Merge branch 'main' into doc/update_README

.github/workflows/collection.yml

@@ -1,16 +1,28 @@
 ---
 
-name: Build and Deploy Collection
-
+name: Build and deploy Collection on Ansible Galaxy
 on:
   push:
-
+    branches:
+      - main
+    tags:
+      - 'v*'
 jobs:
   deploy:
-    runs-on: "Ubuntu-20.04"
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Deploy Ansible Galaxy Collection
-        uses: artis3n/[email protected]
+
+      - name: Checkout repository and submodules
+        uses: actions/checkout@v4
+        with:
+          submodules: 'true'
+
+      - name: Set version in galaxy.yml
+        run: |
+          VERSION=${GITHUB_REF#refs/tags/v}
+          sed -re "s/^version:.*$/version: ${VERSION}/" -i galaxy.yml
+
+      - name: Upload collection to Ansible Galaxy
+        uses: ansible/[email protected]
         with:
-          api_key: '${{ secrets.GALAXY_API_KEY }}'
+          api_key: ${{ secrets.GALAXY_API_KEY }}

.github/workflows/semantic-release.yml

@@ -0,0 +1,27 @@
+---
+
+# runs on each push to main and is responsible for creating new tags/releases
+name: Create Semantic Release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  semantic-release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Run go-semantic-release
+        id: semrel
+        uses: go-semantic-release/[email protected]
+        with:
+          allow-initial-development-versions: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitmodules

@@ -0,0 +1,18 @@
+[submodule "roles/bareos_repository"]
+	path = roles/bareos_repository
+	url = https://github.com/adfinis/ansible-role-bareos_repository
+[submodule "roles/bareos_webui"]
+	path = roles/bareos_webui
+	url = https://github.com/adfinis/ansible-role-bareos_webui
+[submodule "roles/bareos_dir"]
+	path = roles/bareos_dir
+	url = https://github.com/adfinis/ansible-role-bareos_dir
+[submodule "roles/bareos_sd"]
+	path = roles/bareos_sd
+	url = https://github.com/adfinis/ansible-role-bareos_sd
+[submodule "roles/bareos_fd"]
+	path = roles/bareos_fd
+	url = https://github.com/adfinis/ansible-role-bareos_fd
+[submodule "roles/bareos_console"]
+	path = roles/bareos_console
+	url = https://github.com/adfinis/ansible-role-bareos_console

README.md

@@ -37,6 +37,9 @@ collections:
 
 ## Using playbooks in this collection
 The collection includes multiple playbooks to use with the individual roles. Playbooks from collections can be called by their FQCN directly.
+The playbooks aid to minimize the amount of necessary configuration and try to declare as much as possible in the form of defaults. In most scenarios stuff like client settings, backup file sets/excludes, retention are universally applicable for all (or most) clients.
+Therefore the playbooks rely heavly on group_vars, as a lot of data has to be shared between the Bareos components.
+For example: For every client/FD there needs to be some shared config data on both the Director (`/etc/bareos/bareos-dir.d/clients/<client fqdn>`) and the FD (`/etc/bareos/bareos-fd.d/<director>`) so a connection between them is possible.
 
 The playbooks try to ease the management of lots of backup clients and jobs, by adding default values that are applied for all hosts.
 These defaults can be applied in the from of group vars (`group_vars/all/defaults.yml`):
@@ -51,7 +54,7 @@ job_defaults:
   messages: Messages
   jobdefs: JobDef_StandardIncremental
   schedule: Daily2300_Incremental
-  storage: "{{ bareos_storagedaemon }}"
+  storage: "Storage_bareosStorageDaemon.example.com"
 
 # list has to be defined here, to be able to add clients later
 bareos_dir_clients: []
@@ -117,4 +120,3 @@ Playbook fetches the individual Filedaemon encryption keys, so that they can be
 ``` bash
 ansible-playbook adfinis.bareos.fetch_encryption_keys -i inventory --check
 ```
-

UPDATING.md

@@ -1,17 +1,5 @@
 # Updating the roles
 
-1. Delete the roles:
-
-```shell
-rm -Rf roles/*
-```
-
-2. Copy the roles in:
-
-```shell
-./UPDATING.sh
-```
-
-3. Update galaxy.yml
-
-Bump version.
+Roles in collection are managed as [git submodules](https://git-scm.com/book/en/v2/Git-Tools-Submodules).
+* Changes can be fetched with `git fetch`.
+* To pull changes for specific role, run: `git submodule update --remote <role name>` (Example: `git submodule update --remote roles/bareos_repository`).

galaxy.yml

@@ -1,7 +1,7 @@
 ---
 namespace: adfinis
 name: bareos
-version: 1.0.0
+version: 1.0.5
 readme: README.md
 authors:
   - Adfinis

playbooks/fetch_client_encryption_keys_playbook.yml

@@ -0,0 +1,17 @@
+---
+
+- name: Fetch encryption key-pair string from filedaemons
+  hosts: filedaemons
+  gather_facts: false
+  become: true
+  tasks:
+    - name: Fetch key-pair from filedaemons
+      ansible.builtin.slurp:
+        src: "/etc/bareos/{{ inventory_hostname }}.pem"
+      register: _keypair
+      tags: fetch_keys
+
+    - name: Print key-pair string
+      ansible.builtin.debug:
+        msg: "{{ _keypair['content'] | b64decode }}"
+      tags: fetch_keys

playbooks/manage_clients_playbook.yml

@@ -0,0 +1,93 @@
+---
+
+- name: Gather facts from all hosts
+  hosts: all
+  become: true
+  gather_facts: true
+  tags: always
+
+- name: Setup clients from host_group filedaemons
+  hosts: filedaemons
+  become: true
+  pre_tasks:
+    - name: Fetch facts from director
+      ansible.builtin.setup:
+      delegate_to: "{{ item }}"
+      delegate_facts: true
+      run_once: true
+      loop: "{{ groups['directors'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::setup
+  roles:
+    - role: robertdebock.bootstrap  # prepare host for ansible runs
+      tags:
+        - manage_clients
+        - manage_clients::setup
+    - role: bareos_repository
+      tags:
+        - manage_clients
+        - manage_clients::setup
+    - role: bareos_fd
+      tags:
+        - manage_clients
+        - manage_clients::setup
+
+- name: Deploy Filedaemons on Director with the bareos_dir role
+  hosts: directors
+  become: true
+  vars:
+    _fd_list: []
+  pre_tasks:
+    - name: Gather Ansible facts for all Filedaemons
+      ansible.builtin.setup:
+      delegate_to: "{{ item }}"
+      delegate_facts: true
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+
+    - name: Create list of Filedaemons to deploy on Director
+      ansible.builtin.set_fact:
+        _fd_list: >-
+          {{ _fd_list + [{
+            'name': item,
+            'address': client_defaults.address,
+            'password': client_defaults.password,
+            'maximum_concurrent_jobs': client_defaults.maximum_concurrent_jobs,
+            'connection_from_director_to_client': client_defaults.connection_from_dir,
+            'connection_from_client_to_director': client_defaults.connection_from_fd,
+            'heartbeat': client_defaults.heartbeat,
+            'enabled': client_defaults.enabled}]
+          }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+      when:
+        - hostvars[item].bareos_fd_configuration is undefined  # let's you set exceptions on host_vars level
+
+    - name: Add Filedaemons to list which have separate host_vars defined
+      ansible.builtin.set_fact:
+        _fd_list: >-
+          {{ _fd_list + [ hostvars[item].bareos_fd_configuration ] }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+      when:
+        - hostvars[item].bareos_fd_configuration is defined # use host_vars instead and add host to client list
+
+    - name: Register client list
+      ansible.builtin.set_fact:
+        bareos_dir_clients: "{{ _fd_list }}"  # var is used in bareos_dir role
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+
+  roles:
+    - role: bareos_dir
+      tags:
+        - manage_clients
+        - manage_clients::deployment

playbooks/manage_jobs_playbook.yml

@@ -0,0 +1,49 @@
+---
+
+- name: Gather facts from all hosts
+  hosts: all
+  become: true
+  gather_facts: true
+  tags: always
+
+- name: Create jobs on Director for every client in host_group filedaemons
+  hosts: directors
+  become: true
+  vars:
+    _job_list: []
+  pre_tasks:
+    - name: Create job list for all FDs with defined standard values (group_vars)
+      ansible.builtin.set_fact:
+        _job_list: >-
+          {{ _job_list + [{
+            'name': item+'_'+job_defaults.name,
+            'client': item,
+            'pool': job_defaults.pool,
+            'type': job_defaults.type,
+            'messages': job_defaults.messages,
+            'jobdefs': job_defaults.jobdefs,
+            'storage': job_defaults.storage,
+            'schedule': job_defaults.schedule}]
+          }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags: manage_jobs
+      when:  # if job(s) are defined in host_vars, standards will be skipped
+        - hostvars[item].bareos_fd_jobs is undefined 
+
+    - name: Add dedicated jobs defined in host_vars
+      ansible.builtin.set_fact:
+        _job_list: >-
+          {{ _job_list + hostvars[item].bareos_fd_jobs }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags: manage_jobs
+      when:
+        - hostvars[item].bareos_fd_jobs is defined  # use job(s) from host_vars instead
+
+    - name: Register job list
+      ansible.builtin.set_fact:
+        bareos_dir_jobs: "{{ _job_list }}"
+      tags: manage_jobs
+
+  roles:
+    - role: bareos_dir
+      tags: manage_jobs

requirements.yml

@@ -1,4 +1,5 @@
 ---
+
 collections:
   - name: ansible.posix
   - name: community.crypto