Update to 2020-05-18 19:00

master
Daniel Berteaud 5 years ago
parent 309a686aec
commit 52f0e5b35d
  1. 2
      roles/backup/tasks/main.yml
  2. 21
      roles/timers/README.md
  3. 37
      roles/timers/defaults/main.yml
  4. 4
      roles/timers/meta/main.yml
  5. 12
      roles/timers/tasks/facts.yml
  6. 94
      roles/timers/tasks/install.yml
  7. 4
      roles/timers/tasks/main.yml

@ -47,7 +47,7 @@
copy: copy:
content: "{{ item.content }}" content: "{{ item.content }}"
dest: /etc/backup/{{ item.type }}.d/default dest: /etc/backup/{{ item.type }}.d/default
mode: 755 mode: 0755
loop: loop:
- type: pre - type: pre
content: "{{ backup_pre_script }}" content: "{{ backup_pre_script }}"

@ -0,0 +1,21 @@
# timers
This roles manage systemd timers, to execute commands at regular interval.
Just define the timers you want at the host, or group level, like :
```
system_timers:
- id: db-janitor # Just an identifier for the task
calendar: '*:0/30' # See man systemd.timer for examples
max_duration: 1h # Max duration of the task. Will be terminated if it takes longer
command: |
#!/bin/bash
psql -U postgres -d reports -w << _EOF
delete from audit where time < now()-'7 day'::interval;
_EOF
- id: logrotate
calendar: daily
command: logrotate -f /etc/logrotate.d/myservice.conf
```
Look at the defaults/main.yml file for more info

@ -0,0 +1,37 @@
---
system_timers_base: []
system_timers_extra: []
system_timers: "{{ system_timers_base + system_timers_extra }}"
# Default settings, if not specified for a timer
system_timer_defaults:
description: System timer managed by ansible
calendar: daily
persistent: False
enabled: True
user: root
max_duration: infinity
# Define systemd timers
# system_timers:
# - id: vaccuum-db
# calendar: weekly
# enabled: True
# user: postgres
# command: |
# #!/bin/bash -e
# start=`date +%s`
# echo "Start purging data older than ${RETENTION_TIME_IN_DAYS} days"
# psql -U postgres -d exchangeStatusDB << EOF
#   delete
#   from tracking
#   where timestamp < now()-'${RETENTION_TIME_IN_DAYS} day'::interval;
# EOF
# end=`date +%s`
# echo Purge ended and take `expr $end - $start` seconds.
#
# - id: dump
# calendar: daily
# command: |
# mysqldump --all-databases > /opt/backup/mysql.sql

@ -0,0 +1,4 @@
---
dependencies:
- role: mkdir

@ -0,0 +1,12 @@
---
- name: Merge timer settings with defaults
set_fact: system_timers_conf={{ system_timers_conf | default([]) + [ system_timer_defaults | combine(item, recursive=True) ] }}
loop: "{{ system_timers }}"
tags: system,cron
- set_fact: system_timers={{ system_timers_conf | default([]) }}
tags: system,cron
- name: Build a list of managed timers
set_fact: system_timers_managed={{ system_timers | map(attribute='id') | list }}
tags: system,cron

@ -0,0 +1,94 @@
---
- name: Create script dir
file: path=/opt/ansible/timers state=directory
tags: system,cron
- name: List unmanaged scripts
shell: find /opt/ansible/timers -maxdepth 1 -mindepth 1 -type f -exec basename "{}" \;
changed_when: False
register: system_timers_current_scripts
tags: system,cron
- name: Remove unmanaged timer's scripts
file: path=/opt/ansible/timers/{{ item }} state=absent
when: item not in system_timers_managed
loop: "{{ system_timers_current_scripts.stdout_lines }}"
tags: system,cron
- name: List unmanaged timers service unit
shell: find /etc/systemd/system -maxdepth 1 -mindepth 1 -type f -name timer-ansible-*.service -exec basename "{}" \; | perl -pe 's/timer\-ansible\-([\w\-_]+)\.service/$1/g'
changed_when: False
register: system_timers_current_service
tags: system,cron
- name: Disable unmanaged timers
systemd: name=timer-ansible-{{ item }}.timer state=stopped enabled=False
when: item not in system_timers_managed
loop: "{{ system_timers_current_service.stdout_lines }}"
tags: system,cron
- name: Remove unmanaged timers service unit
file: path=/etc/systemd/system/timer-ansible-{{ item.0 }}.{{ item.1 }} state=absent
when: item.0 not in system_timers_managed
with_nested:
- "{{ system_timers_current_service.stdout_lines }}"
- - service
- timer
tags: system,cron
- name: Deploy scripts
copy:
content: |
{% if not item.command is search('^#!') %}
#!/bin/bash -e
{% endif %}
{{ item.command }}
dest: /opt/ansible/timers/{{ item.id }}
mode: 0700
owner: "{{ item.user }}"
loop: "{{ system_timers }}"
tags: system,cron
- name: Deploy service units
copy:
content: |
[Unit]
Description={{ item.description }}
[Service]
Type=oneshot
PrivateTmp=yes
ExecStart=/opt/ansible/timers/{{ item.id }}
User={{ item.user }}
TimeoutSec={{ item.max_duration }}
StandardOutput=journal
StandardError=journal
dest: /etc/systemd/system/timer-ansible-{{ item.id }}.service
loop: "{{ system_timers }}"
tags: system,cron
- name: Deploy timer units
copy:
content: |
[Unit]
Description={{ item.description }}
[Timer]
OnCalendar={{ item.calendar }}
Persistent={{ item.persistent | ternary('True','False') }}
[Install]
WantedBy=timers.target
dest: /etc/systemd/system/timer-ansible-{{ item.id }}.timer
loop: "{{ system_timers }}"
tags: system,cron
- name: Reload systemd
systemd: daemon_reload=True
tags: system,cron
- name: Enable timers
systemd: name=timer-ansible-{{ item.id }}.timer state={{ item.enabled | ternary('started','stopped') }} enabled={{ item.enabled }}
loop: "{{ system_timers }}"
tags: system,cron

@ -0,0 +1,4 @@
---
- include: facts.yml
- include: install.yml
Loading…
Cancel
Save