diff --git a/apache.yml b/apache.yml index b63d4ca..536f085 100644 --- a/apache.yml +++ b/apache.yml @@ -1,18 +1,17 @@ - hosts: - code.kde.org - library.kde.org - lxr.kde.org - mason.kde.org - mimi.kde.org - nellie.kde.org - olios.kde.org - orbi.kde.org - overwatch.kde.org - racnoss.kde.org - rosetta.kde.org - - silk.kde.org - spring.kde.org - stumptown.kde.org roles: - apache diff --git a/backups.yml b/backups.yml index da39f53..70debbd 100644 --- a/backups.yml +++ b/backups.yml @@ -1,39 +1,38 @@ --- - hosts: - olios.kde.org - mason.kde.org - cano.kde.org - shrek.kde.org - overwatch.kde.org - bluemchen.kde.org - fiesta.kde.org - recluse.kde.org - code.kde.org - stumptown.kde.org - mimi.kde.org - gohma.kde.org - spring.kde.org - - silk.kde.org - nellie.kde.org - racnoss.kde.org - orbi.kde.org - dalca.kde.org - ange.kde.org - pirate.kde.org - library.kde.org - rosetta.kde.org - letterbox.kde.org - thera.kde.org - mygalo.kde.org - komaci.kde.org - edulis.kde.org vars_files: - vars/backups.yml - vars/backups-vault.yml roles: - kde-backup diff --git a/letsencrypt.yml b/letsencrypt.yml index 466b5c7..2fdb476 100644 --- a/letsencrypt.yml +++ b/letsencrypt.yml @@ -1,14 +1,13 @@ - hosts: - - silk.kde.org - olios.kde.org - rosetta.kde.org - library.kde.org - stumptown.kde.org - mimi.kde.org - code.kde.org - lxr.kde.org - overwatch.kde.org #- spring.kde.org # spring needs some manual work first roles: - letsencrypt diff --git a/production/host_vars/silk.kde.org/vars.yml b/production/host_vars/silk.kde.org/vars.yml deleted file mode 100644 index ced765a..0000000 --- a/production/host_vars/silk.kde.org/vars.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -backup_directory: backups -hetzner_backup_host: pirate - -# do not install borgbackup via backup_apt_dependencies; -# silk's distro version doesn't have it, so there is a local copy -# in ~root/bin - -backup_borg_passphrase: "{{vault_backup_borg_passphrase}}" - -allowed_ssh_users_extra: [kcoyle] diff --git a/production/host_vars/silk.kde.org/vault.yml b/production/host_vars/silk.kde.org/vault.yml deleted file mode 100644 index f4ff30b..0000000 --- a/production/host_vars/silk.kde.org/vault.yml +++ /dev/null @@ -1,8 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -39326630343662373963366131633730353333653366613639333435313266396463363866323263 -3630623735353161663432366131613236373261656264330a666237323733313863386231353634 -32373332313564306637333532663335663962316635653937366535306538326238666632643563 -6565653530336436330a363534383737356162393533373935613464383237343736373839383266 -36323062306637363937373861353338366566626564353638343230373561323334613330663863 -62366466636535636536393262343637353032303562616230663334656661633866613232316136 -346466313031333364623235313136393665 diff --git a/production/hosts b/production/hosts index 24a3e13..67ba089 100644 --- a/production/hosts +++ b/production/hosts @@ -1,90 +1,88 @@ #zivo.kde.org #shrek.kde.org bluemchen.kde.org cano.kde.org olios.kde.org fiesta.kde.org recluse.kde.org code.kde.org gohma.kde.org spring.kde.org -silk.kde.org ange.kde.org lxr.kde.org joy.kde.org stumptown.kde.org dalca.kde.org dalca2.kde.org ansible_host=10.150.44.2 ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q root@dalca.kde.org"' overwatch.kde.org #overwatch-test.kde.org library.kde.org rosetta.kde.org pirate.kde.org racnoss.kde.org mimi.kde.org orbi.kde.org letterbox.kde.org mason.kde.org thera.kde.org mygalo.kde.org darwini.kde.org aranea.kde.org artonis.kde.org anepsion.kde.org charlotte.kde.org eresida.kde.org nephilia.kde.org komaci.kde.org edulis.kde.org micrea.kde.org milonia.kde.org platna.kde.org [anongit] mason.kde.org anongit_style=legacy [monitored] # Servers that are being monitored with Telegraf overwatch.kde.org #overwatch-test.kde.org bluemchen.kde.org rosetta.kde.org pirate.kde.org racnoss.kde.org mimi.kde.org gohma.kde.org orbi.kde.org recluse.kde.org code.kde.org -silk.kde.org darwini.kde.org mason.kde.org ange.kde.org thera.kde.org mygalo.kde.org anepsion.kde.org [monitoring-server] overwatch.kde.org #overwatch-test.kde.org diff --git a/roles/kde-backup/templates/backup-silk.sh b/roles/kde-backup/templates/backup-silk.sh deleted file mode 100755 index e90d1a1..0000000 --- a/roles/kde-backup/templates/backup-silk.sh +++ /dev/null @@ -1,38 +0,0 @@ -LOCATION=/root/{{backup_directory}} -find $LOCATION -name "srv.*.tar.xz" -mtime +2 | xargs rm -f - -# Backup databases -for DATABASE in `mysqlshow | grep -v "information_schema" | grep -v "performance_schema" | grep -v "mysql" | grep -v "stats" | tail -n+4 | awk '{print $2}'`; do - mysqldump --opt --quick --single-transaction --skip-extended-insert --events --create-options --set-charset $DATABASE > $LOCATION/db.$DATABASE.`date +%w`.sql - xz -f $LOCATION/db.$DATABASE.`date +%w`.sql -done - -# Backup Piwik database -DATABASE="stats" -mysqldump --opt --quick --single-transaction --skip-extended-insert --events --create-options --set-charset $DATABASE > $LOCATION/db.$DATABASE.sql -xz -f $LOCATION/db.$DATABASE.sql - -# Backup configuration and list of installed packages -tar -czf $LOCATION/etc.`date +%w`.tgz -C / etc/ -tar -czf $LOCATION/crontabs.`date +%w`.tgz -C / var/spool/cron/ -dpkg -l > $LOCATION/dpkg.`date +%w` - -# Transfer the generated backups -lftp -f ~/bin/backup-options - -# Borg backup time! Let's get ready to go... -export PATH=$HOME/bin:$PATH -export BORG_PASSPHRASE='{{backup_borg_passphrase}}' - -{% set backup_creds = hetzner_backup_creds[hetzner_backup_host] %} -BORG_SERVER="ssh://{{backup_creds.username}}@{{backup_creds.username}}.your-backup.de:23" - -# Backup /srv -export BORG_REPO="$BORG_SERVER/./borg-backups/silk-srv" -borg create --compression zlib,5 --exclude-caches --exclude /srv/www/paste.kde.org/app/storage/sessions/ ::'{hostname}-silk-srv-{now}' /srv/ 2>&1 | grep -v "Compacting segments" -borg prune --prefix '{hostname}-' --keep-daily 7 --keep-weekly 4 --keep-monthly 6 2>&1 | grep -v "Compacting segments" - -# Backup /home -export BORG_REPO="$BORG_SERVER/./borg-backups/silk-homes" -borg create --compression zlib,5 --exclude-caches ::'{hostname}-silk-homes-{now}' /home/ 2>&1 | grep -v "Compacting segments" -borg prune --prefix '{hostname}-' --keep-daily 7 --keep-weekly 4 --keep-monthly 6 2>&1 | grep -v "Compacting segments"