WIP: backups with borg and borgmatic #39

Manually merged
jeltz merged 45 commits from backups into master 2024-07-01 01:55:28 +02:00
33 changed files with 718 additions and 200 deletions
Showing only changes of commit 6713b550b6 - Show all commits

View file

@ -2,7 +2,7 @@ skip_list:
- no-changed-when
- load-failure
- document-start
- package-latest
- meta-no-info
warn_list:
- experimental # all rules tagged as experimental

View file

@ -24,6 +24,10 @@ postgresql_etherpad_passwd: "{{ vault_postgresql_etherpad_passwd }}"
postgresql_kanboard_passwd: "{{ vault_postgresql_kanboard_passwd }}"
postgresql_grafana_passwd: "{{ vault_postgresql_grafana_passwd }}"
postgresql_cas_passwd: "{{ vault_postgresql_cas_passwd }}"
postgresql_drone_passwd: "{{ vault_postgresql_drone_passwd }}"
postgresql_wikijs_passwd: "{{ vault_postgresql_wikijs_passwd }}"
postgresql_nextcloud_passwd: "{{ vault_postgresql_nextcloud_passwd }}"
postgresql_gitea_passwd: "{{ vault_postgresql_gitea_passwd }}"
# Scripts will tell users to go there to manage their account
intranet_url: 'https://re2o.auro.re/'
@ -106,3 +110,9 @@ borg_backup_exclude:
borg_encryption_passphrase: "{{ vault_borg_encryption_passphrase }}"
borg_server_host: 10.128.0.4
rsyslog_outputs:
- proto: relp
address: 10.128.0.241
port: 20514
...

View file

@ -1,198 +1,214 @@
$ANSIBLE_VAULT;1.1;AES256
61316365323636633262643334366235633639633534646562353032666465623937323833313561
6562643130663731633435646332663365373265346635330a636266303066356364353431393335
32626431366331363338363237663862643464393937626530366332353735393866366261643465
3036623765663362630a343439363134386236633236336332626366386461373965646266366234
65643765343438666339633738303566343661636134386234363261306335393061316463373332
32613630393438626337623837373765633462336430663561663433363531373635323365353566
62333233313835366534386263623132656363623235393030363833633665646633633336373435
31636437393137323236383330653265336333663635373331383866393435316139393635633339
61303532626537346336653836636263373466386139343734623937383161333561656164363439
37316631393536373635633239393939356437383633646261663536306239646434646664323866
35363332306538613265326239613931343934303733653133613639363431666434343832616534
34396362373939376335323766323633333733393638626231336432653262326437346562643761
33646563393632326166363463373734653730316439343931376566363065643034393365653937
64393231363839336531326164623637383162646163326532643132393163343365393135393930
65323464643465616235323165373465373061386135323530323761373339653433666162383139
66636136663563613964643761623332333438373632313832653430323066663537343165373061
66303864653563386536383430343130383863623238643232636134633964346234353134333031
37626232656130343863636463663839373161626364356561343434623832396632653064313963
30616534633634313933616334333537646663636433636664313730303733636162323233353162
35373264316166636535313735643135356437353332333864393733653462393438653262656662
64616565326533353530366536636330643733346264306536616636313935633863613032666336
66393338383933323166383862653635326666316132363036383032626162653664643761613562
36653066623332336632306637376437623164643965353733633765646266323833376364346435
32613538336465386465643035633630663164663136666638333333636638333164626237633439
32636363393362656230356261363839326266376233326237393634393433323739386365363266
61363132313137646630306131653339313833633739366338333335613966653563306331363361
39396538373831356436313837343066363033306563636364303738666163336561323661303331
34633739343465326335613039663537616233626138343730643234346333633666643264313566
38616462336265373737356561376336626366323238313239333535376561303033376536643966
33333563336262396433336433346132616530363039663164306234363231626331396662663334
31306337313533343239383063613532303132346638663035656635393733323031303937356636
37633334356235613437656439626261613565643538613435616364633334663034666464386565
61666530633138346664313237393130326263623032346539646365656631316334353530633864
65306264343233373564333064396461623232363462306531653838333164623239633134363464
61346134643937333261633632396638396532363035373130333237303137353364653564643438
62373736303636386637616436396565313364663738356466313032316264373563373531626561
65653530376234393730623035643936393839313065626661386263346630373362323965653865
66333964363738326334346338613934613435616331633566653965346138346135313837343861
39376462343933383063336463396632616338646666313737666437346330346663313066306565
65303130346664633336353964633234643233623764336563393537663035316162303437313061
33383131333433613361663335623439313436306339616333346364353064306238353535636639
35353861383738633330656565616335393432373632323630633038303261306263623466643633
65623530373137363866356335363238306439303237353764346561353339373562336266363435
65323663343565393832646539633037396463336136313066646132333731613561633763616337
31393265636232313333393263653230333861363463653365643661363235653838646538373065
34303337663837376231613636626361616337613433626435626238376139656234393633343636
35653537653030613431363436663632356638333036333866336163313832396338303037373561
35323363346139653933316461333965363764376535653638386361396337323132663366376533
63666232303038323363303532623833666539356662383236323639313239666633396163346564
30646438333034663630326539336631323237623936366265366138653564376264336439643262
38386630376237323231376165666166386231313164333266353062613162643065643164346531
31393665333035356230396562366231636265353166653162666464363130623962396164636537
30333538633639326237383832393737616432643339363239353534363438396137356465393138
37396562623532356131653135366237643734663130326235373236393866663664363337323138
34646663623430613832623535343535393865653834633733326635373432666565653332343835
62386631353530323832336566373464323034313161353161633832623263343061643930643638
38393462633063316232303037653834616264323230313732346161363833396632653732346136
38613835656361616462386435653766383638626132306663363864633264616235333365643430
39373863636435323162393031663038643961653330643434316163336635376437373133646638
33393964626437306235616237323439386338333566366631343966656436393438343563613835
33386464336330613233613561356437313163323632323166656231376561323763643439653430
32353634656263303336306233353231636665353734363964343361306337386464373539353235
66393365643537633563613963663363303830323564656132333534383630663330366436646431
64653634386662393564383135623036373039653132393664326163303164353065376566613966
36343230393532303435656137333530363666303130333136333263383131663966323136363666
36323034333532366161613334643835613737393932393939626234653134623138343630373436
37303731626565303636373637396434303434346239336432663836303931356536396630323630
32623631326137363137336663363963326665623632343235323534366235393134663566633638
36373063616531663762323665366361363131396264643362346665383634393465396562313034
35366634366364353534613139303239643738666665306435333435383465626437386539393432
61396463386130313266633263386130306634376464653431646463653933663066633636643465
37303435663437653562626464313134356339333462336265313535633636366636346232323736
66386638653231363338656361366237353236376131383563616265633637663464643030356331
65663835376265336537303364363033373535666137653130333636643666376164613137626637
30663466363164623535616639646364346462646162383632356137333232393061336238373131
66383533343631613536326532366639353439373537353732373161636631653838623632313131
35646666346534666332303662636635353739373462306337323664313036643237333437313936
33376635643333306538623663306337643965373534316235316561363432646234376132313236
38373736636266343934643730356236363532656236386631343063616130653464616361633033
34643565643532626561633664396335326633666563646436333937666537613961633061393832
66333265326435316264646530323433616266356630643930623961643134353561636534633533
65376461346161623831326633616163336331326134643162323438616534613564356531653434
37316634383366376430333162623162636261343466613431613537636637303166336166376563
61366235333635376264343561336666396535333162633236653462623933303933636530636234
61316533373032656166303338353031363533353033346339383665333964396635326633373132
39626235366363633333663366386630623233393030396635633339306535616130323465373030
62646231613763636538396236343434376131616461313436663034333266353934373730643262
61386339313364313237306336356330373265663131343066333435353038653036306435383764
65636262353038646639383930323037346531663065666563663063353563363138613231613561
64366139303835306432383066356661363836356231323561636364313734366331393737333136
63633039336634326239303635353765303530343336386231633933653265616161646434653264
61333865333735336438313434323237326133613734336430623230663834343033353064633533
31303064623930376532333034363763383061633831633564343065373730303132336331363965
34353661313239346263383364373663356435353837303164633330393965336466393632396663
36316563313632333335666462303434633731616232343430383362363131613762393165343432
36303033656139353261646561663930656163393639343938633365623161393638653330373736
37313437626465663132343534663835303237396632336561306437366330356538666565653231
38306638396139376239376164316661363863383137316363626662346264333731316136353832
63666339303631313564396262653532653361636136626633346132333263366532396430323039
64313761633265616364353264336235653235373437346139303239333839306334356436616330
34666231343565383136373938326434653565656133366130663739633266646339613838343233
62303438663461653434643132633033393061303839356163646666363036656365353330613831
65613834353935393739646636633338316338313963643438643663613763393031363165376362
63336132626362653334666161366565333563616363653565383035666234323839363634303631
33666533376263396661616366313166376162653966613039356463303564626332353734326666
31356430383032343463363830613337386164343233373162356162326238303633303266646338
39376332663066343438343265633139653633663036356134323034613939663836383931626138
38393164356538616431373934333966356330346365383635343333393737336666326639336631
31323232356162333639643236393433666263353461633163323965663532363339653466313134
61383838356237386165363230353563376130366437323237323935343135656562383131653365
38643630616132366332616461333332343339363934313966326263306238356166313764636365
36643439643939373533393462626231353964323062376433666538376637636637313431393932
66656461343839386365303064366337393330366465653062353631333265313934343937643239
61303063303164316538333330353366373263656365376338626531343761393961313762613737
39323036343564646538616330643235623233666236393739336138353364623630303538336437
37353033356634333636323561373166626130646562663331383331346439636131626238373334
35663962386661303866366535366633373839323761326237663633373235663539323335653938
64366530333964363233343161326138626231383737393130616466376463323263376365303762
35303639393739666561613632353431333037663837366162303266363837613335396362343631
39643464306338663832346336333663353738326462353038306631653165363835373864363662
35626339623237653863643938653538646338333730633431623836636430376663653163303238
35613965623439343162333132386536643062363137306435666631643261653038366131383935
38613634666330383432656539353734336630396333393166636661636239333864643636336166
34633335336534366430326139653030313735626265363030626337393935313866393539643863
33666130306638373535333562656130626561633062666236613764376330306164396165346432
36346638363530303262373334313339633930613363663265313937663866316634303132373936
62633062363934666264633264646334616339666331363637386538633338636131333030633534
37666239336366316330363961363566666361333436383866636161383030396130653965376636
65373337323937353331613861366532313565353963333235616264376563323535346162336537
61303032643566346231306232313062666164326133633536643963343063336438333761333932
36636531653230616234386662333938353230376337656366386634306336343464366536643263
37613234613730393039613835653935356363313363353837383236616335653031303231383963
34396637346661363737646536666133376562636364663832346362356535333162663863386635
35633836313232356235373938303761376539633437623235383062356536373533646630643238
39303165643266333364323331363737636135656236633538383266376663366539363834343361
37323230623038663765623665313264656336646239613165326231333830646637353262636332
33643764303730663733353338623035343566386663666364653861656531653838643535653163
33666639306165656231343830653735376661383762616532396632316135343239353165663534
65633165343132653466613034343231363339396431326334363163633232313236626237663230
64363635646463313061643365633935393038353761656461346262303366663363343163333532
66393665386561323236663537636563636163613138666464633038313763376236636235386430
35333837666663633035646630306666343631373366323564633436366562326135346563376437
32363533396231613833653431326536663966363430396165663662623236353638383830366336
66343836303930353866363036326461356166626131306230653665343564376364343662393261
66383765656462386537633162613066616164353933336533396232373531346130363531663632
36336236343233333530353732646334626239616164616237373262383230663034656462323336
34666634636562636661383131373339633866376563383131326633353438333935643030666133
64343661613737316563623461316430373930343137366132376235303963323339353738393331
63353335363938613763383561616337623838363336303263346366666532653635643164353865
39623666356663643238373337663564636230303766626135653534303637626261663930393932
37656637323737326362623634356135316336383930373662633139343866353131373461656237
38613133643338373966343131656538343564363530636162623739356165666265393664356131
64376365336263316138323737383337326437643934396439383439333139386432646662623764
62346235323865346339333565653363313231366138306365616161346335326633386234663937
66626132353665663734373038303030646331613534623733646565353730356233613035626238
35396366646161623037656437393264613962306639393466333039666637663930613939393464
39316166323632316238653733626137343161343438396665653530633466666161626363396233
34633732326166313066333536353834386634396233333061323963623234626230646565313762
37653763333434663734646439383934653666346134343832353134353162623931373139626565
36623063653265333863643265646338376332653139376661343334376663646438643563316432
34346432333530643761643832626530353637303933656434306436343830633939663261333762
35643037626533633039363835303432303532626234656437346338623862353131616661326561
63636134663634303935613831306432343334376362656162366139393564613338653730353039
39343832653764326663613531623337346133316566666161336532313430323030323266383437
65346332346633373231336335363637663638643363653937333038613233653863346137626266
62653131623263353262633230333064663736626138306266383964633533616530653861623639
35633966623632396639343937633061626436366561303161656364303162323033633536323234
34653830636363306236616135343538363337643362636430656637646236386233326634633033
38623234653739326434336234626630613931363934383864666634396261396130663139623764
36313734376564393665636664373231336263653933303663326534366462363732303331326431
66666437666265313637633439653939356238613761373130396232313961643037363131643931
63633261323863663335373166343137656662323736386133383634336232353334303634386163
61616439626364623331323563633436323163396532323439323933383666396630343437353332
32366133653837396361623432356539656337633333303134626466646364393439353439666363
32613664303633356362313764373666393562646437636562363131376333323265666431643465
65353765376661386461633561613934396331336363396563373932623938306463653239333236
64326339323866333031303239313634666564353436316232633335623066376236646164316363
38633435306238653234613665323134316562323463643762643032346232636361633430663933
35343332656139663230316234613436643133326665396138343461383264393061653333663737
30613633306439653964386233353533646436303063366639326465656436643431393232356536
63353539613430376264386130643232616638306362373761623537643562663166356230653630
66333136323836653038623562313832626662616432323434383463336366653562313666323565
38306335343034653661383137326163643536353631646432396336656264353637636562316630
66396238396536663736386130666461613664373062623833386433356363313934313963383932
66323835303264393132613161323465636635393038356166353563376634343531623930663361
37396464666265393430363965363631396332326166623130613734333531363535626433396561
66366234366435316333323831653739306131633430363564313730303735653738386463346261
62656330303335396236393632343038316266323439646433663631303564356237353138326230
38623865656666626438383533366639343366376463343133353963646136323438313236303935
34646635343734633436356265633663363133636632393138316334396265303363636432373264
36646534323333616133343830623139343963626662656134396336643737313039363631626237
36643637326136316461303136373739646665646337663339613364633534346234636534393736
32313430653632373461613965326363356163396261613366336136616661393132633761333535
33616662633766356239343262343263623138656137633061656234353938303936653634376635
31323063353232313339323966313061623764613361316139336261616666376630356437313465
37376263666534306662356230633262363039303631633435613234313633356436653539303564
3131
65616665376265626636393064366339323264623332323337356438303634646361303530626536
3134646236376339666130646239626333613866383766340a366465373839396639623862636436
34336636326332313432373162356565383034636366613135353037393138363466626235353261
3634306231333966350a323133396531626565633433313761343433303964316163643365626466
33376632643937663566386232383161303231326638356338383536626531313462636335363166
35353138393964663063613331386138363030356661633530313533336138336362306437626431
34613435383966333538363734613730386634393532653334393766613262666434303666386537
33643832653236313136663761613762656334356466623431383533333563646135336332653331
39376164363533383930343237366638323534313232613561643936336330353538393136363534
37353536623939386131616638623531326531316233656166383133316564393731623366353833
31613665303532303435363765373434653933386530356433653061623232306239316534653432
39663938616637363238623866303439326666303438613066633866343830303762633233383333
65343332616430613839636337396238666466666430383031663939323239383964346638356538
65306463303330373534316438313932373864626637643935636165333835373662623737613734
36373161386163383831623065323763356637313364303539343763653065383139623934353638
34373861616336363861363761373665393465623566393063346331333861326337316363373163
31633532373966656565303866653335356364633063313665386335663863363163303431656165
61383231666665346162303635393838323462613261663231356531393734313063663231616632
30343562366433363261393037313062343036663139353431663330383263316662313330636534
33666463393664636538376365663236613536633663303738373034303136383939343039316463
38363731333435333262383064336138303062303836303735383836626430623738666635383637
36383031646561666632666339616632366138383534393030636331323037643564306363303864
33616664326330656136336538363539623039376565383166373032386230383639326564343961
39623465366233383663383433313862306366643432623130363037643033366531376163386165
64353930386233373561356530316361623665643531333632376266633963303262346532386633
34363938363765313366636134636364616634393061333264386262386261383236386532393966
62636332633165383730313365366631303032336339346138633231656165646465643039666362
39613534303532616433646433616261653739663366383566303862386666383363633736306265
65366434626634303033616463316433393730373034666463663333376633656630386665313934
36626337383236373533623830326134303931653434613837353961366130623665623336303139
63616265366638393064666166343331306530313438636436306264636235643762623564653762
65393435363564366266313161393631383836396464643635643361363034306134626535353962
63393530313438383731303666343637303666616239643334626338393864613635363330653062
31633030396362666237376232306238373065616238373934313930313234353433343934363432
35633636656632643964613431333435656532653038373532343036396136636231306436326639
36376163656634303236396133316664613164346661346565646165303664343735303233636164
38393361343561396336333133326539346561373038613265666364316630363339336565363265
64623063346232346334373836346231353336383931393663373365623838363036643232646330
37303139663166653634336363626637653666363965383632313261326530323236303961343130
39663165303836346339396536313137636462373765313135303039386339393536303263636236
31333534323735373638666364643365396435636533393932643432386630663135633839643965
34346330613132383533393361626333636132616130343266663835616534616562646366366336
38303337373331303638643639373535633331626461613862333562653165306663383237383232
63303331656338656137613162323138333661613834323863633265353737633666336263636665
34393064376330306562343930376337626165373562336630633938316566343434633734613561
39363531383233666437373562663136303834373838383632356436643638306633346434316362
63343866353465396630383562306230313737353863363935346630396134393534353531336535
65366634316230323264366662376133303565626638386635616536303839363737663538353338
32663834636363643034316165303164386430346663303635323634373465326537653132366230
38376361663233646266663330363236666533663861303365303833386465653864656331616162
66323532643737643539643562653335393338643465373838656464326133393466373733343666
39613331376538653934333061376664323230636663336232333361623136393836326262336430
35663930336364376230356537326131323666343330373030303765653763323863646631666136
39623936613762393332303763633966303966396536643236366534316539386136633230653433
65326634323062313730376338343965386338306135393033333161313839333963326134653966
66363365353537323034646537633331336134363239393465363164663263313731666335613032
61643935623064626464346430353033313961326164316637316664363830633137383335316538
31646133623461386434343663313365376230613237326638393464366166633635646462373939
31313165616363373730393733386430633065373433643935643931363965393465323264626164
65333431653566646134646132626136323035323362313163303463393962306631363631383762
63333063633934646332303966666461663566626564643365643232323732646530303834616639
63616262316563636636613764663563323063636331643063373364373337373664333763363464
31346663633866653162323934613532333934626430643138613631653164343063323661383163
36633431376463633334306663346462373166613531663064323238323434346439333936313539
33663036663234383934626661383530666566323336363734336265346235306135336136373864
38313937663965313334653139366430316632313737303639636135666235346633303861626430
34373938633331666535336438313363626636363063333265316166333562616330306563386335
65366366303937376438313032643037656465393263393434623462336430393031373433383532
66306566656437323530323434353835303838303438613662356134343136386630643338333264
30643039666535323736303930336239643730653233393538633235303938623161343437616136
34613337383363656536373737396261396261653264373362313161336435623466366436623736
61313036383063656537613664633437336361396665633764313062396265323766346363656666
33656130316566633563353631323438343532393563633830343131653063353331323961343636
38303239623566383337356262313538316437323731326166366139623665356132313563663734
34353065316164653638313439303466316338373565323435343937653632313566656438333730
62373366333335643366356438613838373963363436393035623132626233373830666238323464
33356562636261376665303262633665323830316137306239626432323330393863613938313539
33613438373733633661633266353866373834346436383466636138393736373638623136383639
38653439373230353265386166663562633738306232623132636333396135343461646136303162
36343636306333376564383764356433653362356434306566376565653736643035336433303331
38626430623633313336653261633834323430323137313533333166393966633662613561643863
65653237636436373739633862313132623831623461643063626361613231343537383032346132
61383666383134373061643061656164366364656231343434616366356237303766343166613964
36376461366663373132326263616263316663323039626239643361363362306334633636343064
66336533626562323832633133653366323137616431363566653561363233626239616262346165
30396466343639383665383762383765396638323761653065356339343965373032306136656563
31353033343532366339303331366235373838356461353564623430333561356635336163396466
38303438616436383763386538663039393862636333326630623862353732343961646162653933
35633235303530353065343434333164306530363839663366316235333563663965623934383634
32616565313232373964366163323739353261643432363037666639663664303861383033333462
62333633626263393637306365353565306636386238613365643537353861396638643065616236
63303130313363326333663936393765623930636331663837313835333862386263303238386262
35646634663163626438356536346239666461306462326465613339653337326436356638323666
38323134396238356532623430303233303636343839646436363066383136366436336536313766
33373036386465623737316435643430616434336165343832386539666432613365326664663237
61333166343438313131643635663234626638623139363034616263643463356632353932383938
61383065343231633438313536633039633266323563336531663365326137666535623230336134
34646661306330653631383364343566386531313137643233376265313461396538373132396366
66313534386133346161373130386465383139623831653566326434646461306139633433656630
64623164376361643062396139356464373131653036336361623738633263326234323066613661
31306163313038333861656561356661383436363534366665376362346661616464633065303234
61616237313434363761636261313630356639346434636465363763373235636462666338343265
34336533376366393339306539633238326663656266373965623962623665626238366333393734
35646636666535396638373134376362396134353035633566336461326630323833383734356161
62303738343662633735663965336435316630653061373736643035653337363635623863626533
31306138313839616131363333326439323863646236613133333163366162353063366561656631
61623237633361313631633463666335643935616237656134383830393335346632393066666632
66326331653430633165333037316637303138353133313264643739626566353137383265366264
38353533613863353431656665363339633265303463613565636565393836616230643932333762
30353437343761613236613431626536666538336234633166623961363031393235333763626337
65623836323538653730393533383532626133393834376339303630626533613339623666353839
38613833623830306566333035336334383733626166363239356661353965353462393161626136
37336365663863393963653031303337396666653262646635386337386230383562616564653966
34393831383639303562333464653736363330326462623266383038326561323264363563623065
30366435323961613463653636666238383632353661326439346430356134643866396531623039
66663830353732663863393762626161383263663535333032393632633066363836363939316262
30373766363637316535306538663235656137363038623936366465376636393535326437666334
30343437326362613761376262383265313264383464383838386638653065313864353235373331
62646366333137643931316339373761663731633766363864633461323266663236613231656633
31653132343031313535656538663761386266333062646439383633336531373764366166646165
64343439386336323064616634363532353166353531633332663862653666666436666564356236
62336332386437626137386566333934393636313933386466366361633232383135383066396263
38343432323865353563363631646535633438336333316134343862336666313063643036343030
62323732353837363639376564336665343265663861303938316564646533346337306338623834
62353835356465303561346337366136396664383961663237653538643462666263346638303363
32663564646333343532613861336132396530363435626361643631666464383364613336383235
64376465636238633765643234383665663637643565626663393066316538313563393730396430
36373037396264613731353337393261346534343263393862376464393565353739393431313031
61353538366439383234316530326338633635393035376335616565356630633964636639386639
63356666653532666435663564393332303234363465636335316365326365633837663930616233
61343933653232666138613866666430376439396336353535663361373564366262646663653064
31353765386537656235613131323763323930363162646236333632663034356237363231313762
39323531333264633863363163333735303636333866653763373362626265396265356564303533
31353838333337393732633961353561633430616637396235626261316433366339356239633737
64333636333566366237303231376337613539643464663839303438313532323538643738353866
38626438303033346531323836336534633732366631376665663139323037643161326561363635
34633237623537383466316433336636633962623161383338656339613139346138366132356365
38363635666234616532316333366236396639353130646234626533666133363661393038353666
38343530306239336234336463646332356462356565376463383930656561336239656465303231
61323862333032343137636434643335383163366236373161653366323139646235306564366637
31313335653732633434616436636532343037383861393931323734383964346437323933653737
39653633663064313933346231663931343163336166663662333239376634386135666230393563
34333163653935326532386662613537373161366331633737653539333161386461313638643034
62323433613164383731653534383662316364333538613433623731376234306538663766363965
64376432396361636637343539393330323835353562393031616137393363333662346332616464
32643939663266343038356539656464393665616637383030666630333834613830373837353738
63623130653465386135636635643637366231383765623761356563323061343337306538633031
66326334303539623763636362333534643431383962383539613964613531353135663463373266
37326632353861383964653430656362613930353138316566636531323733396231333361663431
66356561366634323832386437336130363535343132333436633761613731636561333039303965
33336532373764303334636461646464633866656237656466613361613131613764366339336233
38373030366130613230636365303233393631383538316230366434326137336532333261383236
64306566343964643139646438633066373261363836386361316138326362373361316536313839
39663633343330663732376230633638626533313963306266363030306431373862633833383532
36623537323532373934613962613761376463363337393666316434383463393962616366643436
34326566383666663266396165613534633464656130313535383963353238623238393837353133
66396661626432313038306362393136616166653962363736363133303835376264616561343736
38383531623733326366333661393262613335653238343235353165613339393535316236353563
35663037363935386634623064636333666135313361303837383630643665613863373931626333
36316138343462636538616466383461353639613264653831323133333262626633353766643730
63343030346536616539643832303238393539383362316137386437356630313438623436636465
35363436306634393764386362616330373732623763373064306562326337303732333733346563
63356231343165653132303338343439356666646162626639646232623064656664336133666233
36366366363264663033333731616632383438306435663631613439646466663434343931663764
36623437666232323336366363333333373430303639393761636463333135626263333066656538
35336431623265663239633963353162366534653864653530623935333137653761336234616133
61643231663033393535383063373236363538623964303435623337383031653734626461623731
62306565303739313166333663363935313362356362303066323635626638393961623138613864
33626639323030306461326232323533303131633630316437333936653839626362613162336339
39373339626238303238306363356166646532623963306438626264633961643765353434326430
65323535306566343537663632393866616239613732643032356536303764636564306630383633
66356435616237376538653539366636636533343866623764316462346634313032333636336166
33653231336563363336303936336430343137653966393530393532323563393532353434393231
38363662613161626132383266323635613165363433623630653663396562366262376634326561
66643938306331663931386535613833613761313639363038616139343966656662646432663666
63393931373738373536323631353361303366343330306565393230396332373932303866333034
35396166633165396537373638333730303730613939386663653032626439363466623231303833
63656338656435383531613734643165613536353632393535646132303034663731396631303237
64376438373538373362353766303963396639333732373266343766363534623063313138616139
39313861616164613031643934313466633431316230656566306666303932343039383737313565
66356432336663636631666138636538323238303462376330663134616365323536386234666136
63343032383465616437303437303063626335363333656166393435343834646634313435653334
31366465386238393133366364376565656639656230343161613463393931373537383564353866
31313464663531353165646665356231646634383936643539323866376631666635306334616261
39383439366664386563386133356239333133306162316466343334356631616434623363643535
38663530623063373965666530386632323034623139303839323761376638313362316430373536
62363265366537656237633663663266653631653561303965616635363438613061306362336430
35303461633864353735613330643966396230623434323132383135623331353361633134663931
33333435306635313161613930656239346461623931356430306364383937353433626435633832
64613437313464323861356338643733386432656233663333343437353935353236346561366330
32396465333833343732653136616636663736623434363765336161383433356333313135313161
33373764393265376661613465626638353636653931323162363031666262653062626166363930
39613931356338393862356537343332633635366134343037633765616634316362386335663036
32666465323538356634346662383238326663333339623430376362306534363630613337626266
39326361383435623939663163373835626439643433393839383730666166666266356361633731
33336265613531303735613239316362633538386632343836613230326164366165616265313066
35333361303734343231633930346230343432336665383337343431303031383962383366343433
63363364333063313632663765633831323863626636643862323865356461366361343563383363
33363138646366333136326435376537356338633862623531393938373935353466376266333664
31633039336362363237376266346561313064393537613832663130653761636633313562316639
36633432613931663263343861396632356136366636336163343333323661666663346365626564
32613734313663656164333537653666313033643262336239623961313638306634343666303938
62636236353161336134323430336263643038623663353965656236623465326661633766363765
35653261663335313065383266383833393431333631653363363030363939323862653262316637
62343263623037643435656165623466326365363532353434643665336632383765313937666535
37663463303034363531386465383663393534393435633764646138313962373735393334326137
61653933316435363130333335323066386532626234626534396435383061333961363739333033
61656364313963303132623837666463633066653165316633373166373161343539393132316665
37646631643265333665643262666265653339616530336361333333633939373839323264613761
62643363356431306330313761623933623333383066333364663439646536333232386232623238
62356533636632396330353430653935613965383938643638353632643865323832623737646635
32636464343734653765396236653538343463373662653733326362363330643038663766383861
34316338343064393862353364613037393231343366633364393535343965623431

View file

@ -1,6 +1,7 @@
---
postgresql:
version: 13
postgresql_hosts:
- database: nextcloud
user: nextcloud
@ -18,11 +19,13 @@ postgresql_hosts:
user: drone
net: 10.128.0.64/32
method: md5
postgresql_databases:
- nextcloud
- gitea
- wikijs
- drone
postgresql_users:
- name: nextcloud
database: nextcloud

View file

@ -3,4 +3,12 @@ borg_backup_directories:
- "/etc/"
- "/var/"
borg_backup_exclude: []
rsyslog_collector_base_dir: /var/log/remote
rsyslog_inputs:
- proto: relp
port: 20514
- proto: udp
port: 514
rsyslog_outputs: []
...

1
hosts
View file

@ -35,6 +35,7 @@ wikijs.adm.auro.re
prometheus-aurore.adm.auro.re
portail.adm.auro.re
jitsi-aurore.adm.auro.re
log.adm.auro.re
bdd.adm.auro.re
bdd-ovh.adm.auro.re
litl.adm.auro.re

5
log.yml Normal file
View file

@ -0,0 +1,5 @@
---
- hosts: log.adm.auro.re
roles:
- rsyslog_collector
...

View file

@ -100,6 +100,19 @@
prometheus_switch_snmp_targets:
- targets:
- yggdrasil.switch.auro.re
- sw-pn-serveurs.switch.auro.re
- sw-ec-serveurs.switch.auro.re
- sw-gk-serveurs.switch.auro.re
- sw-fl-serveurs.switch.auro.re
- sw-ff-uplink.switch.auro.re
- sw-fl-core.switch.auro.re
- sw-fd-vcore.switch.auro.re
- sw-fl-vcore.switch.auro.re
- sw-ff-vcore.switch.auro.re
- sw-pn-core.switch.auro.re
- sw-ec-core.switch.auro.re
- sw-gk-core.switch.auro.re
- sw-r3-core.switch.auro.re
roles:
- prometheus

View file

@ -29,6 +29,24 @@
dest: "/etc/nginx/sites-enabled/default"
state: absent
- name: Add 'extended' log format
template:
src: nginx/conf.d/extended_log.conf.j2
dest: /etc/nginx/conf.d/extended_log.conf
owner: root
group: root
mode: 0644
notify: Reload nginx
- name: Add syslog snippet
template:
src: nginx/snippets/syslog.conf.j2
dest: /etc/nginx/snippets/syslog.conf
owner: root
group: root
mode: 0644
notify: Reload nginx
- name: Copy reverse proxy sites
when: reverseproxy is defined
template:

View file

@ -0,0 +1,7 @@
{{ ansible_managed | comment }}
log_format extended
'$remote_addr - $http_x_forwarded_for - $connection '
'$remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';

View file

@ -8,6 +8,8 @@ server {
server_name {{ site.from }};
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}
@ -25,6 +27,8 @@ server {
server_name {{ site.from }};
include "/etc/nginx/snippets/syslog.conf";
# SSL common conf
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
@ -52,6 +56,8 @@ server {
server_name {{ from }};
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}
@ -72,6 +78,8 @@ server {
# SSL common conf
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}

View file

@ -15,6 +15,8 @@ server {
server_name {{ site.from }};
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}
@ -39,6 +41,8 @@ server {
access_log /var/log/nginx/{{ site.from }}.log;
error_log /var/log/nginx/{{ site.from }}_error.log;
include "/etc/nginx/snippets/syslog.conf";
# Keep the TCP connection open a bit for faster browsing
keepalive_timeout 70;

View file

@ -12,6 +12,8 @@ server {
server_name {{ from }};
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}
@ -29,6 +31,8 @@ server {
server_name {{ from }};
include "/etc/nginx/snippets/syslog.conf";
# SSL common conf
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";

View file

@ -19,6 +19,9 @@ upstream {{ upstream.name }} {
server {
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
include "/etc/nginx/snippets/syslog.conf";
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
server_name _;
@ -50,6 +53,8 @@ server {
# Hide Nginx version
server_tokens off;
include "/etc/nginx/snippets/syslog.conf";
{% for realip in nginx.real_ip_from %}
set_real_ip_from {{ realip }};
{% endfor %}
@ -71,6 +76,8 @@ server {
server_name {{ server.server_name|join(" ") }};
charset utf-8;
include "/etc/nginx/snippets/syslog.conf";
# Hide Nginx version
server_tokens off;
@ -98,6 +105,8 @@ server {
server_name {{ server.server_name|join(" ") }};
charset utf-8;
include "/etc/nginx/snippets/syslog.conf";
# Hide Nginx version
server_tokens off;

View file

@ -0,0 +1,4 @@
{{ ansible_managed | comment }}
access_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=info extended;
error_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=error;

View file

@ -36,6 +36,11 @@ interfaces_type = {
'admin' : ['ens18']
}
log_ignore_v4 = [
'224.0.0.0/24',
'224.0.1.0/24',
'239.0.0.0/8',
]
### Specify nat settings: name, interfaces with range, and global range for nat
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST

View file

@ -33,6 +33,12 @@ interfaces_type = {
'admin' : ['ens19', 'ens20', 'ens23']
}
log_ignore_v4 = [
'224.0.0.0/24',
'224.0.1.0/24',
'239.0.0.0/8',
]
### Specify nat settings: name, interfaces with range, and global range for nat
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
### contain /16 range

View file

@ -11,7 +11,6 @@ iface lo inet loopback
auto ens18
iface ens18 inet static
address 10.129.0.{{ router_hard_ip_suffix }}/16
gateway 10.129.0.1
iface ens18 inet6 static
address 2a09:6840:129::0:{{ router_hard_ip_suffix }}/64

View file

@ -39,7 +39,7 @@ vrrp_instance VI_ROUT_aurore_IPv4 {
10.129.0.254/16 brd 10.129.255.255 dev ens18 scope global
# Adm
10.128.0.254/16 brd 10.129.255.255 dev ens19 scope global
10.128.0.254/16 brd 10.128.255.255 dev ens19 scope global
# Switches
10.130.0.254/16 brd 10.130.255.255 dev ens20 scope global

View file

@ -0,0 +1,7 @@
---
rsyslog_inputs: []
rsyslog_collector_base_dir: /var/log/remote
rsyslog_collector_rotate_path: /usr/local/sbin/rotate_remote_logs
rsyslog_collector_keep_days: 0
rsyslog_collector_compress_days: 1
...

View file

@ -0,0 +1,60 @@
#!/usr/bin/env python3
import argparse
import datetime
import logging
import pathlib
import subprocess
def compress_file(filename):
subprocess.run(["xz", "-z", str(filename)])
def find_files(base_dir, extension, days):
delta = datetime.timedelta(days=days)
now = datetime.datetime.now()
for path in base_dir.rglob(f"*{extension}"):
stem = path.name.removesuffix(extension)
date = datetime.datetime.fromisoformat(stem)
if date < now - delta:
yield path
def compress_logs(base_dir, days):
for path in find_files(base_dir, ".log", days):
logging.info("Compressing log file %s", str(path))
compress_file(path)
def remove_logs(base_dir, days):
for path in find_files(base_dir, ".log.xz", days):
logging.info("Removing log file %s", str(path))
path.unlink()
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--compress-days", type=int, default=0)
parser.add_argument("--keep-days", type=int, default=0)
parser.add_argument(
"--base-dir", type=pathlib.Path, default="/var/log/remote"
)
args = parser.parse_args()
logging.basicConfig(format="%(levelname)s %(message)s", level=logging.INFO)
logging.info("Rotate script started")
if args.compress_days > 0:
compress_logs(args.base_dir, args.compress_days)
if args.keep_days > 0:
remove_logs(args.base_dir, args.keep_days)
logging.info("Rotate script done")
if __name__ == "__main__":
main()

View file

@ -0,0 +1,5 @@
---
- name: Run systemd daemon-reload
systemd:
daemon_reload: true
...

View file

@ -0,0 +1,4 @@
---
dependencies:
- role: rsyslog_common
...

View file

@ -0,0 +1,57 @@
---
- name: Install rsyslog-relp if needed
become: true
apt:
name: rsyslog-relp
state: present
when: "rsyslog_inputs | selectattr('proto', 'eq', 'relp') | list"
- name: Ensure log storage directory exists
become: true
file:
path: "{{ rsyslog_collector_base_dir }}"
state: directory
owner: root
group: adm
mode: u=rwx,g=rwx,o=
- name: Deploy rsyslog input configuration file
become: true
template:
src: 20-collector.conf.j2
dest: /etc/rsyslog.d/20-collector.conf
owner: root
group: root
mode: u=rw,g=r,o=r
notify: Restart rsyslog
- name: Install rotate script
become: true
copy:
src: rotate
dest: "{{ rsyslog_collector_rotate_path }}"
owner: root
group: root
mode: u=rwx,g=rx,o=
- name: Install timer and service for rotate script
become: true
template:
src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}"
owner: root
group: root
mode: u=rw,g=r,o=
loop:
- rotate-remote-logs.timer
- rotate-remote-logs.service
notify:
- Run systemd daemon-reload
- name: Enable timer for log rotation
become: true
systemd:
name: rotate-remote-logs.timer
enabled: true
state: started
...

View file

@ -0,0 +1,54 @@
{{ ansible_managed | comment }}
module(load="mmrm1stspace")
{%
set input_modules = {
"relp": "imrelp",
"udp": "imudp",
}
%}
{%
for module in rsyslog_inputs
| map(attribute="proto")
| map("extract", input_modules)
| list
| unique
%}
module(load="{{ module }}")
{% endfor %}
template(name="incomingFilename" type="list") {
constant(value="{{ rsyslog_collector_base_dir }}/")
property(name="fromhost-ip")
constant(value="/")
property(name="timegenerated" dateFormat="year")
constant(value="-")
property(name="timegenerated" dateFormat="month")
constant(value="-")
property(name="timegenerated" dateFormat="day")
constant(value=".log")
}
ruleset(name="handleIncomingLogs") {
action(type="mmrm1stspace")
action(
type="omfile"
dynaFile="incomingFilename"
template="RSYSLOG_FileFormat"
)
call sendLogsToRemote
}
# TODO: add protocol-specific options (eg. TLS)
{% for input in rsyslog_inputs %}
input(
type="{{ input_modules[input.proto] }}"
{% if "address" in input %}
address="{{ input.address }}"
{% endif %}
port="{{ input.port }}"
ruleset="handleIncomingLogs"
)
{% endfor %}

View file

@ -0,0 +1,12 @@
{{ ansible_managed | comment }}
[Unit]
Description=Rotate remote logs
[Service]
User=root
Type=simple
ExecStart={{ rsyslog_collector_rotate_path }} \
--base-dir {{ rsyslog_collector_base_dir }} \
--compress-days {{ rsyslog_collector_compress_days }} \
--keep-days {{ rsyslog_collector_keep_days }}

View file

@ -0,0 +1,10 @@
{{ ansible_managed | comment }}
[Unit]
Description=Rotate remote logs daily
[Timer]
OnCalendar=daily
[Install]
WantedBy=timers.target

View file

@ -0,0 +1,3 @@
---
rsyslog_outputs: []
...

View file

@ -0,0 +1,13 @@
---
- name: Restart rsyslog
become: true
systemd:
name: rsyslog.service
state: restarted
- name: Restart systemd-journald
become: true
systemd:
name: systemd-journald.service
state: restarted
...

View file

@ -0,0 +1,60 @@
---
- name: Install rsyslog
become: true
apt:
name: rsyslog
state: present
- name: Install rsyslog modules if needed
become: true
apt:
name: "{{ item.pkg }}"
state: present
when: "rsyslog_outputs | selectattr('proto', 'eq', item.proto) | list"
loop:
- proto: relp
pkg: rsyslog-relp
- proto: redis
pkg: rsyslog-hiredis
- name: Deploy main rsyslog configuration
become: true
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: u=rw,g=r,o=r
loop:
- src: rsyslog.conf.j2
dest: /etc/rsyslog.conf
- src: 10-common.conf.j2
dest: /etc/rsyslog.d/10-common.conf
notify: Restart rsyslog
- name: Create journald.conf.d directory
become: true
file:
path: /etc/systemd/journald.conf.d
state: directory
owner: root
group: root
mode: u=rwx,g=rx,o=rx
- name: Deploy journald configuration
become: true
template:
src: forward-syslog.conf.j2
dest: /etc/systemd/journald.conf.d/forward-syslog.conf
owner: root
group: root
mode: u=rw,g=r,o=r
notify: Restart systemd-journald
- name: Enable rsyslog service
become: true
systemd:
name: rsyslog.service
state: started
enabled: true
...

View file

@ -0,0 +1,105 @@
{{ ansible_managed | comment }}
{%
set output_modules = {
"relp": "omrelp",
"udp": "omfwd",
"redis": "omhiredis",
}
%}
global(
workDirectory="/var/spool/rsyslog"
preserveFQDN="on"
)
# Collect logs via /dev/log
module(load="imuxsock")
# Collect kernel logs
module(load="imklog")
# Parse CEE logs
module(load="mmjsonparse")
# Load export modules
{%
for module in rsyslog_outputs
| map(attribute="proto")
| map("extract", output_modules)
| list
| unique
%}
module(load="{{ module }}")
{% endfor %}
# FIXME: Attention, il faut voir si rsyslog arrive bien à créer
# les fichiers de plusieurs jours (le 1er est peut-être crée avant
# de dropper les privilèges, mais les suivants je pense pas).
module(
load="builtin:omfile"
# Format avec dates précises
template="RSYSLOG_FileFormat"
fileOwner="root"
fileGroup="adm"
fileCreateMode="0640"
dirCreateMode="0755"
)
template(name="templateJson" type="list" option.jsonf="on") {
property(outname="hostname_reported" name="hostname" format="jsonf")
property(outname="src" name="fromhost-ip" format="jsonf")
property(outname="facility" name="syslogfacility-text" format="jsonf")
property(outname="program" name="programname" format="jsonf")
property(outname="pid" name="procid" format="jsonf")
property(outname="time_reported" name="timereported" format="jsonf"
dateformat="rfc3339")
property(outname="time_generated" name="timegenerated" format="jsonf"
dateformat="rfc3339")
property(outname="message" name="msg" format="jsonf")
}
ruleset(name="sendLogsToDisk") {
auth,authpriv.* action(type="omfile" file="/var/log/auth.log")
mail.* action(type="omfile" file="/var/log/mail.log" sync="off")
kern.* action(type="omfile" file="/var/log/kern.log")
*.*;auth,authpriv,mail,kern.none action(type="omfile"
file="/var/log/syslog.log" sync="off")
}
# Send logs to remote collector(s)
ruleset(name="sendLogsToRemote") {
{% for output in rsyslog_outputs %}
action(
type="{{ output_modules[output.proto] }}"
{% if output_modules[output.proto] == "omfwd" %}
protocol="{{ output.proto }}"
target="{{ output.address }}"
port="{{ output.port }}"
{% elif output_modules[output.proto] == "omhiredis" %}
server="{{ output.address }}"
serverport="{{ output.port }}"
mode="publish"
key="{{ output.key }}"
template="templateJson"
{% if output.password is defined %}
serverpassword="{{ output.password }}"
{% endif %}
{% elif output_modules[output.proto] == "omrelp" %}
target="{{ output.address }}"
port="{{ output.port }}"
{% endif %}
{% if loop.index > 1 and output.fallback %}
action.execOnlyWhenPreviousIsSuspended="on"
{% endif %}
)
{% endfor %}
}
# Send local logs to files (useful for debugging or if the collector is down)
call sendLogsToDisk
# Send local logs to the remote collector
call sendLogsToRemote

View file

@ -0,0 +1,5 @@
{{ ansible_managed | comment }}
[Journal]
ForwardToSyslog=yes
MaxLevelSyslog=debug

View file

@ -0,0 +1,3 @@
{{ ansible_managed | comment }}
include(file="/etc/rsyslog.d/*.conf")