Merge pull request #3 from modcloth-labs/updates

Adding barman ssh config to make sure it doesn't get prompted for a host key
modcloth · Nov 14, 2014 · 64468d1 · 64468d1
2 parents f0c1a0d + b955f4f
commit 64468d1
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 27 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -15,6 +15,17 @@ barman_maintenance_schedule: '*/30 * * * *' # How often to run `barman cron`
 barman_maintenance_log_file: /var/log/barman/cron.log
 barman_backup_schedule: '0 1 * * *' # How often to run `barman backup all`
 barman_backup_log_file: /var/log/barman/backup.log
+barman_configuration_directory: /etc/barman.d
+barman_ssh_known_hosts_additional: []
+barman_ssh_known_hosts_default:
+- 192.168.*
+- 10.1.*
+- 10.3.*
+- 10.4.*
+- 10.5.*
+- 10.6.*
+- 127.0.0.1
+- 172.17.*
 
 # List of servers to maintain backups for.
 #

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,54 +1,71 @@
 ---
 - name: "create barman user"
   user:
-    name='{{barman_user}}'
-    groups='{{barman_groups}}'
+    name={{ barman_user }}
+    groups={{ barman_groups }}
     state=present
   register: barman_create_barman_user
+
 - name: "create ssh directory"
   file:
-    path='{{barman_create_barman_user.home}}/.ssh'
+    path={{ barman_create_barman_user.home }}/.ssh
     state=directory
-    owner='{{barman_user}}'
-    group='{{barman_user}}'
+    owner={{ barman_user }}
+    group={{ barman_user }}
+
+- name: add ssh config
+  template:
+    dest={{ barman_create_barman_user.home }}/.ssh/config
+    src=ssh_config.j2
+    owner={{ barman_user }}
+    group={{ barman_user }}
+    mode=0600
+
 - name: "add ssh key"
   copy:
-    src='{{barman_ssh_key_file}}'
-    dest='{{barman_create_barman_user.home}}/.ssh/id_rsa'
+    src={{ barman_ssh_key_file }}
+    dest={{ barman_create_barman_user.home }}/.ssh/id_rsa
+
 - name: "add authorized ssh key"
   authorized_key:
-    key='{{barman_archive_pub_key}}'
-    user="{{barman_user}}"
+    key="{{ barman_archive_pub_key }}"
+    user={{ barman_user }}
     state=present
+
 - name: "write barman.conf"
-  template: src=barman.conf.j2 dest=/etc/barman.conf owner='{{barman_user}}'
+  template: src=barman.conf.j2 dest=/etc/barman.conf owner={{ barman_user }}
+
 - name: "create home directory"
   file:
-    path='{{barman_home}}'
+    path={{ barman_home }}
     state=directory
-    owner='{{barman_user}}'
-    group='{{barman_user}}'
+    recurse=yes
+    owner={{ barman_user }}
+    group={{ barman_user }}
+
 - name: "install barman"
   pip: name=barman state=present
+
 - name: "add maintenance job"
   cron:
     name="barman maintenance job"
-    minute={{barman_maintenance_schedule.split()[0]}}
-    hour={{barman_maintenance_schedule.split()[1]}}
-    day={{barman_maintenance_schedule.split()[2]}}
-    month={{barman_maintenance_schedule.split()[3]}}
-    weekday={{barman_maintenance_schedule.split()[4]}}
-    job="date >> {{barman_maintenance_log_file}} && barman cron >> {{barman_maintenance_log_file}} 2>&1"
-    user="{{barman_user}}"
+    minute={{ barman_maintenance_schedule.split()[0] }}
+    hour={{ barman_maintenance_schedule.split()[1] }}
+    day={{ barman_maintenance_schedule.split()[2] }}
+    month={{ barman_maintenance_schedule.split()[3] }}
+    weekday={{ barman_maintenance_schedule.split()[4] }}
+    job="date >> {{ barman_maintenance_log_file }} && barman cron >> {{ barman_maintenance_log_file }} 2>&1"
+    user="{{ barman_user }}"
     state=present
+
 - name: "add backup job"
   cron:
     name="barman backup job"
-    minute={{barman_backup_schedule.split()[0]}}
-    hour={{barman_backup_schedule.split()[1]}}
-    day={{barman_backup_schedule.split()[2]}}
-    month={{barman_backup_schedule.split()[3]}}
-    weekday={{barman_backup_schedule.split()[4]}}
-    job="date >> {{barman_backup_log_file}} && barman backup all >> {{barman_backup_log_file}} 2>&1"
-    user="{{barman_user}}"
+    minute={{ barman_backup_schedule.split()[0] }}
+    hour={{ barman_backup_schedule.split()[1] }}
+    day={{ barman_backup_schedule.split()[2] }}
+    month={{ barman_backup_schedule.split()[3] }}
+    weekday={{ barman_backup_schedule.split()[4] }}
+    job="date >> {{ barman_backup_log_file }} && barman backup all >> {{ barman_backup_log_file }} 2>&1"
+    user="{{ barman_user }}"
     state=present
diff --git a/templates/barman.conf.j2 b/templates/barman.conf.j2
@@ -6,6 +6,7 @@ barman_user = {{barman_user}}
 log_file = {{barman_log_file}}
 log_level = {{barman_log_level}}
 compression = {{barman_compression}}
+configuration_files_directory = {{barman_configuration_directory}}
 
 {% for server in barman_upstreams %}
 [{{server.name}}]
@@ -14,6 +15,7 @@ ssh_command = ssh {{server.ssh_user | default('postgres')}}@{{server.hostname}}
 conninfo = "user={{server.postgres_user | default('postgres')}} host={{server.hostname}} password={{server.postgres_password | default('postgres')}}"
 retention_policy_mode = "auto"
 retention_policy = "{{server.retention_policy | default('recovery window of 1 day')}}"
+wal_retention_policy = "main"
 {% endfor %}
 
 ; vim:filetype=dosini
diff --git a/templates/ssh_config.j2 b/templates/ssh_config.j2
@@ -0,0 +1,14 @@
+# {{ ansible_managed }}
+# vim:ft=jinja
+
+{% for host in barman_ssh_known_hosts_default %}
+Host {{ host }}
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+{% endfor %}
+
+{% for host in barman_ssh_known_hosts_additional %}
+Host {{ host }}
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+{% endfor %}