add IPA cron playbook
This commit is contained in:
Louis Abel
parent
a2fe01cb03
commit
d0e462f97d
GPG Key ID:
3331F061D1D9990E
29
files/root/cron/ipa
Normal file
29
files/root/cron/ipa
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
PATH=/root/.local/bin:/root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
|
||||||
|
|
||||||
|
# IPA should be running. If a service is broken or down, status
|
||||||
|
# will report at least 3
|
||||||
|
ipactl status > /dev/null 2>&1
|
||||||
|
ret_val=$?
|
||||||
|
|
||||||
|
if [ "$ret_val" -ne 0 ]; then
|
||||||
|
echo "IPA SERVER IS NOT UP"
|
||||||
|
exit 20
|
||||||
|
fi
|
||||||
|
|
||||||
|
# clean up first
|
||||||
|
if [ -d /var/lib/ipa/backup ]; then
|
||||||
|
touch /var/lib/ipa/backup
|
||||||
|
find /var/lib/ipa/backup -type d -name "ipa-full*" -mtime +14 -exec rm -rf {} +
|
||||||
|
fi
|
||||||
|
|
||||||
|
ipa-backup > /dev/null 2>&1
|
||||||
|
backup_val=$?
|
||||||
|
|
||||||
|
FROM="FreeIPA Server Node $(hostname -s) <identitymanagement@rockylinux.org>"
|
||||||
|
if [ "$backup_val" -ne 0 ]; then
|
||||||
|
echo "IPA Backup Failed on $(hostname)" | mutt -e "set from=\"$FROM\"" \
|
||||||
|
-e 'set envelope_from=yes' \
|
||||||
|
-s "IPA Backup Failed" \
|
||||||
|
infrastructure@rockylinux.org
|
||||||
|
fi
|
||||||
47
init-rocky-ipa-cron.yml
Normal file
47
init-rocky-ipa-cron.yml
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
---
|
||||||
|
- name: Configure IPA Crons
|
||||||
|
hosts: ipaserver:ipareplicas
|
||||||
|
become: true
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
- import_tasks: handlers/main.yml
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: Check if ansible cannot be run here
|
||||||
|
stat:
|
||||||
|
path: /etc/no-ansible
|
||||||
|
register: no_ansible
|
||||||
|
|
||||||
|
- name: Verify if we can run ansible
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- "not no_ansible.stat.exists"
|
||||||
|
success_msg: "We are not able to run on this node"
|
||||||
|
fail_msg: "/etc/no-ansible exists - skipping run on this node"
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Create cron directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /root/cron
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
|
- name: Deploy cron scripts
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "{{ item }}"
|
||||||
|
dest: "/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
with_items:
|
||||||
|
- 'root/cron/ipa'
|
||||||
|
|
||||||
|
post_tasks:
|
||||||
|
- name: Touching run file that ansible has ran here
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /var/log/ansible.run
|
||||||
|
state: touch
|
||||||
|
mode: '0644'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
...
|
||||||
Loading…
Reference in New Issue
Block a user