defined
- bareos_fd_hostname is string
- bareos_fd_hostname is not none
quiet: yes
- name: assert | Test bareos_fd_max_job_bandwidth
ansible.builtin.assert:
that:
- bareos_fd_max_job_bandwidth is defined
- bareos_fd_max_job_bandwidth is string
- bareos_fd_max_job_bandwidth is not none
quiet: yes
- name: assert | Test bareos_fd_message
ansible.builtin.assert:
that:
- bareos_fd_message is defined
- bareos_fd_message is string
- bareos_fd_message is not none
quiet: yes
- name: assert | Test bareos_fd_tls_enable
ansible.builtin.assert:
that:
- bareos_fd_tls_enable is defined
- bareos_fd_tls_enable is boolean
quiet: yes
- name: assert | Test bareos_fd_tls_verify_peer
ansible.builtin.assert:
that:
- bareos_fd_tls_verify_peer is defined
- bareos_fd_tls_verify_peer is boolean
quiet: yes
- name: assert | Test bareos_fd_heartbeat_interval
ansible.builtin.assert:
that:
- bareos_fd_heartbeat_interval is defined
- bareos_fd_heartbeat_interval is number
quiet: yes
- name: assert | Test bareos_fd_maximum_concurrent_jobs
ansible.builtin.assert:
that:
- bareos_fd_maximum_concurrent_jobs is defined
- bareos_fd_maximum_concurrent_jobs is number
quiet: yes
- name: assert | Test bareos_fd_directors
ansible.builtin.assert:
that:
- bareos_fd_directors is defined
- bareos_fd_directors is iterable
quiet: yes
- name: assert | Test bareos_fd_messages
ansible.builtin.assert:
that:
- bareos_fd_messages is defined
- bareos_fd_messages is iterable
quiet: yes
- name: assert | Test bareos_fd_encryption_enabled
ansible.builtin.assert:
that:
- bareos_fd_encryption_enabled is defined
- bareos_fd_encryption_enabled is boolean
quiet: yes
- name: assert | Test bareos_fd_encryption_private_key
ansible.builtin.assert:
that:
- bareos_fd_encryption_private_key is defined
- bareos_fd_encryption_private_key is string
quiet: yes
when:
- bareos_fd_encryption_enabled
- name: assert | Test bareos_fd_encryption_master_public_key
ansible.builtin.assert:
that:
- bareos_fd_encryption_master_public_key is defined
- bareos_fd_encryption_master_public_key is string
- bareos_fd_encryption_master_public_key != ""
quiet: yes
when:
- bareos_fd_encryption_enabled

69
roles/bareos_fd/tasks/encryption.yml Normal file
View File

@ -0,0 +1,69 @@
---
- name: encryption | Install python cryptography package
ansible.builtin.package:
name: "{{ bareos_fd_encryption_packages }}"
- name: encryption | Generate private key
community.crypto.openssl_privatekey:
path: /etc/bareos/{{ bareos_fd_hostname }}-private.key
owner: bareos
group: bareos
mode: "0600"
return_content: yes
register: bareos_fd_encryption_private_key_generated
when:
- bareos_fd_encryption_private_key == ""
- name: encryption | Place private key
ansible.builtin.copy:
content: "{{ bareos_fd_encryption_private_key }}"
dest: /etc/bareos/{{ bareos_fd_hostname }}-private.key
owner: bareos
group: bareos
mode: "0600"
when:
- bareos_fd_encryption_private_key != ""
- name: encryption | Generate csr for public key
community.crypto.openssl_csr:
path: /etc/bareos/{{ bareos_fd_hostname }}-public.csr
privatekey_path: /etc/bareos/{{ bareos_fd_hostname }}-private.key
common_name: "{{ bareos_fd_hostname }}"
owner: bareos
group: bareos
mode: "0644"
- name: encryption | Generate public key
community.crypto.x509_certificate:
path: /etc/bareos/{{ bareos_fd_hostname }}-public.key
privatekey_path: /etc/bareos/{{ bareos_fd_hostname }}-private.key
csr_path: /etc/bareos/{{ bareos_fd_hostname }}-public.csr
provider: selfsigned
return_content: yes
owner: bareos
group: bareos
mode: "0644"
register: bareos_fd_encryption_public_key
- name: encryption | Combine private and public key
ansible.builtin.copy:
content: "{{ bareos_fd_encryption_private_key_generated.privatekey | default(bareos_fd_encryption_private_key) }}{{ bareos_fd_encryption_public_key.certificate }}"
dest: /etc/bareos/{{ bareos_fd_hostname }}.pem
owner: bareos
group: bareos
mode: "0600"
notify:
- Check configuration
- Restart bareos-filedaemon
- name: encryption | Place master public key
ansible.builtin.copy:
content: "{{ bareos_fd_encryption_master_public_key }}"
dest: /etc/bareos/master.pub.key
owner: bareos
group: bareos
mode: "0640"
notify:
- Check configuration
- Restart bareos-filedaemon

72
roles/bareos_fd/tasks/main.yml Normal file
View File

@ -0,0 +1,72 @@
---
# tasks file for bareos_fd
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Install packages
ansible.builtin.package:
name: bareos-filedaemon
- name: Install debug packages
ansible.builtin.package:
name: "{{ bareos_fd_debug_packages }}"
when:
- bareos_fd_install_debug_packages
- name: Place myself.conf
ansible.builtin.template:
src: myself.conf.j2
dest: "/etc/bareos/bareos-fd.d/client/myself.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_fd_backup_configurations }}"
notify:
- Check configuration
- Restart bareos-filedaemon
- name: Place director
ansible.builtin.template:
src: director.conf.j2
dest: "/etc/bareos/bareos-fd.d/director/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_fd_backup_configurations }}"
loop: "{{ bareos_fd_directors }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-filedaemon
- name: Place message
ansible.builtin.template:
src: message.conf.j2
dest: "/etc/bareos/bareos-fd.d/messages/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_fd_backup_configurations }}"
loop: "{{ bareos_fd_messages }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-filedaemon
- name: Import encryption tasklist
ansible.builtin.import_tasks:
file: encryption.yml
when:
- bareos_fd_encryption_enabled
- name: Start bareos-filedaemon
ansible.builtin.service:
name: "{{ bareos_fd_service }}"
state: started
enabled: yes

0
roles/bareos_fd/templates/.gitkeep Normal file
View File

31
roles/bareos_fd/templates/director.conf.j2 Normal file
View File

@ -0,0 +1,31 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Director {
Name = {{ item.name }}
{% if item.description is defined %}
Description = "{{ item.description }}"
{% endif %}
Password = "[md5]{{ item.password | md5 }}"
{% if item.monitor is defined and item.monitor %}
Monitor = Yes
{% endif %}
{% if item.address is defined %}
Address = "{{ item.address }}"
{% endif %}
{% if item.connection_from_client_to_director is defined %}
Connection From Client To Director = {{ item.connection_from_client_to_director | ternary('Yes', 'No') }}
{% endif %}
{% if item.connection_from_director_to_client is defined %}
Connection From Director To Client = {{ item.connection_from_director_to_client | ternary('Yes', 'No') }}
{% endif %}
{% if item.tls_enable is defined %}
TLS Enable = {{ item.tls_enable | ternary('Yes', 'No') }}
{% endif %}
{% if item.tls_verify_peer is defined %}
TLS Verify Peer = {{ item.tls_verify_peer | ternary('Yes', 'No') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

19
roles/bareos_fd/templates/message.conf.j2 Normal file
View File

@ -0,0 +1,19 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Messages {
Name = "{{ item.name }}"
Description = "{{ item.description }}"
{% if item.director is defined %}
Director = {{ item.director.server }} = {{ item.director.messages | join(', ') }}
{% endif %}
{% if item.append is defined %}
Append = "{{ item.append.file }}" = {{ item.append.messages | join(', ') }}
{% endif %}
{% if item.console is defined %}
Console = {{ item.console | join(', ') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

25
roles/bareos_fd/templates/myself.conf.j2 Normal file
View File

@ -0,0 +1,25 @@
{{ ansible_managed | comment }}
Client {
Name = "{{ bareos_fd_hostname }}"
Messages = "{{ bareos_fd_message }}"
{% if not bareos_fd_tls_enable %}
TLS Enable = No
{% endif %}
{% if bareos_fd_tls_verify_peer %}
TLS Verify Peer = Yes
{% endif %}
{% if bareos_fd_heartbeat_interval != 0 %}
Heartbeat Interval = {{ bareos_fd_heartbeat_interval }}
{% endif %}
{% if bareos_fd_maximum_concurrent_jobs != 20 %}
Maximum Concurrent Jobs = {{ bareos_fd_max_concurrent_jobs }}
{% endif %}
{% if bareos_fd_encryption_enabled %}
PKI Signatures = Yes
PKI Encryption = Yes
PKI Keypair = "/etc/bareos/{{ bareos_fd_hostname }}.pem"
PKI Master Key = "/etc/bareos/master.pub.key"
PKI Cipher = aes128
{% endif %}
}

33
roles/bareos_fd/vars/main.yml Normal file
View File

@ -0,0 +1,33 @@
---
# vars file for bareos_fd
# A map to define the packages to install for encryption.
_bareos_fd_encryption_packages:
default:
- python3-cryptography
Archlinux:
- python-cryptography
RedHat-7:
- python2-cryptography
bareos_fd_encryption_packages: "{{ _bareos_fd_encryption_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_bareos_fd_encryption_packages[ansible_os_family]) | default(_bareos_fd_encryption_packages['default']) }}"
# A map to define the service name to manage.
_bareos_fd_service:
default: bareos-filedaemon
Archlinux: bareos-fd
bareos_fd_service: "{{ _bareos_fd_service[ansible_os_family] | default(_bareos_fd_service['default']) }}"
# A map to define the packages to install for debugging.
_bareos_fd_debug_packages:
default:
- bareos-filedaemon-debuginfo
- gdb
Archlinux:
- bareos-devel
Debian:
- bareos-dbg
- gdb
RedHat-7:
- bareos-debuginfo
- gdb
bareos_fd_debug_packages: "{{ _bareos_fd_debug_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_bareos_fd_debug_packages[ansible_os_family]) | default(_bareos_fd_debug_packages['default']) }}"

202
roles/bareos_repository/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

116
roles/bareos_repository/README.md Normal file
View File

@ -0,0 +1,116 @@
# [Ansible role bareos_repository](#bareos_repository)
Setup the [Bareos](https://www.bareos.com/) repositories.
|GitHub|GitLab|Downloads|Version|
|------|------|---------|-------|
|[![github](https://github.com/anry/ansible-role-bareos_repository/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_repository/actions)|[![gitlab](https://gitlab.com/anry-iac/ansible-role-bareos_repository/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_repository)|[![downloads](https://img.shields.io/ansible/role/d/anry/bareos_repository)](https://galaxy.ansible.com/anry/bareos_repository)|[![Version](https://img.shields.io/github/release/anry/ansible-role-bareos_repository.svg)](https://github.com/anry/ansible-role-bareos_repository/releases/)|
## [Example Playbook](#example-playbook)
This example is taken from [`molecule/default/converge.yml`](https://github.com/anry/ansible-role-bareos_repository/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_repository
bareos_repository_enable_tracebacks: yes
```
The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/anry/ansible-role-bareos_repository/blob/master/molecule/default/prepare.yml):
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bootstrap
```
Also see a [full explanation and example](https://anry.nl/how-to-use-these-roles.html) on how to use these roles.
## [Role Variables](#role-variables)
The default values for the variables are set in [`defaults/main.yml`](https://github.com/anry/ansible-role-bareos_repository/blob/master/defaults/main.yml):
```yaml
---
# defaults file for bareos_repository
# What type of Bareos to install, either "community" or "subscription".
bareos_repository_type: community
# The subscription username for the repository.
bareos_repository_username: ""
# The subscription password for the repository.
bareos_repository_password: ""
# What release to use, either "current", "next" or "release".
# When using `bareos_repository_type: community` this can be set to "release" or "testing".
bareos_repository_release: current
# The version of Bareos to install.
# Only affects `bareos_repository_type: subscription`.
bareos_repository_version: 23
# You can enable tracebacks for troubleshooting purposes.
bareos_repository_enable_tracebacks: no
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt](https://github.com/anry/ansible-role-bareos_repository/blob/master/requirements.txt).
## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|-------------|--------|--------|
|[anry.bootstrap](https://galaxy.ansible.com/anry/bootstrap)|[![Build Status GitHub](https://github.com/anry/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bootstrap)|
## [Context](#context)
This role is a part of many compatible roles. Have a look at [the documentation of these roles](https://anry.nl/) for further information.
Here is an overview of related roles:
![dependencies](https://raw.githubusercontent.com/anry/ansible-role-bareos_repository/png/requirements.png "Dependencies")
## [Compatibility](#compatibility)
This role has been tested on these [container images](https://hub.docker.com/u/anry):
|container|tags|
|---------|----|
|[Debian](https://hub.docker.com/r/anry/debian)|bookworm, bullseye, buster|
|[EL](https://hub.docker.com/r/anry/enterpriselinux)|7, 8, 9|
|[Fedora](https://hub.docker.com/r/anry/fedora/)|38, 39|
|[opensuse](https://hub.docker.com/r/anry/opensuse)|all|
|[Ubuntu](https://hub.docker.com/r/anry/ubuntu)|jammy, focal|
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in [GitHub](https://github.com/anry/ansible-role-bareos_repository/issues).
## [License](#license)
[Apache-2.0](https://github.com/anry/ansible-role-bareos_repository/blob/master/LICENSE).
## [Author Information](#author-information)
[anry](https://anry.nl/)
Please consider [sponsoring me](https://github.com/sponsors/anry).

22
roles/bareos_repository/defaults/main.yml Normal file
View File

@ -0,0 +1,22 @@
---
# defaults file for bareos_repository
# What type of Bareos to install, either "community" or "subscription".
bareos_repository_type: community
# The subscription username for the repository.
bareos_repository_username: ""
# The subscription password for the repository.
bareos_repository_password: ""
# What release to use, either "current", "next" or "release".
# When using `bareos_repository_type: community` this can be set to "release" or "testing".
bareos_repository_release: current
# The version of Bareos to install.
# Only affects `bareos_repository_type: subscription`.
bareos_repository_version: 23
# You can enable tracebacks for troubleshooting purposes.
bareos_repository_enable_tracebacks: no

41
roles/bareos_repository/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,41 @@
---
argument_specs:
main:
short_description: "Setup the bareos repositories."
description: >
Install the BareOS repositories.
After applying this role, you can install bareos packages.
author: Robert de Bock
options:
bareos_repository_type:
type: "str"
default: community
description: "What type of Bareos to install, either 'community' or 'subscription'."
choices:
- community
- subscription
bareos_repository_username:
type: "str"
default: ""
description: "The subscription username for the repository."
bareos_repository_password:
type: "str"
default: ""
description: "The subscription password for the repository."
bareos_repository_release:
type: "str"
default: current
description: "What release to use, either 'current', 'next' or 'release'."
choices:
- current
- next
- release
bareos_repository_version:
type: "int"
default: 23
description: "The version of Bareos to install. Only affects `bareos_repository_type: subscription`."
bareos_repository_enable_tracebacks:
type: "bool"
default: false
description: "You can enable tracebacks for troubleshooting purposes."

42
roles/bareos_repository/meta/main.yml Normal file
View File

@ -0,0 +1,42 @@
---
galaxy_info:
author: anry
role_name: bareos_repository
description: Setup the [Bareos](https://www.bareos.com/) repositories.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "7"
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: opensuse
versions:
- all
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- backup
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

7
roles/bareos_repository/requirements.yml Normal file
View File

@ -0,0 +1,7 @@
---
roles:
- name: anry.bootstrap
collections:
- name: ansible.posix
- name: community.general

52
roles/bareos_repository/tasks/assert.yml Normal file
View File

@ -0,0 +1,52 @@
---
- name: assert | Test bareos_repository_type
ansible.builtin.assert:
that:
- bareos_repository_type is defined
- bareos_repository_type in [ "community", "subscription" ]
quiet: yes
- name: assert | Test bareos_repository_username
ansible.builtin.assert:
that:
- bareos_repository_username is defined
- bareos_repository_username is string
- bareos_repository_username != ""
quiet: yes
when:
- bareos_repository_type == "subscription"
- name: assert | Test bareos_repository_password
ansible.builtin.assert:
that:
- bareos_repository_password is defined
- bareos_repository_password is string
- bareos_repository_password != ""
quiet: yes
when:
- bareos_repository_type == "subscription"
- name: assert | Test bareos_repository_release
ansible.builtin.assert:
that:
- bareos_repository_release is defined
- bareos_repository_release in [ "current", "next", "release" ]
quiet: yes
- name: assert | Test bareos_repository_version
ansible.builtin.assert:
that:
- bareos_repository_version is defined
- bareos_repository_version is number
- bareos_repository_version in [ 20, 21, 22, 23 ]
quiet: yes
when:
- bareos_repository_type == "subscription"
- name: assert | Test bareos_repository_enable_tracebacks
ansible.builtin.assert:
that:
- bareos_repository_enable_tracebacks is defined
- bareos_repository_enable_tracebacks is boolean
quiet: yes

150
roles/bareos_repository/tasks/main.yml Normal file
View File

@ -0,0 +1,150 @@
---
# tasks file for bareos_repository
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Add repository (rpm)
ansible.builtin.yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: yes
gpgkey: "{{ item.gpgkey }}"
username: "{{ item.username | default(omit) }}"
password: "{{ item.password | default(omit) }}"
no_log: true
loop: "{{ bareos_repository_list }}"
loop_control:
label: "{{ item.name }}"
when:
- ansible_pkg_mgr in [ "dnf", "yum" ]
- name: Run tasks on apt based distributions
when:
- ansible_pkg_mgr in [ "apt" ]
block:
- name: Install CA certificates (apt)
ansible.builtin.package:
name: ca-certificates
- name: Download gpg key (apt)
ansible.builtin.get_url:
url: "{{ bareos_repository_gpg_key }}"
dest: /etc/apt/bareos.gpg
username: "{{ bareos_repository_username }}"
password: "{{ bareos_repository_password }}"
owner: root
group: root
mode: "0644"
no_log: true
- name: Place credentials file (apt)
ansible.builtin.copy:
content: |
machine download.bareos.com
login {{ bareos_repository_username }}
password {{ bareos_repository_password }}
dest: /etc/apt/auth.conf.d/download_bareos_com.conf
owner: root
group: root
mode: "0600"
no_log: true
when:
- bareos_repository_type == "subscription"
- name: Add repository (apt)
ansible.builtin.apt_repository:
repo: "{{ item.deb_repo }}"
state: present
filename: "{{ item.name }}"
update_cache: yes
no_log: true
loop: "{{ bareos_repository_list }}"
loop_control:
label: "{{ item.name }}"
- name: Run tasks on zypper based distributions
when:
- ansible_pkg_mgr in [ "zypper" ]
block:
- name: Download gpg key (zypper)
ansible.builtin.get_url:
url: "{{ bareos_repository_gpg_key }}"
dest: /etc/gnupg/bareos.gpg
username: "{{ bareos_repository_username }}"
password: "{{ bareos_repository_password }}"
owner: root
group: root
mode: "0644"
no_log: true
- name: Import gpg key (zypper)
ansible.builtin.rpm_key:
key: /etc/gnupg/bareos.gpg
- name: Place credentials file (zypper)
ansible.builtin.copy:
content: |
username={{ bareos_repository_username }}
password={{ bareos_repository_password }}
dest: /etc/zypp/credentials.d/bareos
owner: root
group: root
mode: "0600"
no_log: true
when:
- bareos_repository_type == "subscription"
- name: Add repository (zypper)
community.general.zypper_repository:
name: "{{ item.name }}"
repo: "{{ item.repo }}"
state: present
loop: "{{ bareos_repository_list }}"
loop_control:
label: "{{ item.name }}"
- name: Enable tracebacks
when:
- bareos_repository_enable_tracebacks
block:
- name: Add debuginfo repository (rpm)
ansible.builtin.yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
gpgcheck: yes
gpgkey: "{{ item.gpgkey }}"
username: "{{ item.username | default(omit) }}"
password: "{{ item.password | default(omit) }}"
no_log: true
loop: "{{ bareos_repository_debug_list }}"
loop_control:
label: "{{ item.name }}"
when:
- ansible_pkg_mgr in [ "dnf", "yum" ]
- name: Add repository (zypper)
community.general.zypper_repository:
name: "{{ item.name }}"
repo: "{{ item.repo }}"
state: present
loop: "{{ bareos_repository_debug_list }}"
loop_control:
label: "{{ item.name }}"
when:
- ansible_pkg_mgr in [ "zypper" ]
- name: Install required packages
ansible.builtin.package:
name: "{{ bareos_repository_debug_required_packages }}"
- name: Disable ptrace_scope
ansible.posix.sysctl:
name: kernel.yama.ptrace_scope
value: "0"
sysctl_set: yes

59
roles/bareos_repository/vars/main.yml Normal file
View File

@ -0,0 +1,59 @@
---
# vars file for bareos_repository
# The URL differs for community and subscription versions.
_bareos_repository_base_url:
community: "https://download.bareos.org"
subscription: "https://download.bareos.com/bareos"
bareos_repository_base_url: "{{ _bareos_repository_base_url[bareos_repository_type] }}"
# Different distributions have different repository URLs.
_bareos_repository_url:
community:
default: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ ansible_distribution }}_{{ ansible_distribution_major_version }}"
Fedora: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ ansible_distribution }}_{{ ansible_distribution_major_version }}"
RedHat: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/EL_{{ ansible_distribution_major_version }}"
Suse: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/SUSE_{{ ansible_distribution_major_version }}"
Ubuntu: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/xUbuntu_{{ ansible_distribution_version }}"
subscription:
default: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ bareos_repository_version }}/{{ ansible_distribution }}_{{ ansible_distribution_major_version }}"
Fedora: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ bareos_repository_version }}/{{ ansible_distribution }}_{{ ansible_distribution_major_version }}"
RedHat: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ bareos_repository_version }}/EL_{{ ansible_distribution_major_version }}"
Suse: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ bareos_repository_version }}/SUSE_{{ ansible_distribution_major_version }}"
Ubuntu: "{{ bareos_repository_base_url }}/{{ bareos_repository_release }}/{{ bareos_repository_version }}/xUbuntu_{{ ansible_distribution_version }}"
bareos_repository_url: "{{ _bareos_repository_url[bareos_repository_type][ansible_distribution] | default(_bareos_repository_url[bareos_repository_type][ansible_os_family] | default(_bareos_repository_url[bareos_repository_type]['default'])) }}"
# Debian and RedHat use a different structure.
_bareos_repository_gpg_key:
default: "{{ bareos_repository_url }}/RPM-GPG-KEY"
Debian: "{{ bareos_repository_url }}/bareos-keyring.gpg"
bareos_repository_gpg_key: "{{ _bareos_repository_gpg_key[ansible_os_family] | default(_bareos_repository_gpg_key['default']) }}"
# A list of repositories. The items in this list contains parameters for both dnf/yum, apt and zypperz.
bareos_repository_list:
- name: bareos
description: Backup Archiving Recovery
baseurl: "{{ bareos_repository_url }}"
gpgkey: "{{ bareos_repository_gpg_key }}"
repo: "{{ bareos_repository_url }}"
deb_repo: "deb [signed-by=/etc/apt/bareos.gpg] {{ bareos_repository_url }} /"
username: "{{ bareos_repository_username | default(omit) }}"
password: "{{ bareos_repository_password | default(omit) }}"
# A list of repositories for debug information.
bareos_repository_debug_list:
- name: bareos-debuginfo
description: Backup Archiving Recovery - Debuginfo
baseurl: "{{ bareos_repository_url }}/debug"
gpgkey: "{{ bareos_repository_gpg_key }}"
repo: "{{ bareos_repository_url }}/debug"
username: "{{ bareos_repository_username | default(omit) }}"
password: "{{ bareos_repository_password | default(omit) }}"
# Extra packages are required to debug.
_bareos_repository_debug_required_packages:
default:
- procps
RedHat:
- procps-ng
bareos_repository_debug_required_packages: "{{ _bareos_repository_debug_required_packages[ansible_os_family] | default(_bareos_repository_debug_required_packages['default']) }}"

202
roles/bareos_sd/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

184
roles/bareos_sd/README.md Normal file
View File

@ -0,0 +1,184 @@
# [Ansible role bareos_sd](#bareos_sd)
Install and configure [Bareos](https://www.bareos.com/) Storage Daemon.
|GitHub|GitLab|Downloads|Version|
|------|------|---------|-------|
|[![github](https://github.com/anry/ansible-role-bareos_sd/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_sd/actions)|[![gitlab](https://gitlab.com/anry-iac/ansible-role-bareos_sd/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_sd)|[![downloads](https://img.shields.io/ansible/role/d/anry/bareos_sd)](https://galaxy.ansible.com/anry/bareos_sd)|[![Version](https://img.shields.io/github/release/anry/ansible-role-bareos_sd.svg)](https://github.com/anry/ansible-role-bareos_sd/releases/)|
## [Example Playbook](#example-playbook)
This example is taken from [`molecule/default/converge.yml`](https://github.com/anry/ansible-role-bareos_sd/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_sd
bareos_sd_backup_configurations: yes
bareos_sd_install_debug_packages: yes
bareos_sd_devices:
- name: "FileStorage"
description: "File device. A connecting Director must have the same Name and MediaType."
media_type: "File"
archive_device: "/var/lib/bareos/storage"
label_media: yes
random_access: yes
automatic_mount: yes
removable_media: no
always_open: no
maximum_concurrent_jobs: 1
- name: "disabled-device"
enabled: no
bareos_sd_directors:
- name: bareos-dir
password: "somepassword"
- name: "disabled-director"
enabled: no
bareos_sd_messages:
- name: "Standard"
description: "Send relevant messages to the Director."
director:
server: bareos-dir
messages:
- all
- "!skipped"
- "!restored"
append:
file: "/var/log/bareos/bareos.log"
messages:
- all
- "!skipped"
- "!terminate"
console:
- all
- "!skipped"
- "!saved"
- name: "disabled-message"
enabled: no
bareos_sd_s3_profiles:
- name: exoscale
host: "sos.exo.io:443"
use_https: yes
access_key: "SomeAPIKey"
secret_key: "SomeSecret"
pricing_dir: ""
backend: "s3"
aws_auth_sign_version: 4
aws_region: "ch-gva-2"
```
The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/anry/ansible-role-bareos_sd/blob/master/molecule/default/prepare.yml):
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bootstrap
- role: anry.roles.bareos_repository
bareos_repository_enable_tracebacks: yes
```
Also see a [full explanation and example](https://anry.nl/how-to-use-these-roles.html) on how to use these roles.
## [Role Variables](#role-variables)
The default values for the variables are set in [`defaults/main.yml`](https://github.com/anry/ansible-role-bareos_sd/blob/master/defaults/main.yml):
```yaml
---
# defaults file for bareos_sd
# The Storage Daemon has these configuration parameters.
# Backup the configuration files.
bareos_sd_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_sd_install_debug_packages: no
# The hostname of the Storage Daemon.
bareos_sd_hostname: "{{ inventory_hostname }}"
# The messages configuration to use.
bareos_sd_message: "Standard"
# The amount of jobs to run concurrently.
bareos_sd_max_concurrent_jobs: 20
# Enable TLS.
bareos_sd_tls_enable: yes
# Verify the peer.
bareos_sd_tls_verify_peer: no
# A list of devices to configure.
bareos_sd_devices: []
# A list of directors to connect to.
bareos_sd_directors: []
# A list of messages to send to the director.
bareos_sd_messages: []
# A list of S3 profiles to configure.
bareos_sd_s3_profiles: []
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt](https://github.com/anry/ansible-role-bareos_sd/blob/master/requirements.txt).
## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|-------------|--------|--------|
|[anry.bootstrap](https://galaxy.ansible.com/anry/bootstrap)|[![Build Status GitHub](https://github.com/anry/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bootstrap)|
|[anry.bareos_repository](https://galaxy.ansible.com/anry/bareos_repository)|[![Build Status GitHub](https://github.com/anry/ansible-role-bareos_repository/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_repository/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bareos_repository/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_repository)|
## [Context](#context)
This role is a part of many compatible roles. Have a look at [the documentation of these roles](https://anry.nl/) for further information.
Here is an overview of related roles:
![dependencies](https://raw.githubusercontent.com/anry/ansible-role-bareos_sd/png/requirements.png "Dependencies")
## [Compatibility](#compatibility)
This role has been tested on these [container images](https://hub.docker.com/u/anry):
|container|tags|
|---------|----|
|[Debian](https://hub.docker.com/r/anry/debian)|bookworm, bullseye, buster|
|[EL](https://hub.docker.com/r/anry/enterpriselinux)|7, 8, 9|
|[Fedora](https://hub.docker.com/r/anry/fedora/)|38, 39|
|[opensuse](https://hub.docker.com/r/anry/opensuse)|all|
|[Ubuntu](https://hub.docker.com/r/anry/ubuntu)|jammy, focal|
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in [GitHub](https://github.com/anry/ansible-role-bareos_sd/issues).
## [License](#license)
[Apache-2.0](https://github.com/anry/ansible-role-bareos_sd/blob/master/LICENSE).
## [Author Information](#author-information)
[anry](https://anry.nl/)
Please consider [sponsoring me](https://github.com/sponsors/anry).

37
roles/bareos_sd/defaults/main.yml Normal file
View File

@ -0,0 +1,37 @@
---
# defaults file for bareos_sd
# The Storage Daemon has these configuration parameters.
# Backup the configuration files.
bareos_sd_backup_configurations: no
# Install debug packages. This requires the debug repositories to be enabled.
bareos_sd_install_debug_packages: no
# The hostname of the Storage Daemon.
bareos_sd_hostname: "{{ inventory_hostname }}"
# The messages configuration to use.
bareos_sd_message: "Standard"
# The amount of jobs to run concurrently.
bareos_sd_max_concurrent_jobs: 20
# Enable TLS.
bareos_sd_tls_enable: yes
# Verify the peer.
bareos_sd_tls_verify_peer: no
# A list of devices to configure.
bareos_sd_devices: []
# A list of directors to connect to.
bareos_sd_directors: []
# A list of messages to send to the director.
bareos_sd_messages: []
# A list of S3 profiles to configure.
bareos_sd_s3_profiles: []

11
roles/bareos_sd/handlers/main.yml Normal file
View File

@ -0,0 +1,11 @@
---
# handlers file for bareos_sd
- name: Check configuration
ansible.builtin.command: "/usr/sbin/bareos-sd --test-config"
changed_when: false
- name: Restart bareos-sd
ansible.builtin.service:
name: bareos-sd
state: restarted

53
roles/bareos_sd/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,53 @@
---
argument_specs:
main:
short_description: "Install and configure BareOS Storage Daemon on your system."
description: >
Install and configure BareOS Storage Daemon on your system.
author: Robert de Bock
options:
bareos_sd_backup_configurations:
type: "bool"
default: no
description: "Backup the configuration files."
bareos_sd_hostname:
type: "str"
default: "{{ inventory_hostname }}"
description: "The hostname of the Storage Daemon."
bareos_sd_message:
type: "str"
default: "Standard"
description: "The messages configuration to use."
bareos_sd_max_concurrent_jobs:
type: "int"
default: 20
description: "The amount of jobs to run concurrently."
bareos_sd_tls_enable:
type: "bool"
default: yes
description: "Enable TLS."
bareos_sd_tls_verify_peer:
type: "bool"
default: no
description: "Verify the peer."
bareos_sd_devices:
type: "list"
default: []
description: "A list of devices to configure."
bareos_sd_directors:
type: "list"
default: []
description: "A list of directors to connect to."
bareos_sd_messages:
type: "list"
default: []
description: "A list of messages to send to the director."
bareos_sd_s3_profiles:
type: "list"
default: []
description: "A list of S3 profiles to configure."
bareos_sd_install_debug_packages:
type: "bool"
default: no
description: "Install debug packages. This requires the debug repositories to be enabled."

41
roles/bareos_sd/meta/main.yml Normal file
View File

@ -0,0 +1,41 @@
---
galaxy_info:
author: anry
role_name: bareos_sd
description: Install and configure [Bareos](https://www.bareos.com/) Storage Daemon.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "7"
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: opensuse
versions:
- all
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

4
roles/bareos_sd/requirements.yml Normal file
View File

@ -0,0 +1,4 @@
---
roles:
- name: anry.bootstrap
- name: anry.bareos_repository

87
roles/bareos_sd/tasks/assert.yml Normal file
View File

@ -0,0 +1,87 @@
---
- name: assert | Test bareos_sd_backup_configurations
ansible.builtin.assert:
that:
- bareos_sd_backup_configurations is defined
- bareos_sd_backup_configurations is boolean
quiet: yes
- name: assert | Test bareos_sd_install_debug_packages
ansible.builtin.assert:
that:
- bareos_sd_install_debug_packages is defined
- bareos_sd_install_debug_packages is boolean
quiet: yes
- name: assert | Test bareos_sd_hostname
ansible.builtin.assert:
that:
- bareos_sd_hostname is defined
- bareos_sd_hostname is string
- bareos_sd_hostname is not none
quiet: yes
- name: assert | Test bareos_sd_message
ansible.builtin.assert:
that:
- bareos_sd_message is defined
- bareos_sd_message is string
- bareos_sd_message is not none
quiet: yes
- name: assert | Test bareos_sd_max_concurrent_jobs
ansible.builtin.assert:
that:
- bareos_sd_max_concurrent_jobs is defined
- bareos_sd_max_concurrent_jobs is number
quiet: yes
- name: assert | Test bareos_sd_tls_enable
ansible.builtin.assert:
that:
- bareos_sd_tls_enable is defined
- bareos_sd_tls_enable is boolean
quiet: yes
- name: assert | Test bareos_sd_tls_verify_peer
ansible.builtin.assert:
that:
- bareos_sd_tls_verify_peer is defined
- bareos_sd_tls_verify_peer is boolean
quiet: yes
- name: assert | Test bareos_sd_directors
ansible.builtin.assert:
that:
- bareos_sd_directors is defined
- bareos_sd_directors is iterable
quiet: yes
- name: assert | Test bareos_sd_devices
ansible.builtin.assert:
that:
- bareos_sd_devices is defined
- bareos_sd_devices is iterable
quiet: yes
- name: assert | Test bareos_sd_directors
ansible.builtin.assert:
that:
- bareos_sd_directors is defined
- bareos_sd_directors is iterable
quiet: yes
- name: assert | Test bareos_sd_messages
ansible.builtin.assert:
that:
- bareos_sd_messages is defined
- bareos_sd_messages is iterable
quiet: yes
- name: assert | Test bareos_sd_s3_profiles
ansible.builtin.assert:
that:
- bareos_sd_s3_profiles is defined
- bareos_sd_s3_profiles is iterable
quiet: yes

111
roles/bareos_sd/tasks/main.yml Normal file
View File

@ -0,0 +1,111 @@
---
# tasks file for bareos_sd
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Install packages
ansible.builtin.package:
name: "{{ bareos_sd_packages }}"
- name: Install debug packages
ansible.builtin.package:
name: "{{ bareos_sd_debug_packages }}"
when:
- bareos_sd_install_debug_packages
- name: Place bareos-sd.conf
ansible.builtin.template:
src: bareos-sd.conf.j2
dest: "/etc/bareos/bareos-sd.d/storage/bareos-sd.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_sd_backup_configurations }}"
notify:
- Check configuration
- Restart bareos-sd
- name: Place device
ansible.builtin.template:
src: device.conf.j2
dest: "/etc/bareos/bareos-sd.d/device/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_sd_backup_configurations }}"
loop: "{{ bareos_sd_devices }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-sd
- name: Place director
ansible.builtin.template:
src: director.conf.j2
dest: "/etc/bareos/bareos-sd.d/director/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_sd_backup_configurations }}"
loop: "{{ bareos_sd_directors }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-sd
- name: Place message
ansible.builtin.template:
src: message.conf.j2
dest: "/etc/bareos/bareos-sd.d/messages/{{ item.name }}.conf"
owner: bareos
group: bareos
mode: "0640"
backup: "{{ bareos_sd_backup_configurations }}"
loop: "{{ bareos_sd_messages }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-sd
- name: Install bareos-storage-droplet.
ansible.builtin.package:
name: bareos-storage-droplet
when:
- bareos_sd_s3_profiles | length > 0
- name: Create /etc/bareos/bareos-sd.d/device/droplet
ansible.builtin.file:
path: /etc/bareos/bareos-sd.d/device/droplet
state: directory
owner: bareos
group: bareos
mode: "0755"
when:
- bareos_sd_s3_profiles | length > 0
- name: Place S3 profile
ansible.builtin.template:
src: s3.profile.j2
dest: /etc/bareos/bareos-sd.d/device/droplet/{{ item.name }}.profile
owner: bareos
group: bareos
mode: "0600"
loop: "{{ bareos_sd_s3_profiles }}"
loop_control:
label: "{{ item.name }}"
notify:
- Check configuration
- Restart bareos-sd
- name: Start bareos-sd
ansible.builtin.service:
name: bareos-sd
state: started
enabled: yes

0
roles/bareos_sd/templates/.gitkeep Normal file
View File

15
roles/bareos_sd/templates/bareos-sd.conf.j2 Normal file
View File

@ -0,0 +1,15 @@
{{ ansible_managed | comment }}
Storage {
Name = "{{ bareos_sd_hostname }}"
Messages = "{{ bareos_sd_message }}"
{% if bareos_sd_max_concurrent_jobs != 20 %}
Maximum Concurrent Jobs = {{ bareos_sd_max_concurrent_jobs }}
{% endif %}
{% if not bareos_sd_tls_enable %}
TLS Enable = No
{% endif %}
{% if bareos_sd_tls_verify_peer %}
TLS Verify Peer = Yes
{% endif %}
}

28
roles/bareos_sd/templates/device.conf.j2 Normal file
View File

@ -0,0 +1,28 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Device {
Name = "{{ item.name }}"
{% if item.description is defined %}
Description = "{{ item.description }}"
{% endif %}
{% if item.maximum_concurrent_jobs is defined %}
Maximum Concurrent Jobs = {{ item.maximum_concurrent_jobs }}
{% endif %}
Media Type = "{{ item.media_type }}"
Archive Device = "{{ item.archive_device }}"
{% if item.device_type is defined %}
Device Type = "{{ item.device_type }}"
{% endif %}
{% if item.device_options is defined %}
Device Options = "{{ item.device_options }}"
{% endif %}
LabelMedia = {{ item.label_media | ternary('yes', 'No') }}
Random Access = {{ item.random_access | ternary('yes', 'No') }}
AutomaticMount = {{ item.automatic_mount | ternary('yes', 'No') }}
RemovableMedia = {{ item.removable_media | ternary('yes', 'No') }}
AlwaysOpen = {{ item.always_open | ternary('yes', 'No') }}
}
{% else %}
# This file is not enabled.
{% endif %}

16
roles/bareos_sd/templates/director.conf.j2 Normal file
View File

@ -0,0 +1,16 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Director {
Name = "{{ item.name }}"
Password = "{{ item.password }}"
{% if item.tls_enable is defined %}
TLS Enable = {{ item.tls_enable | ternary('Yes', 'No') }}
{% endif %}
{% if item.tls_verify_peer is defined %}
TLS Verify Peer = {{ item.tls_verify_peer | ternary('Yes', 'No') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

19
roles/bareos_sd/templates/message.conf.j2 Normal file
View File

@ -0,0 +1,19 @@
{{ ansible_managed | comment }}
{% if item.enabled is defined and item.enabled or item.enabled is not defined %}
Messages {
Name = "{{ item.name }}"
Description = "{{ item.description }}"
{% if item.director is defined %}
Director = {{ item.director.server }} = {{ item.director.messages | join(', ') }}
{% endif %}
{% if item.append is defined %}
Append = "{{ item.append.file }}" = {{ item.append.messages | join(', ') }}
{% endif %}
{% if item.console is defined %}
Console = {{ item.console | join(', ') }}
{% endif %}
}
{% else %}
# This file is not enabled.
{% endif %}

10
roles/bareos_sd/templates/s3.profile.j2 Normal file
View File

@ -0,0 +1,10 @@
{{ ansible_managed | comment }}
host = "{{ item.host }}"
use_https = {{ item.use_https | ternary("true", "false") }}
access_key = {{ item.access_key }}
secret_key = {{ item.secret_key }}
pricing_dir = "{{ item.pricing_dir }}"
backend = {{ item.backend }}
aws_auth_sign_version = {{ item.aws_auth_sign_version }}
aws_region = {{ item.aws_region }}

19
roles/bareos_sd/vars/main.yml Normal file
View File

@ -0,0 +1,19 @@
---
# vars file for bareos_sd
bareos_sd_packages:
- bareos-storage
- bareos-storage-tape
# A map to define the packages to install for debugging.
_bareos_sd_debug_packages:
default:
- bareos-storage-debuginfo
- gdb
Debian:
- bareos-dbg
- gdb
RedHat-7:
- bareos-debuginfo
- gdb
bareos_sd_debug_packages: "{{ _bareos_sd_debug_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_bareos_sd_debug_packages[ansible_os_family] | default(_bareos_sd_debug_packages['default'])) }}"

202
roles/bareos_webui/LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2024 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

109
roles/bareos_webui/README.md Normal file
View File

@ -0,0 +1,109 @@
# [Ansible role bareos_webui](#bareos_webui)
Install and configure [Bareos](https://www.bareos.com/) WebUI on your system.
|GitHub|GitLab|Downloads|Version|
|------|------|---------|-------|
|[![github](https://github.com/anry/ansible-role-bareos_webui/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_webui/actions)|[![gitlab](https://gitlab.com/anry-iac/ansible-role-bareos_webui/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_webui)|[![downloads](https://img.shields.io/ansible/role/d/anry/bareos_webui)](https://galaxy.ansible.com/anry/bareos_webui)|[![Version](https://img.shields.io/github/release/anry/ansible-role-bareos_webui.svg)](https://github.com/anry/ansible-role-bareos_webui/releases/)|
## [Example Playbook](#example-playbook)
This example is taken from [`molecule/default/converge.yml`](https://github.com/anry/ansible-role-bareos_webui/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml
---
- name: Converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: anry.roles.bareos_webui
bareos_webui_directors:
- name: localhost-dir
enabled: yes
diraddress: localhost
- name: disabled-dir
enabled: no
```
The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/anry/ansible-role-bareos_webui/blob/master/molecule/default/prepare.yml):
```yaml
---
- name: Prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: anry.roles.bootstrap
- role: anry.roles.bareos_repository
```
Also see a [full explanation and example](https://anry.nl/how-to-use-these-roles.html) on how to use these roles.
## [Role Variables](#role-variables)
The default values for the variables are set in [`defaults/main.yml`](https://github.com/anry/ansible-role-bareos_webui/blob/master/defaults/main.yml):
```yaml
---
# defaults file for bareos_webui
bareos_webui_configuration:
- section: session
option: timeout
value: 3600
bareos_webui_directors: []
```
## [Requirements](#requirements)
- pip packages listed in [requirements.txt](https://github.com/anry/ansible-role-bareos_webui/blob/master/requirements.txt).
## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|-------------|--------|--------|
|[anry.bootstrap](https://galaxy.ansible.com/anry/bootstrap)|[![Build Status GitHub](https://github.com/anry/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bootstrap/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bootstrap)|
|[anry.bareos_repository](https://galaxy.ansible.com/anry/bareos_repository)|[![Build Status GitHub](https://github.com/anry/ansible-role-bareos_repository/workflows/Ansible%20Molecule/badge.svg)](https://github.com/anry/ansible-role-bareos_repository/actions)|[![Build Status GitLab](https://gitlab.com/anry-iac/ansible-role-bareos_repository/badges/master/pipeline.svg)](https://gitlab.com/anry-iac/ansible-role-bareos_repository)|
## [Context](#context)
This role is a part of many compatible roles. Have a look at [the documentation of these roles](https://anry.nl/) for further information.
Here is an overview of related roles:
![dependencies](https://raw.githubusercontent.com/anry/ansible-role-bareos_webui/png/requirements.png "Dependencies")
## [Compatibility](#compatibility)
This role has been tested on these [container images](https://hub.docker.com/u/anry):
|container|tags|
|---------|----|
|[Debian](https://hub.docker.com/r/anry/debian)|bookworm, bullseye, buster|
|[EL](https://hub.docker.com/r/anry/enterpriselinux)|8, 9|
|[Fedora](https://hub.docker.com/r/anry/fedora/)|38, 39|
|[Ubuntu](https://hub.docker.com/r/anry/ubuntu)|jammy, focal|
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in [GitHub](https://github.com/anry/ansible-role-bareos_webui/issues).
## [License](#license)
[Apache-2.0](https://github.com/anry/ansible-role-bareos_webui/blob/master/LICENSE).
## [Author Information](#author-information)
[anry](https://anry.nl/)
Please consider [sponsoring me](https://github.com/sponsors/anry).

9
roles/bareos_webui/defaults/main.yml Normal file
View File

@ -0,0 +1,9 @@
---
# defaults file for bareos_webui
bareos_webui_configuration:
- section: session
option: timeout
value: 3600
bareos_webui_directors: []

7
roles/bareos_webui/handlers/main.yml Normal file
View File

@ -0,0 +1,7 @@
---
# handlers file for bareos_webui
- name: Restart httpd
ansible.builtin.service:
name: "{{ bareos_webui_httpd_service }}"
state: restarted

17
roles/bareos_webui/meta/argument_specs.yml Normal file
View File

@ -0,0 +1,17 @@
---
# # bareos_dir_messages: Daemon
argument_specs:
main:
short_description: "Install and configure BareOS WebUI on your system."
description: >
Install and configure BareOS WebUI on your system.
author: Robert de Bock
options:
bareos_webui_directors:
type: "list"
description: "A list of directors to connect to.."
bareos_webui_configuration:
type: "list"
description: "Configuration for the webui."

38
roles/bareos_webui/meta/main.yml Normal file
View File

@ -0,0 +1,38 @@
---
galaxy_info:
author: anry
role_name: bareos_webui
description: Install and configure [Bareos](https://www.bareos.com/) WebUI on your system.
license: Apache-2.0
company: none
min_ansible_version: "2.12"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- buster
- name: EL
versions:
- "8"
- "9"
- name: Fedora
versions:
- "38"
- "39"
- name: Ubuntu
versions:
- jammy
- focal
galaxy_tags:
- backup
- bareos
- infrastructure
- linux
- storage
- system
- tools
dependencies: []

7
roles/bareos_webui/requirements.yml Normal file
View File

@ -0,0 +1,7 @@
---
roles:
- name: anry.bootstrap
- name: anry.bareos_repository
collections:
- name: ansible.posix
- name: community.general

58
roles/bareos_webui/tasks/assert.yml Normal file
View File

@ -0,0 +1,58 @@
---
- name: assert | Test bareos_webui_directors
ansible.builtin.assert:
that:
- bareos_webui_directors is defined
- bareos_webui_directors is iterable
quiet: yes
- name: assert | Test items in bareos_webui_directors are set correctly when enabled
ansible.builtin.assert:
that:
- item.name is defined
- item.name is string
- item.enabled is defined
- item.enabled is boolean
- item.diraddress is defined
- item.diraddress is string
quiet: yes
loop: "{{ bareos_webui_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- item.enabled
- name: assert | Test items in bareos_webui_directors are set correctly when not enabled
ansible.builtin.assert:
that:
- item.name is defined
- item.name is string
- item.enabled is defined
- item.enabled is boolean
quiet: yes
loop: "{{ bareos_webui_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- not item.enabled
- name: assert | Test bareos_webui_configuration
ansible.builtin.assert:
that:
- bareos_webui_configuration is defined
- bareos_webui_configuration is iterable
quiet: yes
- name: assert | Test items in bareos_webui_configuration are set correctly
ansible.builtin.assert:
that:
- item.section is defined
- item.section is string
- item.option is defined
- item.option is string
- item.value is defined
quiet: yes
loop: "{{ bareos_webui_configuration }}"
loop_control:
label: "{{ item.section }}:{{ item.option }}"

67
roles/bareos_webui/tasks/main.yml Normal file
View File

@ -0,0 +1,67 @@
---
# tasks file for bareos_webui
- name: Import assert.yml
ansible.builtin.import_tasks:
file: assert.yml
run_once: true
delegate_to: localhost
- name: Install requirements
ansible.builtin.package:
name: "{{ bareos_webui_requirements }}"
- name: Install bareos-webui
ansible.builtin.package:
name: bareos-webui
notify:
- Restart httpd
- name: Set "enabled" in directors.ini
community.general.ini_file:
path: /etc/bareos-webui/directors.ini
section: "{{ item.name }}"
option: enabled
value: "{{ item.enabled | ternary('Yes', 'No') }}"
owner: root
group: root
mode: "0644"
loop: "{{ bareos_webui_directors }}"
loop_control:
label: "{{ item.name }}"
- name: Set "diraddress" in directors.ini
community.general.ini_file:
path: /etc/bareos-webui/directors.ini
section: "{{ item.name }}"
option: diraddress
value: "{{ item.diraddress }}"
owner: root
group: root
mode: "0644"
loop: "{{ bareos_webui_directors }}"
loop_control:
label: "{{ item.name }}"
when:
- item.enabled
- name: Set settings for configuration.ini
community.general.ini_file:
path: /etc/bareos-webui/configuration.ini
section: "{{ item.section }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
owner: root
group: root
mode: "0644"
loop: "{{ bareos_webui_configuration }}"
loop_control:
label: "{{ item.section }}:{{ item.option }}"
- name: Set SELinux boolean httpd_can_network_connect
ansible.posix.seboolean:
name: httpd_can_network_connect
state: yes
persistent: yes
when:
- ansible_selinux.status is defined
- ansible_selinux.status == "enabled"

17
roles/bareos_webui/vars/main.yml Normal file
View File

@ -0,0 +1,17 @@
---
# vars file for bareos_webui
_bareos_webui_requirements:
default: []
Debian:
- libapache2-mod-php
bareos_webui_requirements: "{{ _bareos_webui_requirements[ansible_os_family] | default(_bareos_webui_requirements['default']) }}"
_bareos_webui_httpd_service:
default: httpd
Alpine: apache2
Debian: apache2
RedHat: httpd
bareos_webui_httpd_service: "{{ _bareos_webui_httpd_service[ansible_os_family] | default(_bareos_webui_httpd_service['default']) }}"