diff --git a/docker-compose/docker-compose-semaphore.yml b/docker-compose/docker-compose-semaphore.yml index 9d2a84b..7efadcd 100644 --- a/docker-compose/docker-compose-semaphore.yml +++ b/docker-compose/docker-compose-semaphore.yml @@ -1,26 +1,22 @@ -version: "3.8" - services: semaphore: - image: semaphoreui/semaphore:latest + image: git.internet-master.cz/jakub/semaphore:latest + container_name: semaphore user: "0:0" ports: - - "3000:3000" - + - "3008:3000" environment: SEMAPHORE_DB_DIALECT: bolt - SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt # full path to file! + SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt SEMAPHORE_TMP_PATH: /var/lib/semaphore/projects SEMAPHORE_ADMIN: admin SEMAPHORE_ADMIN_NAME: admin SEMAPHORE_ADMIN_EMAIL: admin@localhost SEMAPHORE_ADMIN_PASSWORD: changeme SEMAPHORE_ACCESS_KEY_ENCRYPTION: "rZffGjw4BGlwoM+66fStJ4Pg+ivLc5ghtty3yoscltY=" - volumes: - /data/compose/semaphore/db:/etc/semaphore - /data/compose/semaphore/projects:/var/lib/semaphore/projects - /data/compose/semaphore/backups:/opt/mikrotik_backups/ - - /data/compose/semaphore/ansible.cfg:/etc/ansible.cfg:ro # mount as file, ne do /etc/ansible/ansible.cfg - + - /data/compose/semaphore/ansible.cfg:/etc/ansible/ansible.cfg:ro restart: unless-stopped diff --git a/docker-compose/docker-compose-semaphore_backup.yml b/docker-compose/docker-compose-semaphore_backup.yml new file mode 100644 index 0000000..9d2a84b --- /dev/null +++ b/docker-compose/docker-compose-semaphore_backup.yml @@ -0,0 +1,26 @@ +version: "3.8" + +services: + semaphore: + image: semaphoreui/semaphore:latest + user: "0:0" + ports: + - "3000:3000" + + environment: + SEMAPHORE_DB_DIALECT: bolt + SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt # full path to file! + SEMAPHORE_TMP_PATH: /var/lib/semaphore/projects + SEMAPHORE_ADMIN: admin + SEMAPHORE_ADMIN_NAME: admin + SEMAPHORE_ADMIN_EMAIL: admin@localhost + SEMAPHORE_ADMIN_PASSWORD: changeme + SEMAPHORE_ACCESS_KEY_ENCRYPTION: "rZffGjw4BGlwoM+66fStJ4Pg+ivLc5ghtty3yoscltY=" + + volumes: + - /data/compose/semaphore/db:/etc/semaphore + - /data/compose/semaphore/projects:/var/lib/semaphore/projects + - /data/compose/semaphore/backups:/opt/mikrotik_backups/ + - /data/compose/semaphore/ansible.cfg:/etc/ansible.cfg:ro # mount as file, ne do /etc/ansible/ansible.cfg + + restart: unless-stopped diff --git a/old/mikrotikbackup.yml b/old/mikrotikbackup.yml index 4da6275..b558ad7 100644 --- a/old/mikrotikbackup.yml +++ b/old/mikrotikbackup.yml @@ -1,59 +1,62 @@ -- name: Backup MikroTik config (text export only) - hosts: mikrotiks +- hosts: mikrotiks gather_facts: no - - vars: - backup_dir: /opt/mikrotik_backups/ - tasks: + - name: Set SSH port (default to 22) + set_fact: + ansible_port: "{{ ansible_port | default(22) }}" - # ---------------------------- - # Ensure local backup directory - # ---------------------------- - - name: Ensure local backup directory exists + - name: Ensure output directory exists ansible.builtin.file: - path: "{{ backup_dir }}" + path: /opt/mikrotik_backups state: directory - mode: "0755" + mode: '0755' delegate_to: localhost - # ---------------------------- - # Get router identity - # ---------------------------- - name: Get router identity - community.routeros.command: - commands: /system identity print - register: identity_raw + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system identity print" + register: system_identity + delegate_to: localhost + failed_when: system_identity.rc != 0 and system_identity.rc != 124 # 124 = timeout - - name: Parse router name + - name: Set router name set_fact: - router_name: "{{ identity_raw.stdout[0].split(': ')[1] | trim }}" + router_name: "{{ system_identity.stdout.split(': ')[1] | trim }}" + when: system_identity.rc == 0 - # ---------------------------- - # Timestamp - # ---------------------------- - - name: Get timestamp - ansible.builtin.command: date +%Y-%m-%d_%H-%M-%S - register: date_out + - name: Generate current date + ansible.builtin.shell: date +%Y-%m-%d + register: date_output delegate_to: localhost - - name: Set timestamp fact + - name: Set current date set_fact: - ts: "{{ date_out.stdout }}" + current_date: "{{ date_output.stdout }}" - # ---------------------------- - # Export config (stable for diff) - # ---------------------------- - name: Export router config - community.routeros.command: - commands: /export terse show-sensitive - register: export_cfg - - # ---------------------------- - # Save export locally - # ---------------------------- - - name: Save export locally - ansible.builtin.copy: - content: "{{ export_cfg.stdout[0] }}" - dest: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc" + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/export" + register: export_output delegate_to: localhost + when: system_identity.rc == 0 + failed_when: export_output.rc != 0 and export_output.rc != 124 + + - name: Save export to local file + ansible.builtin.copy: + content: "{{ export_output.stdout }}" + dest: "/opt/mikrotik_backups/{{ router_name }}-{{ current_date }}.config" + delegate_to: localhost + when: export_output.rc == 0 + + - name: Create binary backup on router + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system backup save name={{ router_name }}-{{ current_date }}-backup" + delegate_to: localhost + when: system_identity.rc == 0 + + - name: Download binary backup + shell: timeout 15 scp -o StrictHostKeyChecking=no -P {{ ansible_port }} {{ ansible_user }}@{{ ansible_host }}:{{ router_name }}-{{ current_date }}-backup.backup /opt/mikrotik_backups/ + delegate_to: localhost + when: system_identity.rc == 0 + + - name: Remove backup file from router + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/file remove {{ router_name }}-{{ current_date }}-backup.backup" + delegate_to: localhost + when: system_identity.rc == 0