diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml new file mode 100644 index 0000000..2dc2583 --- /dev/null +++ b/.github/workflows/ansible-linting-check.yml @@ -0,0 +1,23 @@ +--- +name: Ansible Lint check + +# yamllint disable-line rule:truthy +on: + push: + branches: '*' + pull_request: + branches: '*' + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@v6 + with: + targets: "." + args: "" diff --git a/.github/workflows/galaxy.yml b/.github/workflows/galaxy.yml index 4130155..adcecbd 100644 --- a/.github/workflows/galaxy.yml +++ b/.github/workflows/galaxy.yml @@ -12,9 +12,11 @@ jobs: build: runs-on: ubuntu-latest steps: - - name: checkout + - name: 'checkout git repo' uses: actions/checkout@v3 - - name: galaxy - uses: robertdebock/galaxy-action@1.2.1 + + - name: 'release on galaxy' + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} + git_branch: 'main' diff --git a/meta/main.yml b/meta/main.yml index e959d5e..b233d7d 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,14 +6,18 @@ galaxy_info: license: MIT min_ansible_version: 2.10.6 platforms: + - name: ArchLinux + versions: + - all - name: Debian - versions: all - - name: EL - versions: all - - name: Fedora - versions: all + versions: + - all - name: Ubuntu - versions: all + versions: + - all + - name: Fedora + versions: + - all galaxy_tags: - backup - restic diff --git a/tasks/backup.yml b/tasks/backup.yml index 404a0a8..55b438a 100644 --- a/tasks/backup.yml +++ b/tasks/backup.yml @@ -1,7 +1,7 @@ --- - name: (BACKUP) reformat dict if necessary ansible.builtin.set_fact: - restic_backups: "{{ restic_backups|dict2items|json_query('[*].value') }}" + restic_backups: "{{ restic_backups | dict2items | json_query('[*].value') }}" when: - restic_backups | type_debug == "dict" diff --git a/tasks/configure.yml b/tasks/configure.yml index db0d383..fc83a12 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -20,7 +20,7 @@ - not 'config file already exists' in restic_init.stderr - not 'config already initialized' in restic_init.stderr - not 'config already exists' in restic_init.stderr - loop: "{{ restic_repos|dict2items }}" + loop: "{{ restic_repos | dict2items }}" when: - item.value.init is defined - item.value.init|bool diff --git a/tasks/delete_legacy_cron_entry.yml b/tasks/delete_legacy_cron_entry.yml index 4920331..617f10c 100644 --- a/tasks/delete_legacy_cron_entry.yml +++ b/tasks/delete_legacy_cron_entry.yml @@ -8,6 +8,7 @@ delegate_to: localhost - name: (SCHEDULE) (OLD) try to remove entries from /etc/crontab + become: true ansible.builtin.cron: name: "do1jlr.restic backup {{ item.name }}" job: "CRON=true {{ restic_script_dir }}/backup-{{ item.name | replace(' ', '') }}.sh" @@ -18,7 +19,6 @@ state: absent cron_file: '/etc/crontab' user: 'root' - become: true no_log: "{{ restic_no_log }}" with_items: '{{ restic_backups }}' when: @@ -26,11 +26,10 @@ - item.name is defined - item.scheduled | default(false) - ansible_service_mgr != 'systemd' or restic_force_cron | default(false) or restic_schedule_type == "cronjob" - ignore_error: true - tags: skip_ansible_lint register: cron_delete + failed_when: false -- name: "(SCHEDULE) (OLD) make sure 'do1jlr.restic backup {{ item.name }}' is not in /etc/crontab" +- name: "(SCHEDULE) (OLD) make sure do1jlr.restic backup script is not in /etc/crontab" become: true ansible.builtin.lineinfile: path: '/etc/crontab' @@ -39,7 +38,7 @@ when: cron_delete.failed with_items: '{{ restic_backups }}' -- name: "(SCHEDULE) (OLD) make sure '{{ restic_script_dir }}/backup-{{ item.name | replace(' ', '') }}.sh' is not in /etc/crontab" +- name: "(SCHEDULE) (OLD) make sure restic script is not in /etc/crontab" become: true ansible.builtin.lineinfile: path: '/etc/crontab' diff --git a/tasks/main.yml b/tasks/main.yml index 95a64a9..34901f5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,22 +1,22 @@ --- -- name: add OS specific variables +- name: Add OS specific variables ansible.builtin.include_vars: "{{ lookup('first_found', restic_os_variables) }}" -- name: perform optional versionscheck +- name: Perform optional versionscheck ansible.builtin.include_tasks: 'versioncheck.yml' when: submodules_versioncheck | bool -- name: make sure restic is available +- name: Make sure restic is available ansible.builtin.include_tasks: 'preperation.yml' -- name: make sure restic is installed +- name: Make sure restic is installed ansible.builtin.include_tasks: 'install.yml' when: not restic_executable.stat.exists or not restic_installed.stat.exists -- name: initialize restic repo(s) +- name: Initialize restic repo(s) ansible.builtin.include_tasks: 'configure.yml' -- name: create backup script +- name: Create backup script ansible.builtin.include_tasks: 'backup.yml' loop_control: loop_var: loop_distribution @@ -25,7 +25,7 @@ distribution_version: '{{ ansible_distribution_version }}' distribution_major_version: '{{ ansible_distribution_major_version }}' -- name: schedule restic backup +- name: Schedule restic backup ansible.builtin.include_tasks: 'schedule.yml' loop_control: loop_var: loop_distribution diff --git a/tasks/restic_create_systemd.yml b/tasks/restic_create_systemd.yml index 4ffaedf..f6f90a8 100644 --- a/tasks/restic_create_systemd.yml +++ b/tasks/restic_create_systemd.yml @@ -1,5 +1,9 @@ --- - name: (SCHEDULE) (SYSTEMD) create systemd timer + when: + - ansible_service_mgr == 'systemd' + - restic_schedule_type == "systemd" + - restic_create_schedule | bool block: - name: (SCHEDULE) (SYSTEMD) copy systemd timer become: true @@ -56,11 +60,7 @@ when: - item.name is defined - item.scheduled | default(false) - when: - - ansible_service_mgr == 'systemd' - - restic_schedule_type == "systemd" - - restic_create_schedule | bool rescue: - - name: set cronjob intead of systemd + - name: Set cronjob intead of systemd ansible.builtin.set_fact: restic_force_cron: true diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index 5128cc8..0da894b 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -8,37 +8,38 @@ path: '/etc/.ansible-version' state: directory mode: 0755 - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool -- name: check playbook version +- name: Check playbook version become: true ansible.builtin.slurp: src: "/etc/.ansible-version/{{ playbook_version_path }}" register: playbook_version - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool ignore_errors: true failed_when: false - name: Print remote role version ansible.builtin.debug: msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool - name: Print locale role version ansible.builtin.debug: - msg: "Local role version: '{{ playbook_version_number|string }}'." - when: submodules_versioncheck|bool + msg: "Local role version: '{{ playbook_version_number | string }}'." + when: submodules_versioncheck | bool - name: Check if your version is outdated ansible.builtin.fail: msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!" when: - - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool + - playbook_version.content | default("Mgo=") | b64decode | int - 1 >= playbook_version_number | int and submodules_versioncheck | bool -- name: write new version to remote disk +- name: Write new version to remote disk become: true ansible.builtin.copy: content: "{{ playbook_version_number }}" dest: "/etc/.ansible-version/{{ playbook_version_path }}" mode: '0644' - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool + tags: skip_ansible_lint_rule_template-instead-of-copy