From db6703d5937b3cf318efe8f45268668e4fa819cd Mon Sep 17 00:00:00 2001
From: Przemek Grondek <przemek@grondek.pl>
Date: Mon, 20 Nov 2023 03:35:20 +0100
Subject: [PATCH] Add db-backup role

---
 main.yml                                  |  1 +
 roles/db-backup/files/mysql-backup.sh     | 23 +++++++++++++++
 roles/db-backup/files/postgres-backup.sh  | 24 +++++++++++++++
 roles/db-backup/files/postgres-backup2.sh | 24 +++++++++++++++
 roles/db-backup/tasks/account.yml         |  9 ++++++
 roles/db-backup/tasks/copy-scripts.yml    | 23 +++++++++++++++
 roles/db-backup/tasks/install.yml         | 36 +++++++++++++++++++++++
 roles/db-backup/tasks/main.yml            |  6 ++++
 roles/db-backup/vars/main.yml             |  5 ++++
 9 files changed, 151 insertions(+)
 create mode 100755 roles/db-backup/files/mysql-backup.sh
 create mode 100755 roles/db-backup/files/postgres-backup.sh
 create mode 100755 roles/db-backup/files/postgres-backup2.sh
 create mode 100644 roles/db-backup/tasks/account.yml
 create mode 100644 roles/db-backup/tasks/copy-scripts.yml
 create mode 100644 roles/db-backup/tasks/install.yml
 create mode 100644 roles/db-backup/tasks/main.yml
 create mode 100644 roles/db-backup/vars/main.yml

diff --git a/main.yml b/main.yml
index a334961..44f61e9 100644
--- a/main.yml
+++ b/main.yml
@@ -26,6 +26,7 @@
 
 - hosts: uatu.lan
   roles:
+    - db-backup
     - ssh
     - ubuntu
     - docker
diff --git a/roles/db-backup/files/mysql-backup.sh b/roles/db-backup/files/mysql-backup.sh
new file mode 100755
index 0000000..7a7bb08
--- /dev/null
+++ b/roles/db-backup/files/mysql-backup.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+set -x
+
+HOST=192.168.50.100
+USER=root
+PASS=
+DEST=/srv/backup/db/mysql
+
+DATABASES=$(mysql -h $HOST -u $USER -p$PASS -s -N -e "SHOW DATABASES;")
+DIR="${DEST}/$(date +"%F")"
+mkdir -p "$DIR"
+
+for db in $DATABASES; do
+  FILE="${DIR}/$db.sql.gz"
+  echo "backing up $db to $FILE"
+
+  [ "$db" != "information_schema" ] && [ "$db" != "mysql" ] && [ "$db" != "performance_schema" ] && [ "$db" != "sys" ] || continue
+  # Be sure to make one backup per day
+  [ -f $FILE ] && continue
+
+  mysqldump --single-transaction --routines --quick -h $HOST -u $USER -p$PASS -B "$db" | gzip > "$FILE"
+done
diff --git a/roles/db-backup/files/postgres-backup.sh b/roles/db-backup/files/postgres-backup.sh
new file mode 100755
index 0000000..853b0e7
--- /dev/null
+++ b/roles/db-backup/files/postgres-backup.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+set -x
+
+HOST=192.168.50.100
+PORT=5432
+USER=postgres
+PASS=
+DEST=/srv/backup/db/postgres
+
+DATABASES=$(PGPASSWORD="$PASS" psql -h $HOST -p $PORT -U $USER -l -t | cut -d'|' -f1 | sed -e 's/ //g' -e '/^$/d')
+DIR="${DEST}/$(date +"%F")"
+mkdir -p "$DIR"
+
+for db in $DATABASES; do
+  FILE="${DIR}/$db.sql.gz"
+  echo "backing up $db to $FILE"
+
+  [ "$db" != "postgres" ] && [ "$db" != "template0" ] && [ "$db" != "template1" ] || continue
+  # Be sure to make one backup per day
+  [ -f $FILE ] && continue
+
+  PGPASSWORD="$PASS" pg_dump --username=$USER --host=$HOST --port=$PORT "$db" | gzip > "$FILE"
+done
diff --git a/roles/db-backup/files/postgres-backup2.sh b/roles/db-backup/files/postgres-backup2.sh
new file mode 100755
index 0000000..6c876f5
--- /dev/null
+++ b/roles/db-backup/files/postgres-backup2.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+set -x
+
+HOST=192.168.50.100
+PORT=5433
+USER=postgres
+PASS=
+DEST=/srv/backup/db/postgres
+
+DATABASES=$(PGPASSWORD="$PASS" psql -h $HOST -p $PORT -U $USER -l -t | cut -d'|' -f1 | sed -e 's/ //g' -e '/^$/d')
+DIR="${DEST}/$(date +"%F")"
+mkdir -p "$DIR"
+
+for db in $DATABASES; do
+  FILE="${DIR}/$db.sql.gz"
+  echo "backing up $db to $FILE"
+
+  [ "$db" != "postgres" ] && [ "$db" != "template0" ] && [ "$db" != "template1" ] || continue
+  # Be sure to make one backup per day
+  [ -f $FILE ] && continue
+
+  PGPASSWORD="$PASS" pg_dump --username=$USER --host=$HOST --port=$PORT "$db" | gzip > "$FILE"
+done
diff --git a/roles/db-backup/tasks/account.yml b/roles/db-backup/tasks/account.yml
new file mode 100644
index 0000000..71a36e4
--- /dev/null
+++ b/roles/db-backup/tasks/account.yml
@@ -0,0 +1,9 @@
+---
+- name: create db-backup account
+  become: yes
+  user:
+    name: "{{ account.name }}"
+    comment: "{{ account.comment }}"
+    system: yes
+    password_lock: yes
+    home: "{{ account.home }}"
diff --git a/roles/db-backup/tasks/copy-scripts.yml b/roles/db-backup/tasks/copy-scripts.yml
new file mode 100644
index 0000000..df237a1
--- /dev/null
+++ b/roles/db-backup/tasks/copy-scripts.yml
@@ -0,0 +1,23 @@
+- name: copy mysql backup
+  become: yes
+  copy:
+    src: "mysql-backup.sh"
+    dest: "{{ account.home }}/mysql-backup.sh"
+    owner: "{{ account.name }}"
+    mode: '0755'
+
+- name: copy postgres backup
+  become: yes
+  copy:
+    src: "postgres-backup.sh"
+    dest: "{{ account.home }}/postgres-backup.sh"
+    owner: "{{ account.name }}"
+    mode: '0755'
+
+- name: copy postgres backup
+  become: yes
+  copy:
+    src: "postgres-backup2.sh"
+    dest: "{{ account.home }}/postgres-backup2.sh"
+    owner: "{{ account.name }}"
+    mode: '0755'
diff --git a/roles/db-backup/tasks/install.yml b/roles/db-backup/tasks/install.yml
new file mode 100644
index 0000000..f525ff9
--- /dev/null
+++ b/roles/db-backup/tasks/install.yml
@@ -0,0 +1,36 @@
+---
+- become: yes
+  block:
+  - name: install needed tools
+    apt:
+      update_cache: yes
+      pkg:
+        - postgresql-client-common
+        - mysql-client-8.0
+
+- name: Add cron task for backup mysql
+  become: yes
+  ansible.builtin.cron:
+    user: "{{ account.name }}"
+    name: "Backup mysql"
+    minute: "0"
+    hour: "4"
+    job: "{{ account.home }}/mysql-backup.sh"
+
+- name: Add cron task for backup postgres
+  become: yes
+  ansible.builtin.cron:
+    user: "{{ account.name }}"
+    name: "Backup postgres"
+    minute: "10"
+    hour: "4"
+    job: "{{ account.home }}/postgres-backup.sh"
+
+- name: Add cron task for backup postgres2
+  become: yes
+  ansible.builtin.cron:
+    user: "{{ account.name }}"
+    name: "Backup postgres 2"
+    minute: "20"
+    hour: "4"
+    job: "{{ account.home }}/postgres-backup2.sh"
diff --git a/roles/db-backup/tasks/main.yml b/roles/db-backup/tasks/main.yml
new file mode 100644
index 0000000..7a47ac5
--- /dev/null
+++ b/roles/db-backup/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- import_tasks: account.yml
+
+- import_tasks: copy-scripts.yml
+
+- import_tasks: install.yml
diff --git a/roles/db-backup/vars/main.yml b/roles/db-backup/vars/main.yml
new file mode 100644
index 0000000..4fe15d8
--- /dev/null
+++ b/roles/db-backup/vars/main.yml
@@ -0,0 +1,5 @@
+---
+account:
+  name: db-backup
+  comment: Database Backup account
+  home: /home/db-backup