rm old service

stereodon + upload file x cicles, gancio e mastodon
aggiunto reverse per cal e rss
2022-11-03 10:47:15 +01:00 · 2022-03-27 23:48:17 +02:00 · 2022-03-27 19:18:39 +02:00 · 2022-03-26 18:37:11 +01:00 · 2022-03-26 18:21:41 +01:00 · 2022-03-11 10:03:45 +01:00
7 changed files with 86 additions and 12 deletions
--- a/backup.yml
+++ b/backup.yml
@ -1,9 +1,19 @@
 ---
-## FRONTEND
- name: Test backup
+- name: Mastodon backup
  hosts: mastodon
  roles: ['stable/restic']
  vars:
+    restic_dump_compression_enabled: true
    restic_databases:
-      - {name: 'mastodon', dump_command: sudo -Hiu postgres pg_dump -Fc mastodon}
-    restic_folders: ['/var/lib/redis/dump.rdb','/home/mastodon/live/.env.production']
+      - {name: 'mastodon', dump_command: sudo -Hiu postgres pg_dump -Z0 -Fc mastodon}
+    restic_folders: ['/var/lib/redis/dump.rdb','/home/mastodon/live/.env.production']
+
+- name: Stereodon Backup
+  hosts: stereodon
+  roles: ['stable/restic']
+  vars:
+    restic_dump_compression_enabled: true
+    restic_databases:
+      - {name: 'stereodon', dump_command: sudo -Hiu postgres pg_dump -Z0 -Fc mastodon}
+    restic_folders: ['/var/lib/redis/dump.rdb','/home/mastodon/live/.env.production']
+
--- a/frontend.yml
+++ b/frontend.yml
@ -0,0 +1,7 @@
+---
+## FRONTEND
+- name: Frontend
+  hosts: frontend2
+  roles: ['stable/common', 'stable/nginx']
+  vars_files: vars/frontend.yml
+  tags: frontend
--- a/infra.yml
+++ b/infra.yml
@ -1,7 +1,7 @@
 ---
 ## FRONTEND
 - name: Frontend
-  hosts: frontend
+  hosts: frontend2
  roles: ['stable/common', 'stable/nginx']
  vars_files: vars/frontend.yml
  tags: frontend
--- a/inventory.yml
+++ b/inventory.yml
@ -13,12 +13,18 @@ cicles:
 mastodon:
  hosts: cisti.mastodon

+stereodon:
+  hosts: cisti.stereodon
+
 farma:
  hosts: cisti.farma

 frontend:
  hosts: cisti.frontend

+frontend2:
+  hosts: cisti.frontend2
+
 radicale:
  hosts: cisti.cal

--- a/roles/stable/nginx/tasks/certbot.yml
+++ b/roles/stable/nginx/tasks/certbot.yml
@ -17,7 +17,7 @@

 - name: Generate certificate if needed
  become: yes
-  command: /snap/bin/certbot --nginx --non-interactive --agree-tos
+  command: /snap/bin/certbot --nginx --non-interactive --agree-tos --expand
      --domains {{ fpm_services | items2dict(key_name='server_name', value_name='server_name') | join(',') }}
        {{ reverse_services | items2dict(key_name='server_name', value_name='server_name') | join(',') }}
      --email {{certbot_email}}
--- a/roles/stable/restic/templates/restic-backup.service.j2
+++ b/roles/stable/restic/templates/restic-backup.service.j2
@ -7,6 +7,10 @@ User={{ restic_user }}

 CPUQuota={{ 25 * ansible_processor_vcpus }}%

+Nice=19
+IOSchedulingClass=best-effort
+IOSchedulingPriority=7
+
 {% if restic_ssh_enabled %}
 Environment="RESTIC_REPOSITORY=sftp:{{ restic_ssh_host }}:{{ restic_repository_name }}"
 {% else %}
@ -28,7 +32,7 @@ ExecStart={{ restic_path }} backup --verbose {{ folder }}
 {% endfor -%}

 {% for database in restic_databases %}
-ExecStart=/bin/sh -c "{{ database.dump_command }} {{ '| pigz |' if restic_dump_compression_enabled else '|' }} {{ restic_path }} backup --verbose --stdin --stdin-filename {{ database.name }}{{ '.sql.gz' if restic_dump_compression_enabled else '.sql' }}"
+ExecStart=/bin/sh -c "{{ database.dump_command }} {{ '| pigz --rsyncable |' if restic_dump_compression_enabled else '|' }} {{ restic_path }} backup --verbose --stdin --stdin-filename {{ database.name }}{{ '.sql.gz' if restic_dump_compression_enabled else '.sql' }}"
 {% endfor -%}

 {% if restic_forget %}
--- a/vars/frontend.yml
+++ b/vars/frontend.yml
@ -1,10 +1,57 @@
 ---
 with_certbot: true
 certbot_email: info@cisti.org
-servers:
-  - cicles:
-    server_name: antani.cisti.org
-    proxy_pass: http://localhost:8001
+reverse_services:
+  - pad:
+    server_name: pad.cisti.org
+    proxy_pass: http://192.168.200.12:8001
+  
+  - gancio:
+    server_name: gancio.cisti.org
+    proxy_pass: http://192.168.200.14:13120
    custom_config: |
      sendfile             on;
-      client_max_body_size 500m;
+      client_max_body_size 10m;
+
+  - mastodon:
+    server_name: mastodon.cisti.org
+    proxy_pass: http://192.168.200.13:80
+    custom_config: |
+      sendfile             on;
+      client_max_body_size 10m;
+
+  - stereodon:
+    server_name: stereodon.social
+    proxy_pass: http://192.168.200.18:80
+    custom_config: |
+      sendfile             on;
+      client_max_body_size 10m;
+
+  - cicles:
+    server_name: cicles.cisti.org
+    proxy_pass: http://192.168.200.15:8080
+    custom_config: |
+      sendfile             on;
+      client_max_body_size 1000m;
+
+
+  ## WEB STATICO
+  - cisti:
+    server_name: cisti.org
+    proxy_pass: http://192.168.200.10
+  
+  - facciamo:
+    server_name: facciamo.cisti.org
+    proxy_pass: http://192.168.200.10
+
+  - farma:
+    server_name: farma.cisti.org
+    proxy_pass: http://192.168.200.10
+
+  - hackrocchio:
+    server_name: hackrocchio.org
+    proxy_pass: http://192.168.200.10
+
+  - autogestione:
+    server_name: autogestione.social
+    proxy_pass: http://192.168.200.10
Author	SHA1	Message	Date
gibix	a201969120	rm old service	2022-11-03 10:47:15 +01:00
lesion	f06f8c1ab4	stereodon + upload file x cicles, gancio e mastodon	2022-03-27 23:48:17 +02:00
gibix	cf6d393af1	aggiunto reverse per cal e rss	2022-03-27 19:18:39 +02:00
lesion	93175038b6	cicles, hackrocchio, autogestione	2022-03-26 18:37:11 +01:00
lesion	28a0d5e356	madonnadiddio	2022-03-26 18:21:41 +01:00
lesion	b2a32a8b9e	add restic to stereodon, using rsyncable pigz	2022-03-11 10:03:45 +01:00
lesion	b42edb434f	nice and ionice to restic backup	2022-02-24 14:36:45 +01:00