diff --git a/backup_postgresql.yml b/backup_postgresql.yml new file mode 100644 index 0000000..dc87313 --- /dev/null +++ b/backup_postgresql.yml @@ -0,0 +1,37 @@ +--- + - name: Backup PostgreSQL and set up cron job + hosts: postgres_servers + become: true + + vars: + backup_dir: "/var/backups/postgresql" + + tasks: + - name: Ensure backup directory exists + file: + path: "{{ backup_dir }}" + state: directory + owner: postgres + group: postgres + mode: '0755' + + - name: Perform PostgreSQL database backup + become_user: postgres + command: > + pg_dump -U {{ postgres_user }} + -F c + -f "{{ backup_dir }}/db_backup_{{ postgres_db }}_{{ ansible_date_time.iso8601 }}.sql" + {{ postgres_db }} + environment: + PGPASSWORD: "{{ postgres_password }}" + + - name: Create cron job for hourly PostgreSQL backup + cron: + name: "PostgreSQL hourly backup" + user: postgres + minute: "0" + hour: "*" + job: 'pg_dump -U {{ postgres_user }} -F c {{ postgres_db }} > {{ backup_dir }}/db_backup_{{ postgres_db }}_$(date +\%F-\%H-\%M).sql' + environment: + PGPASSWORD: "{{ postgres_password }}" + \ No newline at end of file diff --git a/install_postgresql.yml b/install_postgresql.yml index 324e617..080459d 100644 --- a/install_postgresql.yml +++ b/install_postgresql.yml @@ -1,87 +1,88 @@ --- -- name: Install PostgreSQL on openSUSE Leap - hosts: postgres_servers - become: yes - vars: - postgres_user: "{{ postgres_user }}" - postgres_password: "{{ postgres_password }}" - postgres_db: "{{ postgres_db }}" - tasks: - - - name: Update zypper - command: zypper refresh - register: zypper_refresh - changed_when: "'Refreshing' in zypper_refresh.stdout" - - - name: Update System - zypper: - name: '*' - state: latest - when: zypper_refresh.changed - - - name: Update PostgreSQL package - zypper: - name: - - postgresql-server - - postgresql-contrib - state: present - - - name: PostgreSQL initdb - command: sudo -u postgres initdb -D /var/lib/pgsql/data - args: - creates: /var/lib/pgsql/data/PG_VERSION - - - name: Systemctl start and enable PostgreSQL - service: - name: postgresql - state: started - enabled: yes - - - name: python3-psycopg2 install - zypper: - name: python3-psycopg2 - state: present - - - name: Change listen_addresses in postgresql.conf - lineinfile: - path: /var/lib/pgsql/data/postgresql.conf - regexp: '^#?listen_addresses\s*=' - line: "listen_addresses = '*'" - notify: Restart PostgreSQL - - - name: Change pg_hba.conf - lineinfile: - path: /var/lib/pgsql/data/pg_hba.conf - regexp: '^host\s+all\s+all\s+0\.0\.0\.0/0\s+md5' - line: "host all all 0.0.0.0/0 md5" - notify: Restart PostgreSQL - - - name: Create User PostgreSQL - community.postgresql.postgresql_user: - name: "{{ postgres_user }}" - password: "{{ postgres_password }}" - state: present - - - name: Create Base PostgreSQL - community.postgresql.postgresql_db: - name: "{{ postgres_db }}" - owner: "{{ postgres_user }}" - encoding: UTF8 - state: present - - - name: Create table "contacts" - community.postgresql.postgresql_query: - db: "{{ postgres_db }}" - query: | - CREATE TABLE IF NOT EXISTS contacts ( - имя VARCHAR(100), - телефон VARCHAR(20) - ); - login_user: "{{ postgres_user }}" - login_password: "{{ postgres_password }}" - - handlers: - - name: Restart PostgreSQL - service: - name: postgresql - state: restarted + - name: Install PostgreSQL on openSUSE Leap + hosts: postgres_servers + become: yes + vars: + postgres_user: "{{ postgres_user }}" + postgres_password: "{{ postgres_password }}" + postgres_db: "{{ postgres_db }}" + + tasks: + + - name: Update zypper + command: zypper refresh + register: zypper_refresh + changed_when: "'Refreshing' in zypper_refresh.stdout" + + - name: Update System + zypper: + name: '*' + state: latest + when: zypper_refresh.changed + + - name: Update PostgreSQL package + zypper: + name: + - postgresql-server + - postgresql-contrib + state: present + + - name: PostgreSQL initdb + command: sudo -u postgres initdb -D /var/lib/pgsql/data + args: + creates: /var/lib/pgsql/data/PG_VERSION + + - name: Systemctl start and enable PostgreSQL + service: + name: postgresql + state: started + enabled: yes + + - name: python3-psycopg2 install + zypper: + name: python3-psycopg2 + state: present + + - name: Change listen_addresses in postgresql.conf + lineinfile: + path: /var/lib/pgsql/data/postgresql.conf + regexp: '^#?listen_addresses\s*=' + line: "listen_addresses = '*'" + notify: Restart PostgreSQL + + - name: Change pg_hba.conf + lineinfile: + path: /var/lib/pgsql/data/pg_hba.conf + regexp: '^host\s+all\s+all\s+0\.0\.0\.0/0\s+md5' + line: "host all all 0.0.0.0/0 md5" + notify: Restart PostgreSQL + + - name: Create User PostgreSQL + community.postgresql.postgresql_user: + name: "{{ postgres_user }}" + password: "{{ postgres_password }}" + state: present + + - name: Create Base PostgreSQL + community.postgresql.postgresql_db: + name: "{{ postgres_db }}" + owner: "{{ postgres_user }}" + encoding: UTF8 + state: present + + + - name: Открыть порт PostgreSQL 5432 в файрволе + command: firewall-cmd --add-port=5432/tcp --permanent + become: yes + + + - name: Перезагрузить файрвол для применения изменений + command: firewall-cmd --reload + become: yes + + handlers: + - name: Restart PostgreSQL + service: + name: postgresql + state: restarted + \ No newline at end of file diff --git a/pipeline.groovy b/pipeline.groovy index 861c189..490340f 100644 --- a/pipeline.groovy +++ b/pipeline.groovy @@ -2,37 +2,54 @@ pipeline { agent any parameters { - string(name: 'TARGET_IP', defaultValue: '192.168.0.72', description: 'IP адрес машины для установки PostgreSQL') - string(name: 'DB_USER', defaultValue: 'myuser', description: 'Имя пользователя для базы данных PostgreSQL') - string(name: 'DB_NAME', defaultValue: 'mydatabase', description: 'Имя базы данных PostgreSQL') + string(name: 'TARGET_IP', defaultValue: '192.168.0.72') + string(name: 'DB_USER', defaultValue: 'myuser') + string(name: 'DB_NAME', defaultValue: 'mydatabase') + string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql') } environment { - ANSIBLE_HOST_KEY_CHECKING = 'False' + ANSIBLE_HOST_KEY_CHECKING = 'False' } stages { - stage('Run Ansible Playbook') { + stage('Install PostgreSQL') { steps { - withCredentials([usernamePassword(credentialsId: 'postgres_password_credential', usernameVariable: 'SSH_USER', passwordVariable: 'POSTGRES_PASSWORD'), - usernamePassword(credentialsId: 'sqlpass', usernameVariable: 'SQL_USER', passwordVariable: 'SQL_PASSWORD')]) { + withCredentials([usernamePassword(credentialsId: 'postgres_password_credential', usernameVariable: 'SSH_USER', passwordVariable: 'POSTGRES_PASSWORD')]) { script { writeFile file: '/ansiblesql/hosts.ini', text: """ [postgres_servers] ${params.TARGET_IP} ansible_user=${SSH_USER} ansible_ssh_pass=${POSTGRES_PASSWORD} ansible_connection=ssh """ - + sh """ - ansible-playbook -i /ansiblesql/hosts.ini /ansiblesql/install_postgresql.yml \ - -e postgres_user=${params.DB_USER} \ - -e postgres_password=${SQL_PASSWORD} \ + ansible-playbook -i /ansiblesql/hosts.ini /ansiblesql/install_postgresql.yml \\ + -e postgres_user=${params.DB_USER} \\ + -e postgres_password=${POSTGRES_PASSWORD} \\ -e postgres_db=${params.DB_NAME} """ } } } } + + stage('Setup PostgreSQL Backup with Cron') { + steps { + withCredentials([usernamePassword(credentialsId: 'postgres_password_credential', usernameVariable: 'SSH_USER', passwordVariable: 'POSTGRES_PASSWORD')]) { + script { + + sh """ + ansible-playbook -i /ansiblesql/hosts.ini /ansiblesql/backup_postgresql.yml \\ + -e postgres_user=${params.DB_USER} \\ + -e postgres_password=${POSTGRES_PASSWORD} \\ + -e postgres_db=${params.DB_NAME} \\ + -e backup_dir=${params.BACKUP_DIR} + """ + } + } + } + } } }