From 8c7d2b020ac7b00a86393c74f80aaf40c0953d9a Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik <37010174+vitabaks@users.noreply.github.com> Date: Thu, 18 Jul 2024 14:40:11 +0300 Subject: [PATCH] pgBackRest: Ensure directories exist with correct permissions (#704) --- roles/pgbackrest/stanza-create/tasks/main.yml | 4 +- roles/pgbackrest/tasks/main.yml | 59 +++++++++++++++++-- 2 files changed, 57 insertions(+), 6 deletions(-) diff --git a/roles/pgbackrest/stanza-create/tasks/main.yml b/roles/pgbackrest/stanza-create/tasks/main.yml index 9b508888c..334393eda 100644 --- a/roles/pgbackrest/stanza-create/tasks/main.yml +++ b/roles/pgbackrest/stanza-create/tasks/main.yml @@ -12,7 +12,7 @@ state: directory owner: postgres group: postgres - mode: "0755" + mode: "0750" when: repo1_path | length > 0 - name: Create stanza "{{ pgbackrest_stanza }}" @@ -47,7 +47,7 @@ state: directory owner: "{{ pgbackrest_repo_user }}" group: "{{ pgbackrest_repo_user }}" - mode: "0755" + mode: "0750" when: repo1_path | length > 0 - name: Create stanza "{{ pgbackrest_stanza }}" diff --git a/roles/pgbackrest/tasks/main.yml b/roles/pgbackrest/tasks/main.yml index 90a014e6b..e6f2e01e2 100644 --- a/roles/pgbackrest/tasks/main.yml +++ b/roles/pgbackrest/tasks/main.yml @@ -106,7 +106,31 @@ tags: pgbackrest, pgbackrest_install - block: - - name: Ensure spool directory exist + - name: Ensure log directory exists + ansible.builtin.file: + path: "{{ item.value }}" + state: directory + owner: postgres + group: postgres + mode: "0755" + loop: "{{ pgbackrest_conf.global }}" + when: item.option == 'log-path' + loop_control: + label: "{{ item.value }}" + + - name: Ensure repo directory exists + ansible.builtin.file: + path: "{{ item.value }}" + state: directory + owner: postgres + group: postgres + mode: "0750" + loop: "{{ pgbackrest_conf.global }}" + when: item.option == 'repo1-path' and pgbackrest_repo_host | length < 1 + loop_control: + label: "{{ item.value }}" + + - name: Ensure spool directory exists ansible.builtin.file: path: "{{ item.value }}" state: directory @@ -118,12 +142,13 @@ loop_control: label: "{{ item.value }}" - - name: Ensure config directory exist + - name: Ensure config directory exists ansible.builtin.file: path: "{{ pgbackrest_conf_file | dirname }}" state: directory owner: postgres group: postgres + mode: "0750" - name: "Generate conf file {{ pgbackrest_conf_file }}" ansible.builtin.template: @@ -137,19 +162,45 @@ # Dedicated pgbackrest server (if "repo_host" is set) - block: - - name: Ensure config directory exist + - name: Ensure log directory exists + ansible.builtin.file: + path: "{{ item.value }}" + state: directory + owner: "{{ pgbackrest_repo_user }}" + group: "{{ pgbackrest_repo_user }}" + mode: "0755" + loop: "{{ pgbackrest_server_conf.global }}" + when: item.option == 'log-path' + loop_control: + label: "{{ item.value }}" + + - name: Ensure repo directory exists + ansible.builtin.file: + path: "{{ item.value }}" + state: directory + owner: "{{ pgbackrest_repo_user }}" + group: "{{ pgbackrest_repo_user }}" + mode: "0750" + loop: "{{ pgbackrest_server_conf.global }}" + when: item.option == 'repo1-path' + loop_control: + label: "{{ item.value }}" + + - name: Ensure config directory exists ansible.builtin.file: path: "{{ pgbackrest_conf_file | dirname }}" state: directory owner: "{{ pgbackrest_repo_user }}" group: "{{ pgbackrest_repo_user }}" + mode: "0750" - - name: Ensure stanza config directory exist + - name: Ensure stanza config directory exists ansible.builtin.file: path: "{{ pgbackrest_conf_file | dirname }}/conf.d" state: directory owner: "{{ pgbackrest_repo_user }}" group: "{{ pgbackrest_repo_user }}" + mode: "0750" - name: "Generate global conf file {{ pgbackrest_conf_file }}" ansible.builtin.template: