edit semaphore .yml
This commit is contained in:
martin.fencl
@@ -1,26 +1,22 @@
|
|||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
semaphore:
|
semaphore:
|
||||||
image: semaphoreui/semaphore:latest
|
image: git.internet-master.cz/jakub/semaphore:latest
|
||||||
|
container_name: semaphore
|
||||||
user: "0:0"
|
user: "0:0"
|
||||||
ports:
|
ports:
|
||||||
- "3000:3000"
|
- "3008:3000"
|
||||||
|
|
||||||
environment:
|
environment:
|
||||||
SEMAPHORE_DB_DIALECT: bolt
|
SEMAPHORE_DB_DIALECT: bolt
|
||||||
SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt # full path to file!
|
SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt
|
||||||
SEMAPHORE_TMP_PATH: /var/lib/semaphore/projects
|
SEMAPHORE_TMP_PATH: /var/lib/semaphore/projects
|
||||||
SEMAPHORE_ADMIN: admin
|
SEMAPHORE_ADMIN: admin
|
||||||
SEMAPHORE_ADMIN_NAME: admin
|
SEMAPHORE_ADMIN_NAME: admin
|
||||||
SEMAPHORE_ADMIN_EMAIL: admin@localhost
|
SEMAPHORE_ADMIN_EMAIL: admin@localhost
|
||||||
SEMAPHORE_ADMIN_PASSWORD: changeme
|
SEMAPHORE_ADMIN_PASSWORD: changeme
|
||||||
SEMAPHORE_ACCESS_KEY_ENCRYPTION: "rZffGjw4BGlwoM+66fStJ4Pg+ivLc5ghtty3yoscltY="
|
SEMAPHORE_ACCESS_KEY_ENCRYPTION: "rZffGjw4BGlwoM+66fStJ4Pg+ivLc5ghtty3yoscltY="
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
- /data/compose/semaphore/db:/etc/semaphore
|
- /data/compose/semaphore/db:/etc/semaphore
|
||||||
- /data/compose/semaphore/projects:/var/lib/semaphore/projects
|
- /data/compose/semaphore/projects:/var/lib/semaphore/projects
|
||||||
- /data/compose/semaphore/backups:/opt/mikrotik_backups/
|
- /data/compose/semaphore/backups:/opt/mikrotik_backups/
|
||||||
- /data/compose/semaphore/ansible.cfg:/etc/ansible.cfg:ro # mount as file, ne do /etc/ansible/ansible.cfg
|
- /data/compose/semaphore/ansible.cfg:/etc/ansible/ansible.cfg:ro
|
||||||
|
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|||||||
26
docker-compose/docker-compose-semaphore_backup.yml
Normal file
26
docker-compose/docker-compose-semaphore_backup.yml
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
semaphore:
|
||||||
|
image: semaphoreui/semaphore:latest
|
||||||
|
user: "0:0"
|
||||||
|
ports:
|
||||||
|
- "3000:3000"
|
||||||
|
|
||||||
|
environment:
|
||||||
|
SEMAPHORE_DB_DIALECT: bolt
|
||||||
|
SEMAPHORE_DB_PATH: /etc/semaphore/semaphore.db.bolt # full path to file!
|
||||||
|
SEMAPHORE_TMP_PATH: /var/lib/semaphore/projects
|
||||||
|
SEMAPHORE_ADMIN: admin
|
||||||
|
SEMAPHORE_ADMIN_NAME: admin
|
||||||
|
SEMAPHORE_ADMIN_EMAIL: admin@localhost
|
||||||
|
SEMAPHORE_ADMIN_PASSWORD: changeme
|
||||||
|
SEMAPHORE_ACCESS_KEY_ENCRYPTION: "rZffGjw4BGlwoM+66fStJ4Pg+ivLc5ghtty3yoscltY="
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
- /data/compose/semaphore/db:/etc/semaphore
|
||||||
|
- /data/compose/semaphore/projects:/var/lib/semaphore/projects
|
||||||
|
- /data/compose/semaphore/backups:/opt/mikrotik_backups/
|
||||||
|
- /data/compose/semaphore/ansible.cfg:/etc/ansible.cfg:ro # mount as file, ne do /etc/ansible/ansible.cfg
|
||||||
|
|
||||||
|
restart: unless-stopped
|
||||||
@@ -1,59 +1,62 @@
|
|||||||
- name: Backup MikroTik config (text export only)
|
- hosts: mikrotiks
|
||||||
hosts: mikrotiks
|
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
|
|
||||||
vars:
|
|
||||||
backup_dir: /opt/mikrotik_backups/
|
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Set SSH port (default to 22)
|
||||||
|
set_fact:
|
||||||
|
ansible_port: "{{ ansible_port | default(22) }}"
|
||||||
|
|
||||||
# ----------------------------
|
- name: Ensure output directory exists
|
||||||
# Ensure local backup directory
|
|
||||||
# ----------------------------
|
|
||||||
- name: Ensure local backup directory exists
|
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ backup_dir }}"
|
path: /opt/mikrotik_backups
|
||||||
state: directory
|
state: directory
|
||||||
mode: "0755"
|
mode: '0755'
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
|
|
||||||
# ----------------------------
|
|
||||||
# Get router identity
|
|
||||||
# ----------------------------
|
|
||||||
- name: Get router identity
|
- name: Get router identity
|
||||||
community.routeros.command:
|
shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system identity print"
|
||||||
commands: /system identity print
|
register: system_identity
|
||||||
register: identity_raw
|
delegate_to: localhost
|
||||||
|
failed_when: system_identity.rc != 0 and system_identity.rc != 124 # 124 = timeout
|
||||||
|
|
||||||
- name: Parse router name
|
- name: Set router name
|
||||||
set_fact:
|
set_fact:
|
||||||
router_name: "{{ identity_raw.stdout[0].split(': ')[1] | trim }}"
|
router_name: "{{ system_identity.stdout.split(': ')[1] | trim }}"
|
||||||
|
when: system_identity.rc == 0
|
||||||
|
|
||||||
# ----------------------------
|
- name: Generate current date
|
||||||
# Timestamp
|
ansible.builtin.shell: date +%Y-%m-%d
|
||||||
# ----------------------------
|
register: date_output
|
||||||
- name: Get timestamp
|
|
||||||
ansible.builtin.command: date +%Y-%m-%d_%H-%M-%S
|
|
||||||
register: date_out
|
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
|
|
||||||
- name: Set timestamp fact
|
- name: Set current date
|
||||||
set_fact:
|
set_fact:
|
||||||
ts: "{{ date_out.stdout }}"
|
current_date: "{{ date_output.stdout }}"
|
||||||
|
|
||||||
# ----------------------------
|
|
||||||
# Export config (stable for diff)
|
|
||||||
# ----------------------------
|
|
||||||
- name: Export router config
|
- name: Export router config
|
||||||
community.routeros.command:
|
shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/export"
|
||||||
commands: /export terse show-sensitive
|
register: export_output
|
||||||
register: export_cfg
|
|
||||||
|
|
||||||
# ----------------------------
|
|
||||||
# Save export locally
|
|
||||||
# ----------------------------
|
|
||||||
- name: Save export locally
|
|
||||||
ansible.builtin.copy:
|
|
||||||
content: "{{ export_cfg.stdout[0] }}"
|
|
||||||
dest: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc"
|
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
|
when: system_identity.rc == 0
|
||||||
|
failed_when: export_output.rc != 0 and export_output.rc != 124
|
||||||
|
|
||||||
|
- name: Save export to local file
|
||||||
|
ansible.builtin.copy:
|
||||||
|
content: "{{ export_output.stdout }}"
|
||||||
|
dest: "/opt/mikrotik_backups/{{ router_name }}-{{ current_date }}.config"
|
||||||
|
delegate_to: localhost
|
||||||
|
when: export_output.rc == 0
|
||||||
|
|
||||||
|
- name: Create binary backup on router
|
||||||
|
shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system backup save name={{ router_name }}-{{ current_date }}-backup"
|
||||||
|
delegate_to: localhost
|
||||||
|
when: system_identity.rc == 0
|
||||||
|
|
||||||
|
- name: Download binary backup
|
||||||
|
shell: timeout 15 scp -o StrictHostKeyChecking=no -P {{ ansible_port }} {{ ansible_user }}@{{ ansible_host }}:{{ router_name }}-{{ current_date }}-backup.backup /opt/mikrotik_backups/
|
||||||
|
delegate_to: localhost
|
||||||
|
when: system_identity.rc == 0
|
||||||
|
|
||||||
|
- name: Remove backup file from router
|
||||||
|
shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/file remove {{ router_name }}-{{ current_date }}-backup.backup"
|
||||||
|
delegate_to: localhost
|
||||||
|
when: system_identity.rc == 0
|
||||||
|
|||||||
Reference in New Issue
Block a user