From 9b11dd1d4ad215118caa17ef37b3168644795281 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Fri, 1 Jan 2021 11:10:42 +0200 Subject: feat: add Ansible playbook to provision an Obnam server --- ansible/files/obnam.service | 10 ++++++++++ ansible/files/server.key | 27 +++++++++++++++++++++++++++ ansible/files/server.pem | 17 +++++++++++++++++ ansible/files/server.yaml | 4 ++++ ansible/hosts | 2 ++ ansible/obnam-server.retry | 1 + ansible/obnam-server.yml | 39 +++++++++++++++++++++++++++++++++++++++ client.yaml | 4 ++-- 8 files changed, 102 insertions(+), 2 deletions(-) create mode 100644 ansible/files/obnam.service create mode 100644 ansible/files/server.key create mode 100644 ansible/files/server.pem create mode 100644 ansible/files/server.yaml create mode 100644 ansible/hosts create mode 100644 ansible/obnam-server.retry create mode 100644 ansible/obnam-server.yml diff --git a/ansible/files/obnam.service b/ansible/files/obnam.service new file mode 100644 index 0000000..9d933aa --- /dev/null +++ b/ansible/files/obnam.service @@ -0,0 +1,10 @@ +[Unit] +Description=Obnam server + +[Service] +Type=simple +ConditionPathExists=/etc/obnam/server.yaml +ExecStart=/usr/bin/obnam-server /etc/obnam/server.yaml + +[Install] +WantedBy=multi-user.target diff --git a/ansible/files/server.key b/ansible/files/server.key new file mode 100644 index 0000000..badc955 --- /dev/null +++ b/ansible/files/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA/UAeDo1v4vzLY3cBS2k7ueK4ViKSTrNOo0eXj8L3XVNQgf/t +a4bmxxJrp5du+QK9jCTQzQpJaOgWxY8pOGDCzpjANATjLvAb77vYwIE/m+y98bAv +SagIRLqUKaikPUk2ERT8xk8K/cbeJL1BgjOv2L/v3XRCquX/UavWn721PjH88CDU +Fo2/SLtBHhGL1IBDXNPWzMxcr+qIDDefLGNROf7kCAB8kv/Lf+CkyghqMTRhtzRm +Ny2+MOoVK0v5E5qsXa/2uaKz8f5SArnwLPLwPkSjm2GgAFhulZtQhbwVB6+xK7OH +fuq5mNEehpDGK4TZf6iGbfu1ze8lQpmy5pW/UwIDAQABAoIBAGuEvT4QbmBAU1l3 +POV3WBQjXX+0Tcl79vb7fi1a6QqGRLfsoC/2piP+fhY5BLRTpYXKW5uxslkHsCNQ +FIALFKoB0BhFuu5Copm1duDD/u2EJWBnHKx42onTbPQC1TfvzTSTZH4NMO1tcQLI +FvfgWdf8JSowId3MqAlUm1pWgIxWdIe5p0jqbaXChs/yOXByKV/Pe0vVHjBq4foG +TdiojDZapn3DxkjH5mJ4exZ7xvKs0hwN4DmgJ2kv8DL2BctupFpv+3Xt/Krhuakj +gpcG43VPNJCnilb0Zse5pMtNZRbDMbvsvcTXY+CsLy7QefTwiewCAz5GwBA6YYwG +5DftwwECgYEA/9+vzD8ApehJs1WahepG3Yw0iWKOzrdb83i4r/9Du3PTR5MtgK1m +GSzCInWQf2OL+VdoShhssIxjPGGicj3Ir0GugRL5oMLu9/pxD0aHtqEcroP1okAN +6731UblMA7BbNMpz6T79Cz9RebWPgDnuFMzD5DuiXccqTJvbwlPjnWkCgYEA/WAZ +cvztUJRCoAO1NP92jBJYGOdds5skRaA6HUNLHV2WXkGAESCAYksuIsytOzHftwzq +6UNn+yfFeO065AGl+X4n08/K6NpH/HQRtrNliNkxlRx2fT/vQtdZn/L8ppMrMEel +1zSxZDpvvxDlz67z9qKXD2yzKGm+8QeHeCpOE1sCgYAZyaSBFDRvhBqxbUY2iub7 +ex7sXbeA0+/7eMY8TqC36rN3ejjSyCcLEHy8Vlbqz9CSn6GOHioOHQf/VOO3Wcy5 +BQieT5hDAIJvEZmFbZlN6aznVbtSz9vXT3zC8MbddE+s4V6POl7sXERM3OSKiswY +4o43mV8CzojP0cFzM1s0SQKBgQDilUDM6tCSgbM/A3HV7iomQvVTd/v8dN2wAgRW +TOpsXVft/Gc5abZFsHOWnTDBQe2M9dlRNn1TRZK7fHJwmeTCQ4X8TdNn/mPnqCh7 +GNzQz2IetXBku3sMbCZy+knj8LHrn/b3h+Cm//cUh1jsK8lxop6yJYPlvQMK6q/D +zxk5BwKBgQCLUcgboMNevbWvjciWiRgl3G3Sp2FMnHBvGmKKzLO3hgAp93xD9Npu +cAtwXDevGsg+UF3S3Ydfm0BQxaVCfJOxFa61iIr3iAvAqXFrmhnrv5iMIhTFoUkF +PPf/sksgRTe/FuEL9deYsd9zrDgETn8xM/3WaJoqmSY8kMUGDvhuKA== +-----END RSA PRIVATE KEY----- diff --git a/ansible/files/server.pem b/ansible/files/server.pem new file mode 100644 index 0000000..f6a9ab3 --- /dev/null +++ b/ansible/files/server.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICrzCCAZcCFEVeEq1IBaVKfTcSfyZiVu/2YKfoMA0GCSqGSIb3DQEBCwUAMBQx +EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMDA4MTEwODQ5NTdaFw0yMTA4MTEwODQ5 +NTdaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAP1AHg6Nb+L8y2N3AUtpO7niuFYikk6zTqNHl4/C911TUIH/7WuG +5scSa6eXbvkCvYwk0M0KSWjoFsWPKThgws6YwDQE4y7wG++72MCBP5vsvfGwL0mo +CES6lCmopD1JNhEU/MZPCv3G3iS9QYIzr9i/7910Qqrl/1Gr1p+9tT4x/PAg1BaN +v0i7QR4Ri9SAQ1zT1szMXK/qiAw3nyxjUTn+5AgAfJL/y3/gpMoIajE0Ybc0Zjct +vjDqFStL+ROarF2v9rmis/H+UgK58Czy8D5Eo5thoABYbpWbUIW8FQevsSuzh37q +uZjRHoaQxiuE2X+ohm37tc3vJUKZsuaVv1MCAwEAATANBgkqhkiG9w0BAQsFAAOC +AQEAgR/mSq1dQmVZxi8jnZQDmaNit819MNgYVOozb2h+/s3ft1YbbkMZHActphcr +DpR1INrMT6oY5rfW91Azy+czjcIxc9RRZyvXV2z+w48wxloV2XSm/4BwPa2RCKt7 +UVyrggiKBCSGbZAv2HXZDpAHFMqIFR2TMiMbH+ODRdJ7sUx0aN2lgKtooLwG93yz +/BchITIeXLUfwo/gdpFqFBRLD9DfdYA1F3IuckOMrEjriH8N1s2K/Fjfn+rla3jG +oEaUCzkv+UkvLdQ1Rm8m9jTJsfA1cTyQcGlMN06IUwekbMJJnDn5jsOO2OV2rjyn +0X14t9KBImVYqhE2df6CkZqOrA== +-----END CERTIFICATE----- diff --git a/ansible/files/server.yaml b/ansible/files/server.yaml new file mode 100644 index 0000000..0277b52 --- /dev/null +++ b/ansible/files/server.yaml @@ -0,0 +1,4 @@ +address: 0.0.0.0:8888 +chunks: /srv/obnam/chunks +tls_key: /etc/obnam/server.key +tls_cert: /etc/obnam/server.pem diff --git a/ansible/hosts b/ansible/hosts new file mode 100644 index 0000000..253d739 --- /dev/null +++ b/ansible/hosts @@ -0,0 +1,2 @@ +[obnam-server] +obnam-server diff --git a/ansible/obnam-server.retry b/ansible/obnam-server.retry new file mode 100644 index 0000000..ef785e6 --- /dev/null +++ b/ansible/obnam-server.retry @@ -0,0 +1 @@ +obnam0 diff --git a/ansible/obnam-server.yml b/ansible/obnam-server.yml new file mode 100644 index 0000000..110dcce --- /dev/null +++ b/ansible/obnam-server.yml @@ -0,0 +1,39 @@ +- hosts: obnam-server + remote_user: root + tasks: + - file: + path: /etc/obnam + state: directory + - file: + path: /srv/obnam/chunks + state: directory + - filesystem: + dev: "{{ chunkdev }}" + fstype: ext4 + opts: -Lchunks + - mount: + src: LABEL=chunks + path: /srv/obnam/chunks + fstype: auto + state: mounted + - apt_repository: + repo: "deb [trusted=yes] http://ci-prod-controller.vm.liw.fi/debian unstable-ci main" + - apt: + name: obnam + - copy: + src: obnam.service + dest: /etc/systemd/system/obnam.service + - copy: + src: "{{ item }}" + dest: "/etc/obnam/{{ item }}" + with_items: + - server.yaml + - server.key + - server.pem + - systemd: + name: obnam + enabled: true + state: restarted + daemon_reload: true + vars: + chunkdev: /dev/vdb diff --git a/client.yaml b/client.yaml index dd60c9c..1b7d6c9 100644 --- a/client.yaml +++ b/client.yaml @@ -1,3 +1,3 @@ -server_url: https://localhost:8888 -root: /home/liw/tmp/Foton +server_url: https://obnam0:8888 +root: /home/liw/pers/Foton log: obnam.log -- cgit v1.2.1