php repo excluded, sys_fetch SvMysqlDbs

diff --git a/playbooks.templates/i_40_php8.2.yaml b/playbooks.templates/i_40_php8.2.yaml
deleted file mode 100644 (file)
index c7ce38be0ae181a04dcc98a00f09fcbca873ab31..0000000000000000000000000000000000000000
--- a/playbooks.templates/i_40_php8.2.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-- name: Playbook to install and configure PHP
-  # optional facts:
-  # php_version: the wanted version. Default: "8.2"
-  hosts: all
-  vars:
-    - php_version: "8.2"
-  vars_files:
-    - ../vars/php.yaml
-  pre_tasks:
-    - name:
-      ansible.builtin.apt:
-        name: gpg
-        state: present
-        update_cache: true
-    - name: add packages.sury.org (Debian case)
-      block:
-        - name: add gpg repo key
-          ansible.builtin.apt_key:
-            url:  'https://packages.sury.org/php/apt.gpg'
-            state: present
-
-        - name: add apt repo
-          ansible.builtin.apt_repository:
-            repo:  'deb https://packages.sury.org/php/ {{ ansible_distribution_release|lower }} main'
-            state: present
-            filename: php
-      when: ansible_distribution == 'Debian'
-  tasks:
-    - name: Install PHP {{php_version}} and common modules
-      ansible.builtin.apt:
-        name: "{{ item }}"
-        state: present
-        update_cache: true
-        cache_valid_time: 3600
-      with_items: "{{ php_packages + php_additional_packages }}"
-    - name: Define PHP variables in php.ini
-      ansible.builtin.ini_file:
-        dest: /etc/php/{{php_version}}/fpm/php.ini 
-        section: "{{ item.section }}"
-        option: "{{ item.option }}"
-        value: "{{ item.value }}"
-      with_items:
-        "{{ php_ini_settings }}"
-    - name: Ensure PHP-FPM is running
-      ansible.builtin.systemd:
-        name: php{{ php_version }}-fpm
-        state: started
-        enabled: yes
-    - name: Ensure Redis is running
-      ansible.builtin.systemd:
-        name: redis-server
-        state: started
-        enabled: yes
\ No newline at end of file

diff --git a/playbooks.templates/i_40_php8.2.yaml b/playbooks.templates/i_40_php8.2.yaml
new file mode 120000 (symlink)
index 0000000000000000000000000000000000000000..728d53d7e3c1cae5b275035b6eba4c4a25c20d75
--- /dev/null
+++ b/playbooks.templates/i_40_php8.2.yaml
@@ -0,0 +1 @@
+i_41_php8.2.yaml
\ No newline at end of file

diff --git a/playbooks.templates/i_40_php_repository.yaml b/playbooks.templates/i_40_php_repository.yaml
new file mode 100644 (file)
index 0000000..70aa0c7
--- /dev/null
+++ b/playbooks.templates/i_40_php_repository.yaml
@@ -0,0 +1,41 @@
+---
+- name: Install PHP repository
+  hosts: all
+  vars:
+    repo_mode: "trixie"
+  tasks:
+    - name:
+      ansible.builtin.apt:
+        name: gpg
+        state: present
+        update_cache: true
+    - name: add packages.sury.org (bookworm or older case)
+      block:
+        - name: add gpg repo key
+          ansible.builtin.apt_key:
+            url:  'https://packages.sury.org/php/apt.gpg'
+            state: present
+          when: false
+        - name: add apt repo
+          ansible.builtin.apt_repository:
+            repo:  'deb https://packages.sury.org/php/ {{ ansible_distribution_release|lower }} main'
+            state: present
+            filename: php
+      when: repo_mode != 'trixie'
+    - name: add packages.sury.org (Trixie case)
+      block:
+        - name: Download debsuryorg-archive-keyring.deb
+          ansible.builtin.get_url:
+            url: "https://packages.sury.org/debsuryorg-archive-keyring.deb"
+            validate_certs: false
+            dest: /tmp/debsuryorg-archive-keyring.deb
+        - name: Install debsuryorg-archive-keyring.deb
+          ansible.builtin.apt:
+            deb: /tmp/debsuryorg-archive-keyring.deb
+        - name: Create the repo configuration for php
+          ansible.builtin.apt_repository:
+            repo: 'deb [signed-by=/usr/share/keyrings/debsuryorg-archive-keyring.gpg] https://packages.sury.org/php/ trixie main'
+            state: present
+            filename: php
+      when: repo_mode == 'trixie'
+    

diff --git a/playbooks.templates/i_41_php8.2.yaml b/playbooks.templates/i_41_php8.2.yaml
new file mode 100644 (file)
index 0000000..c0bf2bc
--- /dev/null
+++ b/playbooks.templates/i_41_php8.2.yaml
@@ -0,0 +1,35 @@
+---
+- name: Playbook to install and configure PHP
+  # optional facts:
+  # php_version: the wanted version. Default: "8.2"
+  hosts: all
+  vars:
+    php_version: "8.2"
+  vars_files:
+    - ../vars/php.yaml
+  tasks:
+    - name: Install PHP {{php_version}} and common modules
+      ansible.builtin.apt:
+        name: "{{ item }}"
+        state: present
+        update_cache: true
+        cache_valid_time: 3600
+      with_items: "{{ php_packages + php_additional_packages }}"
+    - name: Define PHP variables in php.ini
+      ansible.builtin.ini_file:
+        dest: /etc/php/{{php_version}}/fpm/php.ini 
+        section: "{{ item.section }}"
+        option: "{{ item.option }}"
+        value: "{{ item.value }}"
+      with_items:
+        "{{ php_ini_settings }}"
+    - name: Ensure PHP-FPM is running
+      ansible.builtin.systemd:
+        name: php{{ php_version }}-fpm
+        state: started
+        enabled: yes
+    - name: Ensure Redis is running
+      ansible.builtin.systemd:
+        name: redis-server
+        state: started
+        enabled: yes
\ No newline at end of file

diff --git a/playbooks.templates/i_51_seafile.yaml b/playbooks.templates/i_51_seafile.yaml
index 28cf0ab98c2a53600f0048c13e107416402bfa57..6b28e2fa5ad6706c396a6ab24a27ca051c9ddafd 100644 (file)
--- a/playbooks.templates/i_51_seafile.yaml
+++ b/playbooks.templates/i_51_seafile.yaml
@@ -5,19 +5,19 @@
     - ../vars/seafile.yaml
     # needed facts: seafile_version = "12.0", seafile_user
   tasks:
-    - name: create seafile user
+    - name: Create seafile user
       ansible.builtin.user:
         name: "{{ seafile_user }}"
         state: present
         shell: /usr/bin/bash
         home: /home/seafile
         uid: "{{ seafile_user_id }}"
-    - name: install packages
+    - name: Install packages
       ansible.builtin.apt:
         name: "{{ item }}"
         state: present
       with_items: [ memcached, libmemcached-dev, python3-dev, python3-setuptools, python3-pip, python3.11-venv]
-    - name: create directories for seafile
+    - name: Create directories for seafile
       ansible.builtin.file:
         path: "{{ item }}"
         state: directory
@@ -28,29 +28,29 @@
       # Trick: we use a subdirectory "install" to ensure not destoying possible symbolic links in /opt/seafile ...
       with_items: ["/opt/seafile/install", "/opt/seafile-mysql/install", "/opt/seafile-data/install"]
 
-    - name: file check for .env
+    - name: File check for .env
       ansible.builtin.stat:
         path: /opt/seafile/.env
       register: file_check
-    - name: download the docker .env file for seafile
+    - name: Download the docker .env file for seafile
       ansible.builtin.get_url:
         url: "https://manual.seafile.com/{{ seafile_version }}/repo/docker/ce/env"
         dest: /opt/seafile/.env
         mode: "0644"
       when: file_check.stat.exists == false
 
-    - name: file check for seadoc.yml
+    - name: File check for seadoc.yml
       ansible.builtin.stat:
         path: /opt/seafile/seadoc.yml
       register: file_check
-    - name: download seadoc.yml for seafile
+    - name: Download seadoc.yml for seafile
       ansible.builtin.get_url:
         url: "https://manual.seafile.com/{{ seafile_version }}/repo/docker/seadoc.yml"
         dest: "/opt/seafile/seadoc.yml"
         mode: "0644"
       when: not file_check.stat.exists
 
-    - name: file check for cadd.yml
+    - name: File check for cadd.yml
       ansible.builtin.stat:
         path: /opt/seafile/caddy.yml
       register: file_check
@@ -61,7 +61,7 @@
         mode: "0644"
       when: not file_check.stat.exists
 
-    - name: create a virtual enviroment
+    - name: Create a virtual enviroment
       ansible.builtin.command:
         cmd: python3 -m venv venv
         chdir: /opt/seafile
@@ -69,7 +69,7 @@
         creates: venv
       register: result
       changed_when: result.rc == 0
-    - name: install modules in venv
+    - name: Install modules in venv
       pip:
         name: "{{ item }}"
         virtualenv: venv
@@ -97,12 +97,12 @@
         - python-ldap==3.4.*
         - gevent==24.2.*
 
-    - name: file check for seafile_server_current
+    - name: File check for seafile_server_current
       ansible.builtin.stat:
         path: /opt/seafile/seafile_server_current
       register: file_check
 
-    - name: download tar file
+    - name: Download tar file
       ansible.builtin.get_url:
         url: "{{ seafile_download_tar }}"
         dest: /opt/seafile/install/seafile-server.tar.gz
@@ -115,7 +115,7 @@
         dest: /opt/seafile
       when: file_check.stat.exists == false
 
-    - name: build symbolic link to seafile_server
+    - name: Build symbolic link to seafile_server
       ansible.builtin.file:
         src: "{{ item }}"
         dest: /opt/seafile/seafile_server_current

diff --git a/playbooks.templates/ssl_multi_cert.yaml b/playbooks.templates/ssl_multi_cert.yaml
index d8b98fad319beef01981cf1f53cc87c384492c72..6f4cb251ac683df6fe07991da27cae75b99cf664 100644 (file)
--- a/playbooks.templates/ssl_multi_cert.yaml
+++ b/playbooks.templates/ssl_multi_cert.yaml
@@ -1,7 +1,7 @@
 ---
 - name: Creates a X509 certificate for a domain, needed for a letsencrypt certificate
   # needed facts (variables) from the commandline: (e.g. ansible-playbook -e "domain=example.com")
-  # - domains: a list of domain name for the certificate
+  # - domains: a comma separated list of domain name for the certificate
   hosts: all
   vars_files:
     - ../vars/common.yaml

diff --git a/playbooks.templates/sys_fetch.yaml b/playbooks.templates/sys_fetch.yaml
new file mode 100644 (file)
index 0000000..b3ea245
--- /dev/null
+++ b/playbooks.templates/sys_fetch.yaml
@@ -0,0 +1,21 @@
+---
+- name: Fetches files from a remote server for backup
+  # needed facts (variables) from the commandline: (e.g. ansible-playbook -e "domain=example.com")
+  hosts: all
+  vars_files:
+    - ../vars/common.yaml
+  tasks:
+  - name: Fetch the single files
+    ansible.builtin.include_tasks: ../tasks/t_sys_fetch_file.yaml
+    vars:
+      sourceFile: "{{ item.source }}"
+      targetFile: "{{ item.target }}"
+    with_items: "{{ sys_fetch_files }}"
+  - name: Fetch the directories
+    ansible.builtin.include_tasks: ../tasks/t_sys_fetch_directory.yaml
+    vars:
+      sourceDir: "{{ item.source }}"
+      targetDir: "{{ item.target }}"
+    with_items: "{{ sys_fetch_directories }}"
+    when: false
+    

diff --git a/tasks.templates/t_sys_fetch_directory.yaml b/tasks.templates/t_sys_fetch_directory.yaml
new file mode 100644 (file)
index 0000000..f74c8f2
--- /dev/null
+++ b/tasks.templates/t_sys_fetch_directory.yaml
@@ -0,0 +1,19 @@
+# Fetches a file from the remote server to a given backup directory
+# needed facts (variables):
+# - sourceDir: the full path of the remote file
+# - targetDir: the relative path of the backup file
+- name: Get the file names
+  ansible.builtin.find:
+    paths: "{{ sourceDir }}"
+  register: found_files
+
+- name: Set fileList variable with file names
+  ansible.builtin.set_fact:
+    fileList: "{{ found_files.files | map(attribute='path') | list }}"
+
+- name: Fetches the files
+  ansible.builtin.include_tasks: t_sys_fetch_file.yaml
+  vars:
+    sourceFile: "{{ item }}"
+    targetFile: "../{{ targetDir }}/{{ item }}"
+  with_items: "{{ fileList }}"

diff --git a/tasks.templates/t_sys_fetch_file.yaml b/tasks.templates/t_sys_fetch_file.yaml
new file mode 100644 (file)
index 0000000..6cea0d8
--- /dev/null
+++ b/tasks.templates/t_sys_fetch_file.yaml
@@ -0,0 +1,29 @@
+# Fetches a file from the remote server to a given backup directory
+# needed facts (variables):
+# - sourceFile: the full path of the remote file
+# - targetFile: the relative path of the backup file
+- name: Ensure target directory exists
+  ansible.builtin.file:
+    path: "../{{ targetFile | dirname }}/meta"
+    state: directory
+    mode: "0755"
+    recurse: true
+  delegate_to: localhost
+- name: Fetches the file
+  ansible.builtin.fetch:
+    src: "{{ sourceFile }}"
+    dest: "../{{ targetFile }}"
+    flat: yes
+    group: root
+    user: root
+    mode: "0600"
+
+- name: Get the meta data of the source file
+  ansible.builtin.shell: 'stat -c "%a %A %U %G" {{ sourceFile }}'
+  register: stat_info
+
+- name: Write meta data
+  ansible.builtin.copy:
+    content: "{{ stat_info.stdout }}"
+    dest: "../{{ targetFile | dirname }}/meta/{{ targetFile | basename }}.meta"
+  delegate_to: localhost
\ No newline at end of file

diff --git a/templates.fix/scripts/SvMysqlDbs b/templates.fix/scripts/SvMysqlDbs
new file mode 100755 (executable)
index 0000000..0eaf909
--- /dev/null
+++ b/templates.fix/scripts/SvMysqlDbs
@@ -0,0 +1,34 @@
+#! /bin/bash
+VERBOSE=-v
+. /usr/local/bin/local/SvMysqlDbs.conf
+#BASE_MYSQL=/var/lib/mysql
+#DIR_SAFE=/tmp
+#OPT_MYSQLDUMP="-u root"
+#set -x
+
+function SaveOne(){
+    local db=$1
+    test -n "$VERBOSE" && echo "= mysqldump $db"
+    mysqldump $OPT_MYSQLDUMP $db > $DIR_SAFE/$db.sql
+}
+
+function FindDbs(){
+    pushd $BASE_MYSQL 2>&1 >/dev/null
+    for db in *; do
+      if [ -d $db -a -f $db/db.opt -a "$db" != sys -a $db != performance_schema -a $db != mysql ]; then
+        # echo "db: $db"
+        SaveOne $db
+      fi
+    done
+    popd 2>&1 >/dev/null
+
+}
+if [ "$1" == -q ]; then
+  VERBOSE=
+  shift
+fi
+if [ -z "$BASE_MYSQL" -o -z "$DIR_SAFE" ]; then
+  echo "+++ wrong /usr/local/bin/local/SvMysqlDbs.conf"
+else
+    FindDbs
+fi
\ No newline at end of file

diff --git a/templates.fix/scripts/SvWebapp b/templates.fix/scripts/SvWebapp
index fd48e8c332122d863ee38db5bd3b54f5bbbc1663..077cb1caf58213a46834cf16ca4d52e34efdc3e8 100644 (file)
--- a/templates.fix/scripts/SvWebapp
+++ b/templates.fix/scripts/SvWebapp
@@ -18,6 +18,7 @@ if [ -z "$DB" ]; then
 elif [ ! -d $BASE ]; then
   echo "+++ missing $BASE"
 else
+  mkdir -p $BASE/db
   cd $BASE/db
   mysqldump $DB | gzip >$DOMAIN.sql.gz
   cd $BASE

diff --git a/templates.local/scripts/SvMysqlDbs.conf b/templates.local/scripts/SvMysqlDbs.conf
new file mode 100644 (file)
index 0000000..18c1267
--- /dev/null
+++ b/templates.local/scripts/SvMysqlDbs.conf
@@ -0,0 +1,4 @@
+BASE_MYSQL=/var/lib/mysql
+DIR_SAFE=/srv/www/db.safe
+OPT_MYSQLDUMP="-u root"
+