From 0bebbc32dff07ffc214cb19b15538c9e8d8ae1be Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Mon, 30 Aug 2021 11:00:06 +0200 Subject: [PATCH] Update to 2021-08-30 11:00 --- roles/akeneo_pim/templates/pre-backup.j2 | 4 +++- roles/ampache/templates/pre-backup.j2 | 2 ++ roles/appsmith/templates/pre-backup.sh.j2 | 4 +++- roles/bitwarden_rs/templates/pre-backup.sh.j2 | 10 ++++++---- roles/bluemind/templates/pre-backup.j2 | 8 ++++---- roles/bookstack/templates/pre-backup.j2 | 3 ++- roles/crowdsec/templates/pre-backup.j2 | 4 +++- roles/documize/tasks/archive_pre.yml | 1 + roles/documize/templates/pre-backup.j2 | 9 ++++++--- roles/dolibarr/templates/pre-backup.j2 | 4 +++- roles/elasticsearch/templates/pre-backup.j2 | 4 +++- roles/etherpad/templates/post_backup.sh.j2 | 2 +- roles/etherpad/templates/pre_backup.sh.j2 | 6 ++++-- roles/freepbx/templates/pre_backup.sh.j2 | 8 +++++--- roles/funkwhale/tasks/archive_pre.yml | 1 + roles/funkwhale/templates/pre-backup.sh.j2 | 7 +++++-- roles/gitea/templates/pre_backup.sh.j2 | 4 +++- roles/glpi/templates/pre_backup.j2 | 4 +++- roles/graylog/templates/pre-backup.j2 | 4 +++- roles/itop/templates/pre-backup.sh.j2 | 4 +++- roles/mailman/tasks/archive_pre.yml | 1 + roles/mailman/templates/pre-backup.sh.j2 | 7 +++++-- roles/matomo/templates/pre-backup.j2 | 2 ++ roles/matrix_synapse/tasks/archive_pre.yml | 1 + roles/matrix_synapse/templates/pre-backup.sh.j2 | 4 +++- roles/mayan_edms/tasks/archive_pre.yml | 1 + roles/mayan_edms/templates/pre_backup.sh.j2 | 7 +++++-- roles/metabase/templates/pre-backup.j2 | 4 +++- roles/miniflux/tasks/archive_pre.yml | 1 + roles/miniflux/templates/pre-backup.j2 | 5 ++++- roles/mongodb_server/templates/pre-backup.j2 | 4 +++- roles/mysql_server/templates/pre-backup.j2 | 2 +- roles/n8n/templates/pre-backup.sh.j2 | 4 +++- roles/navidrome/templates/pre-backup.j2 | 4 +++- roles/odoo/templates/pre-backup.sh.j2 | 4 +++- roles/omv/templates/omv_pre_backup.sh.j2 | 2 ++ roles/openproject/templates/pre-backup.sh.j2 | 4 +++- roles/openxpki/templates/pre-backup.j2 | 4 +++- roles/paperless_ng/defaults/main.yml | 4 ++-- roles/paperless_ng/tasks/archive_pre.yml | 1 + roles/paperless_ng/tasks/facts.yml | 14 ++++++++++++++ roles/paperless_ng/tasks/install.yml | 2 +- roles/paperless_ng/tasks/user.yml | 2 +- roles/paperless_ng/templates/paperless.conf.j2 | 5 +++-- roles/paperless_ng/templates/pre-backup.j2 | 5 ++++- roles/paperless_ng/vars/RedHat-8.yml | 1 + roles/papermerge/tasks/archive_pre.yml | 1 + roles/pmg/templates/pmg_pre_backup.sh.j2 | 4 +++- roles/postgresql_server/templates/pre-backup.sh.j2 | 4 +++- roles/psono/tasks/archive_pre.yml | 1 + roles/psono/templates/pre-backup.sh.j2 | 5 ++++- roles/rabbitmq_server/templates/pre-backup.j2 | 4 +++- roles/redis_server/files/redis_copy_dumps.sh | 2 +- roles/samba/templates/samba_pre_backup.sh.j2 | 14 +++++++++----- roles/seafile/templates/pre-backup.sh.j2 | 8 +++++--- roles/unifi/templates/pre-backup.sh.j2 | 4 +++- roles/vaultwarden/templates/pre-backup.sh.j2 | 12 +++++++----- roles/wapt_server/templates/pre-backup.sh.j2 | 2 ++ roles/wordpress/templates/pre-backup.sh.j2 | 14 ++++++++------ roles/zabbix_server/templates/pre_backup.sh.j2 | 4 +++- roles/zimbra/templates/pre_backup.sh.j2 | 4 +++- 61 files changed, 194 insertions(+), 77 deletions(-) diff --git a/roles/akeneo_pim/templates/pre-backup.j2 b/roles/akeneo_pim/templates/pre-backup.j2 index c5c4195..d2d1c40 100644 --- a/roles/akeneo_pim/templates/pre-backup.j2 +++ b/roles/akeneo_pim/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ {% if pim_db_server not in ['localhost','127.0.0.1'] %} diff --git a/roles/ampache/templates/pre-backup.j2 b/roles/ampache/templates/pre-backup.j2 index 1d0de63..16ef6cd 100644 --- a/roles/ampache/templates/pre-backup.j2 +++ b/roles/ampache/templates/pre-backup.j2 @@ -1,5 +1,7 @@ #!/bin/sh +set -eo pipefail + /usr/bin/mysqldump --user={{ ampache_mysql_user | quote }} \ --password={{ ampache_mysql_pass | quote }} \ --host={{ ampache_mysql_server | quote }} \ diff --git a/roles/appsmith/templates/pre-backup.sh.j2 b/roles/appsmith/templates/pre-backup.sh.j2 index 549411a..ff5e338 100644 --- a/roles/appsmith/templates/pre-backup.sh.j2 +++ b/roles/appsmith/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mongodump \ {% if appsmith_mongo_pass is defined and appsmith_mongo_pass != False %} diff --git a/roles/bitwarden_rs/templates/pre-backup.sh.j2 b/roles/bitwarden_rs/templates/pre-backup.sh.j2 index f145133..6c70c3c 100644 --- a/roles/bitwarden_rs/templates/pre-backup.sh.j2 +++ b/roles/bitwarden_rs/templates/pre-backup.sh.j2 @@ -1,13 +1,15 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/bitwarden_rs/ cp {{ bitwarden_root_dir }}/data/rsa* {{ bitwarden_root_dir }}/backup/ {% if bitwarden_db_engine == 'mysql' %} /usr/bin/mysqldump \ {% if bitwarden_db_server != 'localhost' and bitwarden_db_server != '127.0.0.1' %} - --user='{{ bitwarden_db_user }}' \ - --password='{{ bitwarden_db_pass }}' \ - --host='{{ bitwarden_db_server }}' \ + --user={{ bitwarden_db_user }} \ + --password={{ bitwarden_db_pass | quote }} \ + --host={{ bitwarden_db_server }} \ {% endif %} --quick --single-transaction \ --add-drop-table {{ bitwarden_db_name }} | zstd -T0 -c > {{ bitwarden_root_dir }}/backup/{{ bitwarden_db_name }}.sql.zst diff --git a/roles/bluemind/templates/pre-backup.j2 b/roles/bluemind/templates/pre-backup.j2 index 78007f9..7a29ad8 100644 --- a/roles/bluemind/templates/pre-backup.j2 +++ b/roles/bluemind/templates/pre-backup.j2 @@ -1,6 +1,6 @@ #!/bin/sh -set -e +set -eo pipefail DEST=/home/lbkp/bm/pgsql mkdir -p $DEST @@ -9,9 +9,9 @@ chmod 700 $DEST for DB in $(su - postgres -c "/bin/psql -d postgres -qtc 'SELECT datname from pg_database' | grep -vP '^\s+?template[01]$'") do - su - postgres -c "/bin/pg_dump -Fp -Cc $DB" | /bin/nice -n 10 lz4 -c > $DEST/$DB.sql.lz4 + su - postgres -c "/bin/pg_dump -Fp -Cc $DB" | /bin/nice -n 10 zstd -c > $DEST/$DB.sql.zst done -su - postgres -c "/bin/pg_dumpall --globals-only" | /bin/nice -n 10 lz4 -c > $DEST/pg_globals.sql.lz4 -su - postgres -c "/bin/pg_dumpall --schema-only" | /bin/nice -n 10 lz4 -c > $DEST/pg_schema.sql.lz4 +su - postgres -c "/bin/pg_dumpall --globals-only" | /bin/nice -n 10 zstd -c > $DEST/pg_globals.sql.zst +su - postgres -c "/bin/pg_dumpall --schema-only" | /bin/nice -n 10 zstd -c > $DEST/pg_schema.sql.zst cp -a /etc/bm/local /home/lbkp/bm/conf diff --git a/roles/bookstack/templates/pre-backup.j2 b/roles/bookstack/templates/pre-backup.j2 index 599f019..6611527 100644 --- a/roles/bookstack/templates/pre-backup.j2 +++ b/roles/bookstack/templates/pre-backup.j2 @@ -1,4 +1,5 @@ -#!/bin/bash -e +#!/bin/sh +set -eo pipefail /usr/bin/mysqldump \ {% if bookstack_db_server not in ['localhost','127.0.0.1'] %} diff --git a/roles/crowdsec/templates/pre-backup.j2 b/roles/crowdsec/templates/pre-backup.j2 index 62a389c..ece55ab 100644 --- a/roles/crowdsec/templates/pre-backup.j2 +++ b/roles/crowdsec/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% if cs_lapi_enabled %} {% if cs_db_engine == 'mysql' %} diff --git a/roles/documize/tasks/archive_pre.yml b/roles/documize/tasks/archive_pre.yml index ff6f100..844f16d 100644 --- a/roles/documize/tasks/archive_pre.yml +++ b/roles/documize/tasks/archive_pre.yml @@ -12,6 +12,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ documize_db_server }} --port={{ documize_db_port }} --username={{ documize_db_user }} diff --git a/roles/documize/templates/pre-backup.j2 b/roles/documize/templates/pre-backup.j2 index 279591b..ae47ee0 100644 --- a/roles/documize/templates/pre-backup.j2 +++ b/roles/documize/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% if documize_db_engine == 'mysql' %} /usr/bin/mysqldump \ @@ -11,13 +13,14 @@ --add-drop-table {{ documize_db_name | quote }} | zstd -c > "{{ documize_root_dir }}/backup/{{ documize_db_name }}.sql.zst" {% elif documize_db_engine == 'postgres' %} {% if documize_db_server not in ['127.0.0.1','localhost'] %} -PGPASSWORD='{{ documize_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ documize_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ --clean \ + --create \ --username={{ documize_db_user | quote }} \ --host={{ documize_db_server | quote }} \ {{ documize_db_name | quote }} | \ {% else %} -su - postgres -c "/usr/pgsql-13/bin/pg_dump --clean {{ documize_db_name | quote }}" | \ +su - postgres -c "/usr/pgsql-13/bin/pg_dump --clean --create {{ documize_db_name | quote }}" | \ {% endif %} zstd -c > "{{ documize_root_dir }}/backup/{{ documize_db_name }}.sql.zst" {% endif %} diff --git a/roles/dolibarr/templates/pre-backup.j2 b/roles/dolibarr/templates/pre-backup.j2 index 553395c..4c5a2f9 100644 --- a/roles/dolibarr/templates/pre-backup.j2 +++ b/roles/dolibarr/templates/pre-backup.j2 @@ -1,7 +1,9 @@ #!/bin/sh +set -eo pipefail + /usr/bin/mysqldump --user={{ dolibarr_db_user }} \ --password={{ dolibarr_db_pass | quote }} \ --host={{ dolibarr_db_server }} \ --quick --single-transaction \ - --add-drop-table {{ dolibarr_db_name }} | lz4 -c > {{ dolibarr_root_dir }}/db_dumps/{{ dolibarr_db_name }}.sql.lz4 + --add-drop-table {{ dolibarr_db_name }} | zstd -c > {{ dolibarr_root_dir }}/db_dumps/{{ dolibarr_db_name }}.sql.zst diff --git a/roles/elasticsearch/templates/pre-backup.j2 b/roles/elasticsearch/templates/pre-backup.j2 index b60cc17..3e95f9c 100644 --- a/roles/elasticsearch/templates/pre-backup.j2 +++ b/roles/elasticsearch/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/es mount -o bind,ro {{ es_backup_dir }} /home/lbkp/es diff --git a/roles/etherpad/templates/post_backup.sh.j2 b/roles/etherpad/templates/post_backup.sh.j2 index a71aef4..bcbd271 100644 --- a/roles/etherpad/templates/post_backup.sh.j2 +++ b/roles/etherpad/templates/post_backup.sh.j2 @@ -1,3 +1,3 @@ #!/bin/sh -rm -f {{ etherpad_root_dir }}/db_dump/* +rm -f {{ etherpad_root_dir }}/db_dumps/* diff --git a/roles/etherpad/templates/pre_backup.sh.j2 b/roles/etherpad/templates/pre_backup.sh.j2 index dd73632..0b492a7 100644 --- a/roles/etherpad/templates/pre_backup.sh.j2 +++ b/roles/etherpad/templates/pre_backup.sh.j2 @@ -1,7 +1,9 @@ #!/bin/sh +set -eo pipefail + /usr/bin/mysqldump --user={{ etherpad_db_user }} \ - --password='{{ etherpad_db_pass }}' \ + --password={{ etherpad_db_pass | quote }} \ --host={{ etherpad_db_server }} \ --quick --single-transaction \ - --add-drop-table {{ etherpad_db_name }} | lz4 -c > {{ etherpad_root_dir }}/db_dumps/{{ etherpad_db_name }}.sql.lz4 + --add-drop-table {{ etherpad_db_name }} | zstd -c > {{ etherpad_root_dir }}/db_dumps/{{ etherpad_db_name }}.sql.zst diff --git a/roles/freepbx/templates/pre_backup.sh.j2 b/roles/freepbx/templates/pre_backup.sh.j2 index ec7f850..7d43f24 100644 --- a/roles/freepbx/templates/pre_backup.sh.j2 +++ b/roles/freepbx/templates/pre_backup.sh.j2 @@ -1,10 +1,12 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ --quick --single-transaction \ {% if fpbx_db_server not in ['127.0.0.1', 'localhost'] %} --user={{ fpbx_db_user }} \ - --password='{{ fpbx_db_pass }}' \ + --password={{ fpbx_db_pass | quote }} \ --host={{ fpbx_db_server }} \ {% endif %} --add-drop-table {{ fpbx_db_name }} | zstd -T0 -c > {{ fpbx_root_dir }}/backup/{{ fpbx_db_name }}.sql.zst @@ -12,7 +14,7 @@ --quick --single-transaction \ {% if fpbx_db_server not in ['127.0.0.1', 'localhost'] %} --user={{ fpbx_db_user }} \ - --password='{{ fpbx_db_pass }}' \ + --password={{ fpbx_db_pass | quote }} \ --host={{ fpbx_db_server }} \ {% endif %} --add-drop-table {{ fpbx_cdr_db_name }} | zstd -T0 -c > {{ fpbx_root_dir }}/backup/{{ fpbx_cdr_db_name }}.sql.zst diff --git a/roles/funkwhale/tasks/archive_pre.yml b/roles/funkwhale/tasks/archive_pre.yml index e9cb3fe..654d1a0 100644 --- a/roles/funkwhale/tasks/archive_pre.yml +++ b/roles/funkwhale/tasks/archive_pre.yml @@ -21,6 +21,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ funkwhale_db_server }} --port={{ funkwhale_db_port }} --username=sqladmin {{ funkwhale_db_name }} diff --git a/roles/funkwhale/templates/pre-backup.sh.j2 b/roles/funkwhale/templates/pre-backup.sh.j2 index 01ace7b..b35db67 100644 --- a/roles/funkwhale/templates/pre-backup.sh.j2 +++ b/roles/funkwhale/templates/pre-backup.sh.j2 @@ -1,7 +1,10 @@ -#!/bin/bash -e +#!/bin/sh -PGPASSWORD='{{ funkwhale_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +set -eo pipefail + +PGPASSWORD={{ funkwhale_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ --clean \ + --create \ --username={{ funkwhale_db_user | quote }} \ --host={{ funkwhale_db_server | quote }} \ {{ funkwhale_db_name | quote }} | \ diff --git a/roles/gitea/templates/pre_backup.sh.j2 b/roles/gitea/templates/pre_backup.sh.j2 index c9b3b65..9a5f00f 100644 --- a/roles/gitea/templates/pre_backup.sh.j2 +++ b/roles/gitea/templates/pre_backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump --user={{ gitea_db_user | quote }} \ --password={{ gitea_db_pass | quote }} \ diff --git a/roles/glpi/templates/pre_backup.j2 b/roles/glpi/templates/pre_backup.j2 index 077e861..279141f 100644 --- a/roles/glpi/templates/pre_backup.j2 +++ b/roles/glpi/templates/pre_backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump --user={{ glpi_mysql_user | quote }} \ --password={{ glpi_mysql_pass | quote }} \ diff --git a/roles/graylog/templates/pre-backup.j2 b/roles/graylog/templates/pre-backup.j2 index dbb8c05..2ee9d42 100644 --- a/roles/graylog/templates/pre-backup.j2 +++ b/roles/graylog/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mongodump \ {% if graylog_mongo_url | length == 1 and graylog_mongo_pass is defined and graylog_mongo_pass != False %} diff --git a/roles/itop/templates/pre-backup.sh.j2 b/roles/itop/templates/pre-backup.sh.j2 index 5cb9945..d7e0ed0 100644 --- a/roles/itop/templates/pre-backup.sh.j2 +++ b/roles/itop/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ {% if itop_db_server not in ['127.0.0.1','localhost'] %} diff --git a/roles/mailman/tasks/archive_pre.yml b/roles/mailman/tasks/archive_pre.yml index c1940f9..afef682 100644 --- a/roles/mailman/tasks/archive_pre.yml +++ b/roles/mailman/tasks/archive_pre.yml @@ -22,6 +22,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ mailman_db_server | quote }} --port={{ mailman_db_port | quote }} --username=sqladmin {{ mailman_db_name | quote }} diff --git a/roles/mailman/templates/pre-backup.sh.j2 b/roles/mailman/templates/pre-backup.sh.j2 index d2a97f6..e4e322a 100644 --- a/roles/mailman/templates/pre-backup.sh.j2 +++ b/roles/mailman/templates/pre-backup.sh.j2 @@ -1,11 +1,14 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% for db in mailman_db_name.keys() | list %} {% if mailman_db_engine == 'postgres' %} {% if mailman_db_server not in ['localhost', '127.0.0.1'] %} PGPASSWORD={{ mailman_db_pass | quote }} \ /usr/pgsql-13/bin/pg_dump \ - --clear \ + --clean \ + --create \ --username={{ mailman_db_user | quote }} \ --host={{ mailman_db_server | quote }} \ --port={{ mailman_db_port }} \ diff --git a/roles/matomo/templates/pre-backup.j2 b/roles/matomo/templates/pre-backup.j2 index 44e5822..f69f9b6 100644 --- a/roles/matomo/templates/pre-backup.j2 +++ b/roles/matomo/templates/pre-backup.j2 @@ -1,5 +1,7 @@ #!/bin/sh +set -eo pipefail + /usr/bin/mysqldump --user={{ matomo_db_user | quote }} \ --password={{ matomo_db_pass | quote }} \ --host={{ matomo_db_server | quote }} \ diff --git a/roles/matrix_synapse/tasks/archive_pre.yml b/roles/matrix_synapse/tasks/archive_pre.yml index ad0d49f..f2f2a1b 100644 --- a/roles/matrix_synapse/tasks/archive_pre.yml +++ b/roles/matrix_synapse/tasks/archive_pre.yml @@ -21,6 +21,7 @@ shell: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ synapse_pg_db_server }} --port={{ synapse_pg_db_port }} --username=sqladmin {{ synapse_pg_db_name }} | diff --git a/roles/matrix_synapse/templates/pre-backup.sh.j2 b/roles/matrix_synapse/templates/pre-backup.sh.j2 index f3f0673..6272e29 100644 --- a/roles/matrix_synapse/templates/pre-backup.sh.j2 +++ b/roles/matrix_synapse/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail PGPASSWORD='{{ synapse_pg_db_pass }}' /usr/pgsql-13/bin/pg_dump \ --clean \ diff --git a/roles/mayan_edms/tasks/archive_pre.yml b/roles/mayan_edms/tasks/archive_pre.yml index b211e5c..8580240 100644 --- a/roles/mayan_edms/tasks/archive_pre.yml +++ b/roles/mayan_edms/tasks/archive_pre.yml @@ -43,6 +43,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ mayan_db_server | quote }} --port={{ mayan_db_port | quote }} --username=sqladmin {{ mayan_db_name | quote }} diff --git a/roles/mayan_edms/templates/pre_backup.sh.j2 b/roles/mayan_edms/templates/pre_backup.sh.j2 index c6f0cf8..9b414b7 100644 --- a/roles/mayan_edms/templates/pre_backup.sh.j2 +++ b/roles/mayan_edms/templates/pre_backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% if mayan_db_engine == 'mysql' %} /usr/bin/mysqldump --user={{ mayan_db_user | quote }} \ @@ -7,8 +9,9 @@ --quick --single-transaction \ --add-drop-table {{ mayan_db_name | quote }} | zstd -c > {{ mayan_root_dir }}/backup/{{ mayan_db_name }}.sql.zst {% else %} -PGPASSWORD='{{ mayan_db_pass }}' /usr/pgsql-13/bin/pg_dump \ +PGPASSWORD={{ mayan_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ --clean \ + --create \ --username={{ mayan_db_user | quote }} \ --host={{ mayan_db_server | quote }} \ {{ mayan_db_name | quote }} | \ diff --git a/roles/metabase/templates/pre-backup.j2 b/roles/metabase/templates/pre-backup.j2 index f29d770..e68d2da 100644 --- a/roles/metabase/templates/pre-backup.j2 +++ b/roles/metabase/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ {% if metabase_db_server not in ['localhost','127.0.0.1'] %} diff --git a/roles/miniflux/tasks/archive_pre.yml b/roles/miniflux/tasks/archive_pre.yml index eef7234..3ef2dce 100644 --- a/roles/miniflux/tasks/archive_pre.yml +++ b/roles/miniflux/tasks/archive_pre.yml @@ -12,6 +12,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ miniflux_db_server }} --port={{ miniflux_db_port }} --username={{ miniflux_db_user }} diff --git a/roles/miniflux/templates/pre-backup.j2 b/roles/miniflux/templates/pre-backup.j2 index 71ca1cc..b0c2ea9 100644 --- a/roles/miniflux/templates/pre-backup.j2 +++ b/roles/miniflux/templates/pre-backup.j2 @@ -1,7 +1,10 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail PGPASSWORD='{{ miniflux_db_pass }}' /usr/pgsql-13/bin/pg_dump \ --clean \ + --create \ --username={{ miniflux_db_user | quote }} \ --host={{ miniflux_db_server | quote }} \ {{ miniflux_db_name | quote }} | \ diff --git a/roles/mongodb_server/templates/pre-backup.j2 b/roles/mongodb_server/templates/pre-backup.j2 index f01e977..75c0d37 100644 --- a/roles/mongodb_server/templates/pre-backup.j2 +++ b/roles/mongodb_server/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/mongo mongodump --username {{ mongo_admin_user }} --password {{ mongo_admin_pass | quote }} --quiet --port {{ mongo_port }} --out /home/lbkp/mongo diff --git a/roles/mysql_server/templates/pre-backup.j2 b/roles/mysql_server/templates/pre-backup.j2 index 4368235..1444879 100644 --- a/roles/mysql_server/templates/pre-backup.j2 +++ b/roles/mysql_server/templates/pre-backup.j2 @@ -1,6 +1,6 @@ #!/bin/sh -set -e +set -eo pipefail # Get the .my.cnf from root HOME=/root diff --git a/roles/n8n/templates/pre-backup.sh.j2 b/roles/n8n/templates/pre-backup.sh.j2 index 597cdc6..a25cf0a 100644 --- a/roles/n8n/templates/pre-backup.sh.j2 +++ b/roles/n8n/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ {% if n8n_db_server not in ['localhost','127.0.0.1'] %} diff --git a/roles/navidrome/templates/pre-backup.j2 b/roles/navidrome/templates/pre-backup.j2 index 3a2d782..fe72afd 100644 --- a/roles/navidrome/templates/pre-backup.j2 +++ b/roles/navidrome/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail sqlite3 {{ nd_root_dir }}/data/navidrome.db .dump | zstd -c > {{ nd_root_dir }}/backup/navidrome.sql.zst cp {{ nd_root_dir }}/etc/navidrome.toml {{ nd_root_dir }}/backup/ diff --git a/roles/odoo/templates/pre-backup.sh.j2 b/roles/odoo/templates/pre-backup.sh.j2 index 1c624b3..cea5ee2 100644 --- a/roles/odoo/templates/pre-backup.sh.j2 +++ b/roles/odoo/templates/pre-backup.sh.j2 @@ -1,6 +1,8 @@ #!/bin/sh -PGPASSWORD={{ odoo_db_pass }} /usr/bin/pg_dump \ +set -eo pipefail + +PGPASSWORD={{ odoo_db_pass | quote }} /usr/bin/pg_dump \ --format=custom \ --clean \ --username={{ odoo_db_user }} \ diff --git a/roles/omv/templates/omv_pre_backup.sh.j2 b/roles/omv/templates/omv_pre_backup.sh.j2 index b75bb9b..351ffc7 100644 --- a/roles/omv/templates/omv_pre_backup.sh.j2 +++ b/roles/omv/templates/omv_pre_backup.sh.j2 @@ -1,4 +1,6 @@ #!/bin/sh +set -eo pipefail + mkdir -p /home/lbkp/omv cp /etc/openmediavault/* /home/lbkp/omv/ diff --git a/roles/openproject/templates/pre-backup.sh.j2 b/roles/openproject/templates/pre-backup.sh.j2 index 3d1ca6e..2cdc9bc 100644 --- a/roles/openproject/templates/pre-backup.sh.j2 +++ b/roles/openproject/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/openproject mount -o bind,ro {{ openproject_data_dir }}/backup /home/lbkp/openproject diff --git a/roles/openxpki/templates/pre-backup.j2 b/roles/openxpki/templates/pre-backup.j2 index 64db633..8841dbb 100644 --- a/roles/openxpki/templates/pre-backup.j2 +++ b/roles/openxpki/templates/pre-backup.j2 @@ -1,9 +1,11 @@ #!/bin/sh +set -eo pipefail + /usr/bin/mysqldump \ {% if pki_db_server not in [ '127.0.0.1', 'localhost' ] %} --user={{ pki_db_user }} \ - --password={{ pki_db_pass }} \ + --password={{ pki_db_pass | quote }} \ --host={{ pki_db_server }} \ {% endif %} --quick --single-transaction \ diff --git a/roles/paperless_ng/defaults/main.yml b/roles/paperless_ng/defaults/main.yml index 260a897..9b3e274 100644 --- a/roles/paperless_ng/defaults/main.yml +++ b/roles/paperless_ng/defaults/main.yml @@ -1,11 +1,11 @@ --- # The version to deploy -paperless_version: 1.4.5 +paperless_version: 1.5.0 # URL of the paperless archive paperless_archive_url: https://github.com/jonaswinkler/paperless-ng/releases/download/ng-{{ paperless_version }}/paperless-ng-{{ paperless_version }}.tar.xz # Expected checksum -paperless_archive_sha1: 4c989458c59890b9bd1dcd97a18e8bcb68280250 +paperless_archive_sha1: edbbbfde6718ee7586acf1212d32ca379058cb15 # Should ansible handle install and upgrades, or only initial install paperless_manage_upgrade: True # Root directory where paperless will be installed diff --git a/roles/paperless_ng/tasks/archive_pre.yml b/roles/paperless_ng/tasks/archive_pre.yml index a1ff70c..eb7ff19 100644 --- a/roles/paperless_ng/tasks/archive_pre.yml +++ b/roles/paperless_ng/tasks/archive_pre.yml @@ -27,6 +27,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ paperless_db_server | quote }} --port={{ paperless_db_port | quote }} --username=sqladmin {{ paperless_db_name | quote }} diff --git a/roles/paperless_ng/tasks/facts.yml b/roles/paperless_ng/tasks/facts.yml index 7ed4e14..2ba4379 100644 --- a/roles/paperless_ng/tasks/facts.yml +++ b/roles/paperless_ng/tasks/facts.yml @@ -47,3 +47,17 @@ - pass_file: "{{ paperless_root_dir }}/meta/ansible_admin_pass" - set_fact: paperless_admin_pass={{ rand_pass }} tags: ged + +# Reset consumption dir to default if it doesn't exist +# This is useful when the consumption dir is from a network mount point but the mount +# isn't available yet when initializing paperless +- name: Check if consumption dir exists + stat: path={{ paperless_consume_dir }} + register: paperless_consume_dir_stat + become_user: "{{ paperless_user }}" # we check if paperless has access, root could be denied when using a FUSE FS for example + tags: ged + +- name: Reset consumption dir to the default value + set_fact: paperless_consume_dir={{ paperless_root_dir }}/consume + when: not paperless_consume_dir_stat.stat.exists + tags: ged diff --git a/roles/paperless_ng/tasks/install.yml b/roles/paperless_ng/tasks/install.yml index 5f97ad7..fbc95ef 100644 --- a/roles/paperless_ng/tasks/install.yml +++ b/roles/paperless_ng/tasks/install.yml @@ -70,7 +70,7 @@ cd {{ paperless_root_dir }}/app/src {{ paperless_root_dir }}/venv/bin/python ./manage.py $@ dest: /usr/local/bin/paperless - mode: 755 + mode: 0755 tags: ged - name: Install systemd units diff --git a/roles/paperless_ng/tasks/user.yml b/roles/paperless_ng/tasks/user.yml index 2b62df4..818f3a9 100644 --- a/roles/paperless_ng/tasks/user.yml +++ b/roles/paperless_ng/tasks/user.yml @@ -3,7 +3,7 @@ - name: Create system user user: name: "{{ paperless_user }}" - shell: /sbin/nologin + shell: /bin/false home: "{{ paperless_root_dir }}" system: True tags: ged diff --git a/roles/paperless_ng/templates/paperless.conf.j2 b/roles/paperless_ng/templates/paperless.conf.j2 index 90ba912..e9d6f82 100644 --- a/roles/paperless_ng/templates/paperless.conf.j2 +++ b/roles/paperless_ng/templates/paperless.conf.j2 @@ -5,9 +5,12 @@ PAPERLESS_DBNAME={{ paperless_db_name }} PAPERLESS_DBUSER={{ paperless_db_user }} PAPERLESS_DBPASS={{ paperless_db_pass }} PAPERLESS_CONSUMPTION_DIR={{ paperless_consume_dir }} +PAPERLESS_CONSUMER_POLLING=60 PAPERLESS_DATA_DIR={{ paperless_root_dir }}/data PAPERLESS_MEDIA_ROOT={{ paperless_root_dir }}/media PAPERLESS_STATICDIR={{ paperless_root_dir }}/static +PAPERLESS_CONVERT_TMPDIR={{ paperless_root_dir }}/tmp +PAPERLESS_SCRATCH_DIR={{ paperless_root_dir }}/tmp PAPERLESS_FILENAME_FORMAT={created_year}/{created_month}/{title} PAPERLESS_LOGGING_DIR={{ paperless_root_dir }}/log PAPERLESS_SECRET_KEY={{ paperless_secret_key }} @@ -23,8 +26,6 @@ PAPERLESS_TIME_ZONE={{ system_tz }} PAPERLESS_CONSUMER_DELETE_DUPLICATES=True PAPERLESS_CONSUMER_RECURSIVE=True PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS=True -PAPERLESS_CONVERT_TMPDIR={{ paperless_root_dir }}/tmp -PAPERLESS_SCRATCH_DIR={{ paperless_root_dir }}/tmp {% if paperless_auth_header is defined %} PAPERLESS_ENABLE_HTTP_REMOTE_USER=True PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME={{ paperless_auth_header }} diff --git a/roles/paperless_ng/templates/pre-backup.j2 b/roles/paperless_ng/templates/pre-backup.j2 index 0bbc0cf..90f036f 100644 --- a/roles/paperless_ng/templates/pre-backup.j2 +++ b/roles/paperless_ng/templates/pre-backup.j2 @@ -1,7 +1,10 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail PGPASSWORD='{{ paperless_db_pass }}' /usr/pgsql-13/bin/pg_dump \ --clean \ + --create \ --username={{ paperless_db_user | quote }} \ --host={{ paperless_db_server | quote }} \ --port={{ paperless_db_port }} \ diff --git a/roles/paperless_ng/vars/RedHat-8.yml b/roles/paperless_ng/vars/RedHat-8.yml index 6da96c4..ae7490c 100644 --- a/roles/paperless_ng/vars/RedHat-8.yml +++ b/roles/paperless_ng/vars/RedHat-8.yml @@ -21,3 +21,4 @@ paperless_packages: - policycoreutils - unpaper - ghostscript + - postgresql13 diff --git a/roles/papermerge/tasks/archive_pre.yml b/roles/papermerge/tasks/archive_pre.yml index eec8fb2..7e84f38 100644 --- a/roles/papermerge/tasks/archive_pre.yml +++ b/roles/papermerge/tasks/archive_pre.yml @@ -33,6 +33,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ papermerge_db_server | quote }} --port={{ papermerge_db_port | quote }} --username=sqladmin {{ papermerge_db_name | quote }} diff --git a/roles/pmg/templates/pmg_pre_backup.sh.j2 b/roles/pmg/templates/pmg_pre_backup.sh.j2 index 79d48d5..0e33830 100644 --- a/roles/pmg/templates/pmg_pre_backup.sh.j2 +++ b/roles/pmg/templates/pmg_pre_backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/systemd-cat /usr/bin/pmgbackup backup cp -a /etc/opendkim/keys /home/lbkp/pmg/ diff --git a/roles/postgresql_server/templates/pre-backup.sh.j2 b/roles/postgresql_server/templates/pre-backup.sh.j2 index b56b3e8..c74af78 100644 --- a/roles/postgresql_server/templates/pre-backup.sh.j2 +++ b/roles/postgresql_server/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail DEST=/home/lbkp/pgsql diff --git a/roles/psono/tasks/archive_pre.yml b/roles/psono/tasks/archive_pre.yml index 709344c..8b6e9fa 100644 --- a/roles/psono/tasks/archive_pre.yml +++ b/roles/psono/tasks/archive_pre.yml @@ -28,6 +28,7 @@ command: > /usr/pgsql-13/bin/pg_dump --clean + --create --host={{ psono_db_server }} --port={{ psono_db_port }} --username=sqladmin {{ psono_db_name }} diff --git a/roles/psono/templates/pre-backup.sh.j2 b/roles/psono/templates/pre-backup.sh.j2 index 7dd0291..4a22ba3 100644 --- a/roles/psono/templates/pre-backup.sh.j2 +++ b/roles/psono/templates/pre-backup.sh.j2 @@ -1,7 +1,10 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail PGPASSWORD='{{ psono_db_pass }}' /usr/pgsql-11/bin/pg_dump \ --clean \ + --create \ --username={{ psono_db_user }} \ --host={{ psono_db_server }} \ {{ psono_db_name }} | \ diff --git a/roles/rabbitmq_server/templates/pre-backup.j2 b/roles/rabbitmq_server/templates/pre-backup.j2 index b1d722f..e132d13 100644 --- a/roles/rabbitmq_server/templates/pre-backup.j2 +++ b/roles/rabbitmq_server/templates/pre-backup.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% if rabbitmq_conf == 'rabbitmq.conf' %} mkdir -p /home/lbkp/rabbitmq/ diff --git a/roles/redis_server/files/redis_copy_dumps.sh b/roles/redis_server/files/redis_copy_dumps.sh index 8555212..438fb2f 100644 --- a/roles/redis_server/files/redis_copy_dumps.sh +++ b/roles/redis_server/files/redis_copy_dumps.sh @@ -1,6 +1,6 @@ #!/bin/sh -set -e +set -eo pipefail DEST=/home/lbkp/redis diff --git a/roles/samba/templates/samba_pre_backup.sh.j2 b/roles/samba/templates/samba_pre_backup.sh.j2 index c280cbb..bba9986 100644 --- a/roles/samba/templates/samba_pre_backup.sh.j2 +++ b/roles/samba/templates/samba_pre_backup.sh.j2 @@ -1,18 +1,22 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail LDB_MODULES_PATH=/usr/lib64/samba/ldb export LDB_MODULES_PATH -mkdir -p /home/lbkp/samba/{private,ldif/sam.ldb.d,gpo} -tar cf /home/lbkp/samba/sysvol.tar.lz4 --use-compress-program=lz4 -C /var/lib/samba/sysvol . +mkdir -p /home/lbkp/samba/{private,ldif/sam.ldb.d,offline} +tar cf /home/lbkp/samba/sysvol.tar.zst --use-compress-program=zstd -C /var/lib/samba/sysvol . find /var/lib/samba/private/ -type f -name \*.ldb | xargs tdbbackup pushd /var/lib/samba/private/ > /dev/null find . -type f -name \*.bak | xargs cp --parents -t /home/lbkp/samba/private/ popd > /dev/null find /var/lib/samba/private -type f -name \*.bak | xargs rm -f find /home/lbkp/samba/private/ -type f -name \*.bak | while read F; do mv "$F" "${F%.bak}"; done -tar cf /home/lbkp/samba/private.tar.lz4 --use-compress-program=lz4 -C /home/lbkp/samba/private . +tar cf /home/lbkp/samba/private.tar.zst --use-compress-program=zstd -C /home/lbkp/samba/private . rm -rf /home/lbkp/samba/private/ for LDIF in $(find /var/lib/samba/private/ -type f -name \*.ldb); do - ldbsearch --url=$LDIF | lz4 -c > /home/lbkp/samba/ldif/$(echo $LDIF | sed -e 's/\/var\/lib\/samba\/private//').ldif.lz4 + ldbsearch --url=$LDIF | zstd -c > /home/lbkp/samba/ldif/$(echo $LDIF | sed -e 's/\/var\/lib\/samba\/private//').ldif.zst done +# Also take a more standard offline backup +samba-tool domain backup offline --targetdir=/home/lbkp/samba/offline/ diff --git a/roles/seafile/templates/pre-backup.sh.j2 b/roles/seafile/templates/pre-backup.sh.j2 index b9bf809..46cb5df 100644 --- a/roles/seafile/templates/pre-backup.sh.j2 +++ b/roles/seafile/templates/pre-backup.sh.j2 @@ -1,12 +1,14 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail # Dump Databases for DB in {{ seafile_db_ccnet }} {{ seafile_db_seafile }} {{ seafile_db_seahub }}; do /usr/bin/mysqldump \ --quick --single-transaction \ {% if seafile_db_server not in ['127.0.0.1', 'localhost'] %} - --user='{{ seafile_db_user }}' \ - --password='{{ seafile_db_pass }}' \ + --user={{ seafile_db_user }} \ + --password={{ seafile_db_pass | quote }} \ --host={{ seafile_db_server }} \ {% endif %} --add-drop-table $DB | zstd -T0 -c > {{ seafile_root_dir }}/backup/$DB.sql.zst diff --git a/roles/unifi/templates/pre-backup.sh.j2 b/roles/unifi/templates/pre-backup.sh.j2 index a46bda5..6d706d8 100644 --- a/roles/unifi/templates/pre-backup.sh.j2 +++ b/roles/unifi/templates/pre-backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p {{ unifi_root_dir }}/backup/mongo mongodump --quiet --port 27117 --out {{ unifi_root_dir }}/backup/mongo diff --git a/roles/vaultwarden/templates/pre-backup.sh.j2 b/roles/vaultwarden/templates/pre-backup.sh.j2 index 3dddb2d..05b0e1c 100644 --- a/roles/vaultwarden/templates/pre-backup.sh.j2 +++ b/roles/vaultwarden/templates/pre-backup.sh.j2 @@ -1,13 +1,15 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/vaultwarden/ cp {{ vaultwarden_root_dir }}/data/rsa* {{ vaultwarden_root_dir }}/backup/ {% if vaultwarden_db_engine == 'mysql' %} /usr/bin/mysqldump \ -{% if vaultwarden_db_server != 'localhost' and vaultwarden_db_server != '127.0.0.1' %} - --user='{{ vaultwarden_db_user }}' \ - --password='{{ vaultwarden_db_pass }}' \ - --host='{{ vaultwarden_db_server }}' \ +{% if vaultwarden_db_server not in ['localhost', '127.0.0.1'] %} + --user={{ vaultwarden_db_user }} \ + --password={{ vaultwarden_db_pass | quote }} \ + --host={{ vaultwarden_db_server }} \ {% endif %} --quick --single-transaction \ --add-drop-table {{ vaultwarden_db_name }} | zstd -c > {{ vaultwarden_root_dir }}/backup/{{ vaultwarden_db_name }}.sql.zst diff --git a/roles/wapt_server/templates/pre-backup.sh.j2 b/roles/wapt_server/templates/pre-backup.sh.j2 index 1675468..8024db7 100644 --- a/roles/wapt_server/templates/pre-backup.sh.j2 +++ b/roles/wapt_server/templates/pre-backup.sh.j2 @@ -1,5 +1,7 @@ #!/bin/sh +set -eo pipefail + PGPASSWORD={{ wapt_db_pass | quote }} /usr/pgsql-13/bin/pg_dump \ --clean \ --create \ diff --git a/roles/wordpress/templates/pre-backup.sh.j2 b/roles/wordpress/templates/pre-backup.sh.j2 index 3341f85..09587a7 100644 --- a/roles/wordpress/templates/pre-backup.sh.j2 +++ b/roles/wordpress/templates/pre-backup.sh.j2 @@ -1,12 +1,14 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail /usr/bin/mysqldump \ {% if not wp_db_server in ['localhost', '127.0.0.1'] %} - --user='{{ wp_db_user }}' \ - --password='{{ wp_db_pass }}' \ - --host='{{ wp_db_server }}' \ - --port='{{ wp_db_port }}' \ + --user={{ wp_db_user }} \ + --password={{ wp_db_pass | quote }} \ + --host={{ wp_db_server }} \ + --port={{ wp_db_port }} \ {% endif %} --quick --single-transaction \ - --add-drop-table '{{ wp_db_name }}' | zstd -c > {{ wp_root_dir }}/backup/{{ wp_db_name }}.sql.zst + --add-drop-table {{ wp_db_name }} | zstd -c > {{ wp_root_dir }}/backup/{{ wp_db_name }}.sql.zst diff --git a/roles/zabbix_server/templates/pre_backup.sh.j2 b/roles/zabbix_server/templates/pre_backup.sh.j2 index 98027de..00d317b 100644 --- a/roles/zabbix_server/templates/pre_backup.sh.j2 +++ b/roles/zabbix_server/templates/pre_backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail {% if zabbix_server_backup_hooks %} mkdir -p /home/lbkp/zabbix diff --git a/roles/zimbra/templates/pre_backup.sh.j2 b/roles/zimbra/templates/pre_backup.sh.j2 index 205e47c..047a9a8 100644 --- a/roles/zimbra/templates/pre_backup.sh.j2 +++ b/roles/zimbra/templates/pre_backup.sh.j2 @@ -1,4 +1,6 @@ -#!/bin/bash -e +#!/bin/sh + +set -eo pipefail mkdir -p /home/lbkp/zimbra/mount