Unverified Commit 341ee518 authored by Pierre-Louis Bonicoli's avatar Pierre-Louis Bonicoli 🏗
Browse files

Remove non-breaking spaces

parent 4e768af7
......@@ -64,7 +64,7 @@ Configuration dicts:
```yaml
burp:
dir: '{{ burp_rootdir }}' # Root directory. 'burp-{{ burp-name }}' unix user must be able to access
dir: '{{ burp_rootdir }}' # Root directory. 'burp-{{ burp-name }}' unix user must be able to access
# this directory.
name*: mails
port*: 4971
......
......@@ -21,7 +21,7 @@
changed_when: false
check_mode: no
register: server_subject
delegate_to: '{{ burp_clients._server }}'
delegate_to: '{{ burp_clients._server }}'
- name: 'Handle clients: ''{{ burp_clients.keys()|reject("equalto", "_server")|join(", ") }}'''
include_tasks: client_common_conf.yml
......
- vars:
owner: &owner
owner: '{{ client.key }}'
owner: '{{ client.key }}'
group: '{{ client.value.group|default(client.key) }}'
perm: &perm-read-all
<<: *owner
......@@ -54,7 +54,7 @@
owner: 'burp-{{ burp.name }}'
group: 'burp-{{ burp.name }}'
notify: 'reload burp service on server'
delegate_to: '{{ burp_clients._server }}'
delegate_to: '{{ burp_clients._server }}'
# One client is able to have many client configurations:
......@@ -68,7 +68,7 @@
- include: client_specific_conf_from_file.yml
# FIXME: one client is able to define only one configuration using YAML file
# TODO: username should not be key OR use add one level in backups dict
with_fileglob: 'burp/{{ burp_clients._server }}_{{ inventory_hostname }}_{{ client.key }}_*.yml'
with_fileglob: 'burp/{{ burp_clients._server }}_{{ inventory_hostname }}_{{ client.key }}_*.yml'
loop_control: { loop_var: 'backup_conf_path' }
when: '"backups" not in client.value'
......
......@@ -34,14 +34,14 @@
burp_client_version: '{{ burp_version.stdout.strip().split("-")[-1] }}'
template:
src: client.conf
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.conf'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.conf'
<<: *perm-read-all
# Create and include an empty file in order to allow other roles to set notify_success_script or notify_failure_script
- name: Create BURP client notify configuration
copy:
content: ''
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_notify.conf'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_notify.conf'
force: no
<<: *perm-secret
......@@ -53,22 +53,22 @@
- name: Render script to run before a backup
template:
src: '{{ backup.value.script_pre }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_pre.sh'
src: '{{ backup.value.script_pre }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_pre.sh'
<<: *perm-script
when: backup.value.script_pre is defined
- name: 'Render script to run after a backup'
template:
src: '{{ backup.value.script_post }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_post.sh'
src: '{{ backup.value.script_post }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}_post.sh'
<<: *perm-script
when: backup.value.script_post is defined
- name: Render script to run before and after a backup
template:
src: '{{ backup.value.script }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.sh'
src: '{{ backup.value.script }}'
dest: '/etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.sh'
<<: *perm-script
when: backup.value.script is defined
......@@ -77,14 +77,14 @@
block:
- name: 'Check timezone of the client'
assert:
that: '{{ ansible_date_time.tz == cron.TZ }}'
msg: 'Client timezone is {{ ansible_date_time.tz }}, expected timezone: {{ cron.TZ }}'
that: '{{ ansible_date_time.tz == cron.TZ }}'
msg: 'Client timezone is {{ ansible_date_time.tz }}, expected timezone: {{ cron.TZ }}'
when: "'TZ' in cron"
- name: 'Generate cron configuration'
template:
src: 'cron'
dest: '/etc/cron.d/burp-{{ burp.name }}-{{ backup.key }}'
dest: '/etc/cron.d/burp-{{ burp.name }}-{{ backup.key }}'
mode: '0444'
owner: 'root'
group: 'root'
......@@ -101,7 +101,7 @@
<<: *notify
template:
src: '{{ client.value.burp_template|default(burp_template) }}'
dest: '/etc/burp/{{ burp.name }}/clientconfdir/{{ burp_client_common_name }}-{{ backup.key }}'
dest: '/etc/burp/{{ burp.name }}/clientconfdir/{{ burp_client_common_name }}-{{ backup.key }}'
mode: 0444
<<: *owner_server
......@@ -114,8 +114,8 @@
# vars:
# timer: "{{ backup.value.timer if backup.value.timer is defined else hostvars[inventory_hostname]['timer_' + backup.key] }}"
# assert:
# that: "{{ hostvars[burp_clients._server]['ansible_date_time']['tz'] == timer.TZ }}"
# msg: "Server timezone is {{ hostvars[burp_clients._server]['ansible_date_time']['tz'] }}, expected timezone: {{ timer.TZ }}"
# that: "{{ hostvars[burp_clients._server]['ansible_date_time']['tz'] == timer.TZ }}"
# msg: "Server timezone is {{ hostvars[burp_clients._server]['ansible_date_time']['tz'] }}, expected timezone: {{ timer.TZ }}"
- name: 'Create BURP spool directory'
file:
......@@ -123,4 +123,4 @@
state: directory
mode: 0700
<<: *owner_server
delegate_to: '{{ burp_clients._server }}'
delegate_to: '{{ burp_clients._server }}'
......@@ -5,7 +5,7 @@
- openssl # openssl command is used in this playbook
cache_valid_time: 86400
- include_tasks: '{{ ansible_service_mgr }}/rsyslog_status.yml'
- include_tasks: '{{ ansible_service_mgr }}/rsyslog_status.yml'
- name: Configure rsyslog
template:
......
......@@ -103,4 +103,4 @@
include: 'server_workaround_#532.yml'
when: ansible_os_family == 'Debian'
- include_tasks: '{{ ansible_service_mgr }}/enable_burp.yml'
- include_tasks: '{{ ansible_service_mgr }}/enable_burp.yml'
......@@ -7,9 +7,9 @@
mode: 0440
register: systemd_template
- name: 'Enable burp@{{ burp.name }}.service'
- name: 'Enable burp@{{ burp.name }}.service'
systemd:
name: 'burp@{{ burp.name }}.service'
name: 'burp@{{ burp.name }}.service'
daemon_reload: '{{ (systemd_template is changed)|ternary("yes", "no") }}'
enabled: yes
state: started
#jinja2: lstrip_blocks: "true"
# {{ ansible_managed }}
# {{ ansible_managed }}
{% set backup_name = backup.key %}
{% set backup = backup.value %}
......@@ -12,14 +12,14 @@ syslog = 1
{% endif %}
server = {{ burp_server_common_name }}
port = {{ burp.port }}
cname = {{ burp_client_common_name }}-{{ backup_name }}
cname = {{ burp_client_common_name }}-{{ backup_name }}
ssl_peer_cn = {{ burp_server_common_name }}
. {{ burp_clients._server }}-{{ burp_client_common_name }}.key.conf
ssl_cert = /etc/burp/{{ burp.name }}/{{ client.ssl.cert | basename }}
ssl_key = /etc/burp/{{ burp.name }}/{{ client.ssl.key | basename }}
ssl_cert_ca = /etc/burp/{{ burp.name }}/ca.crt
#ssl_ciphers = AES128-SHA
lockfile = /etc/burp/{{ burp.name }}/lockfiles/{{ user }}/{{ burp_client_common_name }}-{{ backup_name }}.lockfile
lockfile = /etc/burp/{{ burp.name }}/lockfiles/{{ user }}/{{ burp_client_common_name }}-{{ backup_name }}.lockfile
{% if burp_client_version is version("2.0.18", ">=") %}
{# backup_script_reserved_args was added in 2.0.18 #}
......@@ -27,26 +27,26 @@ backup_script_reserved_args = 0
{% endif %}
{% if backup.script_pre is defined %}
backup_script_pre = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_pre.sh
backup_script_pre = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_pre.sh
{% for arg in backup.script_pre_args|default([]) %}
backup_script_pre_arg = {{ arg }}
{% endfor %}
{% endif %}
{% if backup.script_post is defined %}
backup_script_post = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_post.sh
backup_script_post = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_post.sh
{% for arg in backup.script_post_args|default([]) %}
backup_script_post_arg = {{ arg }}
{% endfor %}
{% endif %}
{% if backup.script is defined %}
backup_script = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}.sh
backup_script = /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}.sh
{% for arg in backup.script_args|default([]) %}
backup_script_arg = {{ arg }}
{% endfor %}
{% endif %}
# Allow other roles to set notify_success_script or notify_failure_script.
. {{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_notify.conf
. {{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup_name }}_notify.conf
# Paths are defined in server configuration
......
#jinja2: lstrip_blocks: "true"
MAILTO=""
# {{ ansible_managed }}
# {{ ansible_managed }}
# BURP {{ burp.name }} - {{ backup.key }}
{{ cron.minute|default("*") }} {{ cron.hour|default("*") }} {{ cron.day|default("*") }} {{ cron.month|default("*") }} {{ cron.weekday|default("*") }} {{ client.key }} [ -x /usr/sbin/burp ] && /usr/sbin/burp -a t -c /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.conf
{{ cron.minute|default("*") }} {{ cron.hour|default("*") }} {{ cron.day|default("*") }} {{ cron.month|default("*") }} {{ cron.weekday|default("*") }} {{ client.key }} [ -x /usr/sbin/burp ] && /usr/sbin/burp -a t -c /etc/burp/{{ burp.name }}/{{ burp_clients._server }}-{{ burp_client_common_name }}-{{ backup.key }}.conf
#jinja2: lstrip_blocks: "true"
# {{ ansible_managed }}
# {{ ansible_managed }}
/var/log/burp-{{ type }}.log {
daily
......
#jinja2: lstrip_blocks: "true"
# {{ ansible_managed }}
# {{ ansible_managed }}
# minus before file => omit syncing the file after every loggin
# & stop => don't transmist log to next logger
......
#jinja2: lstrip_blocks: "true"
{# jinja2 header could be usefull when the template is directly (not inherited) rendered #}
# {{ ansible_managed }}
{# jinja2 header could be usefull when the template is directly (not inherited) rendered #}
# {{ ansible_managed }}
{% set client = client.value %}
{% set backup_name = backup.key %}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment