From af5de3d39f194e1ad141db2351bd718a7e79fe54 Mon Sep 17 00:00:00 2001 From: Hamatoma Date: Sat, 16 Aug 2025 17:31:20 +0200 Subject: [PATCH] php repo excluded, sys_fetch SvMysqlDbs --- playbooks.templates/i_40_php8.2.yaml | 55 +------------------- playbooks.templates/i_40_php_repository.yaml | 41 +++++++++++++++ playbooks.templates/i_41_php8.2.yaml | 35 +++++++++++++ playbooks.templates/i_51_seafile.yaml | 26 ++++----- playbooks.templates/ssl_multi_cert.yaml | 2 +- playbooks.templates/sys_fetch.yaml | 21 ++++++++ tasks.templates/t_sys_fetch_directory.yaml | 19 +++++++ tasks.templates/t_sys_fetch_file.yaml | 29 +++++++++++ templates.fix/scripts/SvMysqlDbs | 34 ++++++++++++ templates.fix/scripts/SvWebapp | 1 + templates.local/scripts/SvMysqlDbs.conf | 4 ++ 11 files changed, 199 insertions(+), 68 deletions(-) mode change 100644 => 120000 playbooks.templates/i_40_php8.2.yaml create mode 100644 playbooks.templates/i_40_php_repository.yaml create mode 100644 playbooks.templates/i_41_php8.2.yaml create mode 100644 playbooks.templates/sys_fetch.yaml create mode 100644 tasks.templates/t_sys_fetch_directory.yaml create mode 100644 tasks.templates/t_sys_fetch_file.yaml create mode 100755 templates.fix/scripts/SvMysqlDbs create mode 100644 templates.local/scripts/SvMysqlDbs.conf diff --git a/playbooks.templates/i_40_php8.2.yaml b/playbooks.templates/i_40_php8.2.yaml deleted file mode 100644 index c7ce38b..0000000 --- a/playbooks.templates/i_40_php8.2.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- name: Playbook to install and configure PHP - # optional facts: - # php_version: the wanted version. Default: "8.2" - hosts: all - vars: - - php_version: "8.2" - vars_files: - - ../vars/php.yaml - pre_tasks: - - name: - ansible.builtin.apt: - name: gpg - state: present - update_cache: true - - name: add packages.sury.org (Debian case) - block: - - name: add gpg repo key - ansible.builtin.apt_key: - url: 'https://packages.sury.org/php/apt.gpg' - state: present - - - name: add apt repo - ansible.builtin.apt_repository: - repo: 'deb https://packages.sury.org/php/ {{ ansible_distribution_release|lower }} main' - state: present - filename: php - when: ansible_distribution == 'Debian' - tasks: - - name: Install PHP {{php_version}} and common modules - ansible.builtin.apt: - name: "{{ item }}" - state: present - update_cache: true - cache_valid_time: 3600 - with_items: "{{ php_packages + php_additional_packages }}" - - name: Define PHP variables in php.ini - ansible.builtin.ini_file: - dest: /etc/php/{{php_version}}/fpm/php.ini - section: "{{ item.section }}" - option: "{{ item.option }}" - value: "{{ item.value }}" - with_items: - "{{ php_ini_settings }}" - - name: Ensure PHP-FPM is running - ansible.builtin.systemd: - name: php{{ php_version }}-fpm - state: started - enabled: yes - - name: Ensure Redis is running - ansible.builtin.systemd: - name: redis-server - state: started - enabled: yes \ No newline at end of file diff --git a/playbooks.templates/i_40_php8.2.yaml b/playbooks.templates/i_40_php8.2.yaml new file mode 120000 index 0000000..728d53d --- /dev/null +++ b/playbooks.templates/i_40_php8.2.yaml @@ -0,0 +1 @@ +i_41_php8.2.yaml \ No newline at end of file diff --git a/playbooks.templates/i_40_php_repository.yaml b/playbooks.templates/i_40_php_repository.yaml new file mode 100644 index 0000000..70aa0c7 --- /dev/null +++ b/playbooks.templates/i_40_php_repository.yaml @@ -0,0 +1,41 @@ +--- +- name: Install PHP repository + hosts: all + vars: + repo_mode: "trixie" + tasks: + - name: + ansible.builtin.apt: + name: gpg + state: present + update_cache: true + - name: add packages.sury.org (bookworm or older case) + block: + - name: add gpg repo key + ansible.builtin.apt_key: + url: 'https://packages.sury.org/php/apt.gpg' + state: present + when: false + - name: add apt repo + ansible.builtin.apt_repository: + repo: 'deb https://packages.sury.org/php/ {{ ansible_distribution_release|lower }} main' + state: present + filename: php + when: repo_mode != 'trixie' + - name: add packages.sury.org (Trixie case) + block: + - name: Download debsuryorg-archive-keyring.deb + ansible.builtin.get_url: + url: "https://packages.sury.org/debsuryorg-archive-keyring.deb" + validate_certs: false + dest: /tmp/debsuryorg-archive-keyring.deb + - name: Install debsuryorg-archive-keyring.deb + ansible.builtin.apt: + deb: /tmp/debsuryorg-archive-keyring.deb + - name: Create the repo configuration for php + ansible.builtin.apt_repository: + repo: 'deb [signed-by=/usr/share/keyrings/debsuryorg-archive-keyring.gpg] https://packages.sury.org/php/ trixie main' + state: present + filename: php + when: repo_mode == 'trixie' + diff --git a/playbooks.templates/i_41_php8.2.yaml b/playbooks.templates/i_41_php8.2.yaml new file mode 100644 index 0000000..c0bf2bc --- /dev/null +++ b/playbooks.templates/i_41_php8.2.yaml @@ -0,0 +1,35 @@ +--- +- name: Playbook to install and configure PHP + # optional facts: + # php_version: the wanted version. Default: "8.2" + hosts: all + vars: + php_version: "8.2" + vars_files: + - ../vars/php.yaml + tasks: + - name: Install PHP {{php_version}} and common modules + ansible.builtin.apt: + name: "{{ item }}" + state: present + update_cache: true + cache_valid_time: 3600 + with_items: "{{ php_packages + php_additional_packages }}" + - name: Define PHP variables in php.ini + ansible.builtin.ini_file: + dest: /etc/php/{{php_version}}/fpm/php.ini + section: "{{ item.section }}" + option: "{{ item.option }}" + value: "{{ item.value }}" + with_items: + "{{ php_ini_settings }}" + - name: Ensure PHP-FPM is running + ansible.builtin.systemd: + name: php{{ php_version }}-fpm + state: started + enabled: yes + - name: Ensure Redis is running + ansible.builtin.systemd: + name: redis-server + state: started + enabled: yes \ No newline at end of file diff --git a/playbooks.templates/i_51_seafile.yaml b/playbooks.templates/i_51_seafile.yaml index 28cf0ab..6b28e2f 100644 --- a/playbooks.templates/i_51_seafile.yaml +++ b/playbooks.templates/i_51_seafile.yaml @@ -5,19 +5,19 @@ - ../vars/seafile.yaml # needed facts: seafile_version = "12.0", seafile_user tasks: - - name: create seafile user + - name: Create seafile user ansible.builtin.user: name: "{{ seafile_user }}" state: present shell: /usr/bin/bash home: /home/seafile uid: "{{ seafile_user_id }}" - - name: install packages + - name: Install packages ansible.builtin.apt: name: "{{ item }}" state: present with_items: [ memcached, libmemcached-dev, python3-dev, python3-setuptools, python3-pip, python3.11-venv] - - name: create directories for seafile + - name: Create directories for seafile ansible.builtin.file: path: "{{ item }}" state: directory @@ -28,29 +28,29 @@ # Trick: we use a subdirectory "install" to ensure not destoying possible symbolic links in /opt/seafile ... with_items: ["/opt/seafile/install", "/opt/seafile-mysql/install", "/opt/seafile-data/install"] - - name: file check for .env + - name: File check for .env ansible.builtin.stat: path: /opt/seafile/.env register: file_check - - name: download the docker .env file for seafile + - name: Download the docker .env file for seafile ansible.builtin.get_url: url: "https://manual.seafile.com/{{ seafile_version }}/repo/docker/ce/env" dest: /opt/seafile/.env mode: "0644" when: file_check.stat.exists == false - - name: file check for seadoc.yml + - name: File check for seadoc.yml ansible.builtin.stat: path: /opt/seafile/seadoc.yml register: file_check - - name: download seadoc.yml for seafile + - name: Download seadoc.yml for seafile ansible.builtin.get_url: url: "https://manual.seafile.com/{{ seafile_version }}/repo/docker/seadoc.yml" dest: "/opt/seafile/seadoc.yml" mode: "0644" when: not file_check.stat.exists - - name: file check for cadd.yml + - name: File check for cadd.yml ansible.builtin.stat: path: /opt/seafile/caddy.yml register: file_check @@ -61,7 +61,7 @@ mode: "0644" when: not file_check.stat.exists - - name: create a virtual enviroment + - name: Create a virtual enviroment ansible.builtin.command: cmd: python3 -m venv venv chdir: /opt/seafile @@ -69,7 +69,7 @@ creates: venv register: result changed_when: result.rc == 0 - - name: install modules in venv + - name: Install modules in venv pip: name: "{{ item }}" virtualenv: venv @@ -97,12 +97,12 @@ - python-ldap==3.4.* - gevent==24.2.* - - name: file check for seafile_server_current + - name: File check for seafile_server_current ansible.builtin.stat: path: /opt/seafile/seafile_server_current register: file_check - - name: download tar file + - name: Download tar file ansible.builtin.get_url: url: "{{ seafile_download_tar }}" dest: /opt/seafile/install/seafile-server.tar.gz @@ -115,7 +115,7 @@ dest: /opt/seafile when: file_check.stat.exists == false - - name: build symbolic link to seafile_server + - name: Build symbolic link to seafile_server ansible.builtin.file: src: "{{ item }}" dest: /opt/seafile/seafile_server_current diff --git a/playbooks.templates/ssl_multi_cert.yaml b/playbooks.templates/ssl_multi_cert.yaml index d8b98fa..6f4cb25 100644 --- a/playbooks.templates/ssl_multi_cert.yaml +++ b/playbooks.templates/ssl_multi_cert.yaml @@ -1,7 +1,7 @@ --- - name: Creates a X509 certificate for a domain, needed for a letsencrypt certificate # needed facts (variables) from the commandline: (e.g. ansible-playbook -e "domain=example.com") - # - domains: a list of domain name for the certificate + # - domains: a comma separated list of domain name for the certificate hosts: all vars_files: - ../vars/common.yaml diff --git a/playbooks.templates/sys_fetch.yaml b/playbooks.templates/sys_fetch.yaml new file mode 100644 index 0000000..b3ea245 --- /dev/null +++ b/playbooks.templates/sys_fetch.yaml @@ -0,0 +1,21 @@ +--- +- name: Fetches files from a remote server for backup + # needed facts (variables) from the commandline: (e.g. ansible-playbook -e "domain=example.com") + hosts: all + vars_files: + - ../vars/common.yaml + tasks: + - name: Fetch the single files + ansible.builtin.include_tasks: ../tasks/t_sys_fetch_file.yaml + vars: + sourceFile: "{{ item.source }}" + targetFile: "{{ item.target }}" + with_items: "{{ sys_fetch_files }}" + - name: Fetch the directories + ansible.builtin.include_tasks: ../tasks/t_sys_fetch_directory.yaml + vars: + sourceDir: "{{ item.source }}" + targetDir: "{{ item.target }}" + with_items: "{{ sys_fetch_directories }}" + when: false + diff --git a/tasks.templates/t_sys_fetch_directory.yaml b/tasks.templates/t_sys_fetch_directory.yaml new file mode 100644 index 0000000..f74c8f2 --- /dev/null +++ b/tasks.templates/t_sys_fetch_directory.yaml @@ -0,0 +1,19 @@ +# Fetches a file from the remote server to a given backup directory +# needed facts (variables): +# - sourceDir: the full path of the remote file +# - targetDir: the relative path of the backup file +- name: Get the file names + ansible.builtin.find: + paths: "{{ sourceDir }}" + register: found_files + +- name: Set fileList variable with file names + ansible.builtin.set_fact: + fileList: "{{ found_files.files | map(attribute='path') | list }}" + +- name: Fetches the files + ansible.builtin.include_tasks: t_sys_fetch_file.yaml + vars: + sourceFile: "{{ item }}" + targetFile: "../{{ targetDir }}/{{ item }}" + with_items: "{{ fileList }}" diff --git a/tasks.templates/t_sys_fetch_file.yaml b/tasks.templates/t_sys_fetch_file.yaml new file mode 100644 index 0000000..6cea0d8 --- /dev/null +++ b/tasks.templates/t_sys_fetch_file.yaml @@ -0,0 +1,29 @@ +# Fetches a file from the remote server to a given backup directory +# needed facts (variables): +# - sourceFile: the full path of the remote file +# - targetFile: the relative path of the backup file +- name: Ensure target directory exists + ansible.builtin.file: + path: "../{{ targetFile | dirname }}/meta" + state: directory + mode: "0755" + recurse: true + delegate_to: localhost +- name: Fetches the file + ansible.builtin.fetch: + src: "{{ sourceFile }}" + dest: "../{{ targetFile }}" + flat: yes + group: root + user: root + mode: "0600" + +- name: Get the meta data of the source file + ansible.builtin.shell: 'stat -c "%a %A %U %G" {{ sourceFile }}' + register: stat_info + +- name: Write meta data + ansible.builtin.copy: + content: "{{ stat_info.stdout }}" + dest: "../{{ targetFile | dirname }}/meta/{{ targetFile | basename }}.meta" + delegate_to: localhost \ No newline at end of file diff --git a/templates.fix/scripts/SvMysqlDbs b/templates.fix/scripts/SvMysqlDbs new file mode 100755 index 0000000..0eaf909 --- /dev/null +++ b/templates.fix/scripts/SvMysqlDbs @@ -0,0 +1,34 @@ +#! /bin/bash +VERBOSE=-v +. /usr/local/bin/local/SvMysqlDbs.conf +#BASE_MYSQL=/var/lib/mysql +#DIR_SAFE=/tmp +#OPT_MYSQLDUMP="-u root" +#set -x + +function SaveOne(){ + local db=$1 + test -n "$VERBOSE" && echo "= mysqldump $db" + mysqldump $OPT_MYSQLDUMP $db > $DIR_SAFE/$db.sql +} + +function FindDbs(){ + pushd $BASE_MYSQL 2>&1 >/dev/null + for db in *; do + if [ -d $db -a -f $db/db.opt -a "$db" != sys -a $db != performance_schema -a $db != mysql ]; then + # echo "db: $db" + SaveOne $db + fi + done + popd 2>&1 >/dev/null + +} +if [ "$1" == -q ]; then + VERBOSE= + shift +fi +if [ -z "$BASE_MYSQL" -o -z "$DIR_SAFE" ]; then + echo "+++ wrong /usr/local/bin/local/SvMysqlDbs.conf" +else + FindDbs +fi \ No newline at end of file diff --git a/templates.fix/scripts/SvWebapp b/templates.fix/scripts/SvWebapp index fd48e8c..077cb1c 100644 --- a/templates.fix/scripts/SvWebapp +++ b/templates.fix/scripts/SvWebapp @@ -18,6 +18,7 @@ if [ -z "$DB" ]; then elif [ ! -d $BASE ]; then echo "+++ missing $BASE" else + mkdir -p $BASE/db cd $BASE/db mysqldump $DB | gzip >$DOMAIN.sql.gz cd $BASE diff --git a/templates.local/scripts/SvMysqlDbs.conf b/templates.local/scripts/SvMysqlDbs.conf new file mode 100644 index 0000000..18c1267 --- /dev/null +++ b/templates.local/scripts/SvMysqlDbs.conf @@ -0,0 +1,4 @@ +BASE_MYSQL=/var/lib/mysql +DIR_SAFE=/srv/www/db.safe +OPT_MYSQLDUMP="-u root" + -- 2.47.2