Merge branch 'main' into feat/ci_semantic-release

.github/workflows/collection.yml

@@ -1,17 +1,28 @@
 ---
 
-name: Build and Deploy Collection
-
+name: Build and deploy Collection on Ansible Galaxy
 on:
   push:
     branches:
       - main
+    tags:
+      - 'v*'
 jobs:
   deploy:
-    runs-on: "Ubuntu-20.04"
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Deploy Ansible Galaxy Collection
-        uses: artis3n/[email protected]
+
+      - name: Checkout repository and submodules
+        uses: actions/checkout@v4
+        with:
+          submodules: 'true'
+
+      - name: Set version in galaxy.yml
+        run: |
+          VERSION=${GITHUB_REF#refs/tags/v}
+          sed -re "s/^version:.*$/version: ${VERSION}/" -i galaxy.yml
+
+      - name: Upload collection to Ansible Galaxy
+        uses: ansible/[email protected]
         with:
-          api_key: '${{ secrets.GALAXY_API_KEY }}'
+          api_key: ${{ secrets.GALAXY_API_KEY }}

.gitmodules

@@ -0,0 +1,18 @@
+[submodule "roles/bareos_repository"]
+	path = roles/bareos_repository
+	url = https://github.com/adfinis/ansible-role-bareos_repository
+[submodule "roles/bareos_webui"]
+	path = roles/bareos_webui
+	url = https://github.com/adfinis/ansible-role-bareos_webui
+[submodule "roles/bareos_dir"]
+	path = roles/bareos_dir
+	url = https://github.com/adfinis/ansible-role-bareos_dir
+[submodule "roles/bareos_sd"]
+	path = roles/bareos_sd
+	url = https://github.com/adfinis/ansible-role-bareos_sd
+[submodule "roles/bareos_fd"]
+	path = roles/bareos_fd
+	url = https://github.com/adfinis/ansible-role-bareos_fd
+[submodule "roles/bareos_console"]
+	path = roles/bareos_console
+	url = https://github.com/adfinis/ansible-role-bareos_console

README.md

@@ -29,3 +29,71 @@ collections:
       import_role:
         name: adfinis.bareos.repository
 ```
+
+## Using playbooks in this collection
+
+The playbooks aid to minimize the amount of necessary configuration and try to declare as much as possible in the form of defaults. In most scenarios stuff like client settings, backup file sets/excludes, retention are universally applicable for all (or most) clients.
+Therefore the playbooks rely heavly on group_vars, as a lot of data has to be shared between the Bareos components.
+For example: For every client/FD there needs to be some shared config data on both the Director (`/etc/bareos/bareos-dir.d/clients/<client fqdn>`) and the FD (`/etc/bareos/bareos-fd.d/<director>`) so a connection between them is possible.
+
+For example the playbook `manage_clients_playbook.yml` loops over the host group `filedaemons` and applies all client_default settings (defined as group_vars) without having to manage dedicated host_vars for every client/FD.
+
+### Example settings
+
+An example set of default settings for all clients (`group_vars/all/main.yml`), where all FDs initiate the TCP connection:
+
+```yaml
+---
+
+client_defaults:
+  address: ""  # leave empty if the TCP connection should be initiated by the FD and not the Director
+  password: "{{ hostvars['bareos-director']['director_password'] }}"  # host_vars/bareos-director/vault.yml
+  maximum_concurrent_jobs: 3
+  connection_from_fd: true    # TCP connection FD->Dir
+  connection_from_dir: false  # TCP connection Dir-FD
+  heartbeat: 60  # TCP connection heartbeat Dir<->FD
+  enabled: true
+
+job_defaults:
+  name: Incremental_Daily
+  pool: Pool_Daily
+  type: Backup
+  messages: Messages_Daily
+  jobdefs: JobDef_StandardIncremental
+  schedule: Schedule_StandardIncremental
+  storage: Storage_bareosStorageDaemon.example.com
+```
+
+The host_vars of a host with different settings (`host_vars/host.example.com/main.yml`):
+```yaml
+---
+
+bareos_fd_configuration:
+  name: host.example.com
+  address: host.example.com
+  password: "{{ hostvars['bareos-director']['director_password'] }}"
+  maximum_concurrent_jobs: 5
+  enabled: true
+  connection_from_fd: false
+  connection_from_dir: true
+
+bareos_fd_jobs:
+  - name: host.example.com_Daily
+    pool: Pool_Daily
+    type: Backup
+    messages: Messages_Daily
+    jobdefs: JobDef_StandardIncremental
+    schedule: Schedule_StandardIncremental
+    storage: Storage_bareosStorageDaemon-01.example.com
+  - name: host.example.com_WeeklyFull
+    pool: Pool_Weekly
+    type: Backup
+    messages: Messages_Weekly
+    jobdefs: JobDef_StandardFull
+    schedule: Schedule_StandardFull
+    storage: Storage_bareosStorageDaemon-02.example.com
+```
+
+### Playbooks
+* **manage_clients_playbook.yml**: Sets up all clients/FDs (bareos_repository, bareos_fd) and deploys them dynamically on the Director (bareos_dir).
+* **manage_jobs_playbook.yml**: Sets up a dedicated job for every client/FD on the Director.

UPDATING.md

@@ -1,17 +1,5 @@
 # Updating the roles
 
-1. Delete the roles:
-
-```shell
-rm -Rf roles/*
-```
-
-2. Copy the roles in:
-
-```shell
-./UPDATING.sh
-```
-
-3. Update galaxy.yml
-
-Bump version.
+Roles in collection are managed as [git submodules](https://git-scm.com/book/en/v2/Git-Tools-Submodules).
+* Changes can be fetched with `git fetch`.
+* To pull changes for specific role, run: `git submodule update --remote <role name>` (Example: `git submodule update --remote roles/bareos_repository`).

galaxy.yml

@@ -1,7 +1,7 @@
 ---
 namespace: adfinis
 name: bareos
-version: 1.0.0
+version: 1.0.5
 readme: README.md
 authors:
   - Adfinis

playbooks/fetch_client_encryption_keys_playbook.yml

@@ -0,0 +1,17 @@
+---
+
+- name: Fetch encryption key-pair string from filedaemons
+  hosts: filedaemons
+  gather_facts: false
+  become: true
+  tasks:
+    - name: Fetch key-pair from filedaemons
+      ansible.builtin.slurp:
+        src: "/etc/bareos/{{ inventory_hostname }}.pem"
+      register: _keypair
+      tags: fetch_keys
+
+    - name: Print key-pair string
+      ansible.builtin.debug:
+        msg: "{{ _keypair['content'] | b64decode }}"
+      tags: fetch_keys

playbooks/manage_clients_playbook.yml

@@ -0,0 +1,93 @@
+---
+
+- name: Gather facts from all hosts
+  hosts: all
+  become: true
+  gather_facts: true
+  tags: always
+
+- name: Setup clients from host_group filedaemons
+  hosts: filedaemons
+  become: true
+  pre_tasks:
+    - name: Fetch facts from director
+      ansible.builtin.setup:
+      delegate_to: "{{ item }}"
+      delegate_facts: true
+      run_once: true
+      loop: "{{ groups['directors'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::setup
+  roles:
+    - role: robertdebock.bootstrap  # prepare host for ansible runs
+      tags:
+        - manage_clients
+        - manage_clients::setup
+    - role: bareos_repository
+      tags:
+        - manage_clients
+        - manage_clients::setup
+    - role: bareos_fd
+      tags:
+        - manage_clients
+        - manage_clients::setup
+
+- name: Deploy Filedaemons on Director with the bareos_dir role
+  hosts: directors
+  become: true
+  vars:
+    _fd_list: []
+  pre_tasks:
+    - name: Gather Ansible facts for all Filedaemons
+      ansible.builtin.setup:
+      delegate_to: "{{ item }}"
+      delegate_facts: true
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+
+    - name: Create list of Filedaemons to deploy on Director
+      ansible.builtin.set_fact:
+        _fd_list: >-
+          {{ _fd_list + [{
+            'name': item,
+            'address': client_defaults.address,
+            'password': client_defaults.password,
+            'maximum_concurrent_jobs': client_defaults.maximum_concurrent_jobs,
+            'connection_from_director_to_client': client_defaults.connection_from_dir,
+            'connection_from_client_to_director': client_defaults.connection_from_fd,
+            'heartbeat': client_defaults.heartbeat,
+            'enabled': client_defaults.enabled}]
+          }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+      when:
+        - hostvars[item].bareos_fd_configuration is undefined  # let's you set exceptions on host_vars level
+
+    - name: Add Filedaemons to list which have separate host_vars defined
+      ansible.builtin.set_fact:
+        _fd_list: >-
+          {{ _fd_list + [ hostvars[item].bareos_fd_configuration ] }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+      when:
+        - hostvars[item].bareos_fd_configuration is defined # use host_vars instead and add host to client list
+
+    - name: Register client list
+      ansible.builtin.set_fact:
+        bareos_dir_clients: "{{ _fd_list }}"  # var is used in bareos_dir role
+      tags:
+        - manage_clients
+        - manage_clients::deployment
+
+  roles:
+    - role: bareos_dir
+      tags:
+        - manage_clients
+        - manage_clients::deployment

playbooks/manage_jobs_playbook.yml

@@ -0,0 +1,49 @@
+---
+
+- name: Gather facts from all hosts
+  hosts: all
+  become: true
+  gather_facts: true
+  tags: always
+
+- name: Create jobs on Director for every client in host_group filedaemons
+  hosts: directors
+  become: true
+  vars:
+    _job_list: []
+  pre_tasks:
+    - name: Create job list for all FDs with defined standard values (group_vars)
+      ansible.builtin.set_fact:
+        _job_list: >-
+          {{ _job_list + [{
+            'name': item+'_'+job_defaults.name,
+            'client': item,
+            'pool': job_defaults.pool,
+            'type': job_defaults.type,
+            'messages': job_defaults.messages,
+            'jobdefs': job_defaults.jobdefs,
+            'storage': job_defaults.storage,
+            'schedule': job_defaults.schedule}]
+          }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags: manage_jobs
+      when:  # if job(s) are defined in host_vars, standards will be skipped
+        - hostvars[item].bareos_fd_jobs is undefined 
+
+    - name: Add dedicated jobs defined in host_vars
+      ansible.builtin.set_fact:
+        _job_list: >-
+          {{ _job_list + hostvars[item].bareos_fd_jobs }}
+      loop: "{{ groups['filedaemons'] }}"
+      tags: manage_jobs
+      when:
+        - hostvars[item].bareos_fd_jobs is defined  # use job(s) from host_vars instead
+
+    - name: Register job list
+      ansible.builtin.set_fact:
+        bareos_dir_jobs: "{{ _job_list }}"
+      tags: manage_jobs
+
+  roles:
+    - role: bareos_dir
+      tags: manage_jobs

requirements.yml

@@ -1,4 +1,5 @@
 ---
+
 collections:
   - name: ansible.posix
   - name: community.crypto