From c7e5a1ef63833a00add820aa58f6c6d0bc72a551 Mon Sep 17 00:00:00 2001 From: Jihan El Karz Date: Thu, 5 Mar 2026 11:44:47 +0100 Subject: [PATCH] refactor(roles): backups for config-templates --- CONTRIBUTING.rst | 1 + roles/apache_httpd/tasks/confs.yml | 1 + roles/apache_tomcat/tasks/main.yml | 10 ++++++++++ roles/audit/tasks/main.yml | 1 + roles/bind/tasks/main.yml | 3 +++ roles/borg_local/tasks/main.yml | 2 ++ roles/chrony/tasks/main.yml | 1 + roles/clamav/tasks/main.yml | 7 +++++++ roles/collabora/tasks/main.yml | 2 ++ roles/coturn/tasks/main.yml | 1 + roles/crypto_policy/tasks/main.yml | 1 + roles/docker/tasks/main.yml | 1 + roles/duplicity/tasks/main.yml | 4 ++++ roles/fail2ban/tasks/main.yml | 4 ++++ roles/fangfrisch/tasks/main.yml | 1 + roles/github_project_createrepo/tasks/main.yml | 1 + roles/gitlab_ce/tasks/main.yml | 1 + roles/glpi_agent/tasks/main.yml | 1 + roles/grafana/tasks/main.yml | 4 ++++ roles/graylog_datanode/tasks/main.yml | 2 ++ roles/graylog_server/tasks/main.yml | 2 ++ roles/icinga2_agent/tasks/RedHat.yml | 1 + roles/icinga2_master/tasks/RedHat.yml | 1 + roles/icinga2_master/tasks/main.yml | 3 +++ roles/icinga_kubernetes/tasks/main.yml | 2 ++ roles/icinga_kubernetes_web/tasks/main.yml | 1 + roles/icingadb/tasks/main.yml | 3 +++ roles/icingadb_web/tasks/main.yml | 1 + roles/icingaweb2/tasks/main.yml | 12 ++++++++++-- roles/icingaweb2_module_director/tasks/main.yml | 1 + roles/icingaweb2_module_grafana/tasks/main.yml | 1 + roles/icingaweb2_module_jira/tasks/main.yml | 1 + roles/icingaweb2_module_reporting/tasks/main.yml | 1 + roles/icingaweb2_module_vspheredb/tasks/main.yml | 2 ++ roles/icingaweb2_module_x509/tasks/main.yml | 1 + roles/influxdb/tasks/main.yml | 2 ++ roles/keepalived/tasks/main.yml | 1 + roles/keycloak/tasks/main.yml | 1 - roles/kibana/tasks/main.yml | 1 + roles/kvm_host/tasks/main.yml | 1 + roles/kvm_vm/tasks/main.yml | 3 +++ roles/logrotate/tasks/main.yml | 2 ++ roles/logstash/tasks/main.yml | 4 ++++ roles/mailx/tasks/main.yml | 1 + roles/mariadb_server/tasks/main.yml | 5 +++++ roles/mastodon/tasks/main.yml | 1 + roles/minio_client/tasks/main.yml | 1 + roles/mirror/tasks/main.yml | 1 + roles/mongodb/tasks/main.yml | 1 + roles/opensearch/tasks/main.yml | 4 ++++ roles/openvpn_server/tasks/main.yml | 3 +++ roles/php/tasks/main.yml | 2 ++ roles/podman_containers/tasks/main.yml | 4 ++++ roles/postfix/tasks/main.yml | 3 +++ roles/proxysql/tasks/main.yml | 1 + roles/python_venv/tasks/main.yml | 1 + roles/redis/tasks/main.yml | 2 ++ roles/repo_baseos/tasks/main.yml | 1 + roles/repo_collabora/tasks/main.yml | 1 + roles/repo_collabora_code/tasks/main.yml | 1 + roles/repo_debian_base/tasks/main.yml | 1 + roles/repo_docker/tasks/main.yml | 1 + roles/rocketchat/tasks/main.yml | 1 + roles/rsyslog/tasks/main.yml | 1 + roles/snmp/tasks/main.yml | 1 + roles/squid/tasks/main.yml | 1 + roles/sshd/tasks/main.yml | 1 + roles/systemd_journald/tasks/main.yml | 1 + roles/telegraf/tasks/main.yml | 2 ++ 69 files changed, 137 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index 238e15401..a426fe54f 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -617,6 +617,7 @@ The handling of the state in the role can look something like this, assuming the - name: 'Create sites-available vHosts' ansible.builtin.template: + backup: true src: '...' dest: '...' when: diff --git a/roles/apache_httpd/tasks/confs.yml b/roles/apache_httpd/tasks/confs.yml index fe72acf62..e50ef9ed1 100644 --- a/roles/apache_httpd/tasks/confs.yml +++ b/roles/apache_httpd/tasks/confs.yml @@ -25,6 +25,7 @@ - name: 'Create conf-available configs' ansible.builtin.template: + backup: true src: 'etc/httpd/conf-available/{{ item["template"]}}.conf.j2' dest: '{{ apache_httpd__config_path }}/{{ apache_httpd__config_prefix }}conf-available/{{ item["filename"] }}.conf' owner: 'root' diff --git a/roles/apache_tomcat/tasks/main.yml b/roles/apache_tomcat/tasks/main.yml index 021299dc9..da28a4a60 100644 --- a/roles/apache_tomcat/tasks/main.yml +++ b/roles/apache_tomcat/tasks/main.yml @@ -52,6 +52,7 @@ - name: 'Deploy /etc/tomcat/server.xml' ansible.builtin.template: + backup: true src: 'etc/tomcat/{{ tomcat__installed_version }}-server.xml.j2' dest: '/etc/tomcat/server.xml' owner: 'root' @@ -61,6 +62,7 @@ - name: 'Copy tomcat config /etc/sysconfig' ansible.builtin.template: + backup: true src: 'etc/sysconfig/{{ tomcat__installed_version }}-tomcat.j2' dest: '/etc/sysconfig/tomcat' owner: 'root' @@ -69,6 +71,7 @@ - name: 'Deploy /etc/tomcat/context.xml' ansible.builtin.template: + backup: true src: 'etc/tomcat/{{ tomcat__installed_version }}-context.xml.j2' dest: '/etc/tomcat/context.xml' owner: 'root' @@ -78,6 +81,7 @@ - name: 'Deploy /etc/tomcat/logging.properties' ansible.builtin.template: + backup: true src: 'etc/tomcat/{{ tomcat__installed_version }}-logging.properties.j2' dest: '/etc/tomcat/logging.properties' owner: 'root' @@ -87,6 +91,7 @@ - name: 'Copy tomcat logrotate template to /etc/logrotate.d' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/tomcat.j2' dest: '/etc/logrotate.d/tomcat' owner: 'root' @@ -104,6 +109,7 @@ - name: 'Deploy /var/lib/tomcat/webapps/docs/META-INF/context.xml' ansible.builtin.template: + backup: true src: 'var/lib/tomcat/webapps/docs/META-INF/context.xml.j2' dest: '/var/lib/tomcat/webapps/docs/META-INF/context.xml' owner: 'root' @@ -115,6 +121,7 @@ - name: 'Deploy /var/lib/tomcat/webapps/host-manager/META-INF/context.xml' ansible.builtin.template: + backup: true src: 'var/lib/tomcat/webapps/host-manager/META-INF/context.xml.j2' dest: '/var/lib/tomcat/webapps/host-manager/META-INF/context.xml' owner: 'root' @@ -126,6 +133,7 @@ - name: 'Deploy /var/lib/tomcat/webapps/manager/META-INF/context.xml' ansible.builtin.template: + backup: true src: 'var/lib/tomcat/webapps/manager/META-INF/context.xml.j2' dest: '/var/lib/tomcat/webapps/manager/META-INF/context.xml' owner: 'root' @@ -137,6 +145,7 @@ - name: 'Deploy /var/lib/tomcat/webapps/manager/WEB-INF/web.xml' ansible.builtin.template: + backup: true src: 'var/lib/tomcat/webapps/manager/WEB-INF/web.xml.j2' dest: '/var/lib/tomcat/webapps/manager/WEB-INF/web.xml' owner: 'root' @@ -159,6 +168,7 @@ - name: 'Deploy /etc/tomcat/tomcat-users.xml' ansible.builtin.template: + backup: true src: 'etc/tomcat/{{ tomcat__installed_version }}-tomcat-users.xml.j2' dest: '/etc/tomcat/tomcat-users.xml' owner: 'root' diff --git a/roles/audit/tasks/main.yml b/roles/audit/tasks/main.yml index b8d33f9a1..d6c1cac43 100644 --- a/roles/audit/tasks/main.yml +++ b/roles/audit/tasks/main.yml @@ -9,6 +9,7 @@ - name: 'Deploy /etc/audit/auditd.conf' ansible.builtin.template: + backup: true src: 'etc/audit/auditd.conf.j2' dest: '/etc/audit/auditd.conf' owner: 'root' diff --git a/roles/bind/tasks/main.yml b/roles/bind/tasks/main.yml index 61175f4d8..55acc0fc5 100644 --- a/roles/bind/tasks/main.yml +++ b/roles/bind/tasks/main.yml @@ -15,6 +15,7 @@ - name: 'Deploy /etc/sysconfig/named' ansible.builtin.template: + backup: true src: 'etc/sysconfig/named.j2' dest: '/etc/sysconfig/named' owner: 'root' @@ -24,6 +25,7 @@ - name: 'Deploy /etc/named.conf' ansible.builtin.template: + backup: true src: 'etc/named.conf.j2' dest: '/etc/named.conf' owner: 'root' @@ -40,6 +42,7 @@ - name: 'Deploy the forward and reverse zones' ansible.builtin.template: + backup: true src: 'var/named/raw.zone.j2' dest: '/var/named/{{ item["file"] | d(item["name"] ~ ".zone") }}' owner: 'root' diff --git a/roles/borg_local/tasks/main.yml b/roles/borg_local/tasks/main.yml index 292056165..c813d377d 100644 --- a/roles/borg_local/tasks/main.yml +++ b/roles/borg_local/tasks/main.yml @@ -35,6 +35,7 @@ - name: 'Deploy /etc/borg/borg-passphrase' ansible.builtin.template: + backup: true src: 'etc/borg/borg-passphrase.j2' dest: '/etc/borg/borg-passphrase' owner: 'root' @@ -43,6 +44,7 @@ - name: 'Deploy /etc/borg/borg.conf' ansible.builtin.template: + backup: true src: 'etc/borg/borg.conf.j2' dest: '/etc/borg/borg.conf' owner: 'root' diff --git a/roles/chrony/tasks/main.yml b/roles/chrony/tasks/main.yml index 6e2425cf5..efd185889 100644 --- a/roles/chrony/tasks/main.yml +++ b/roles/chrony/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'Deploy /etc/chrony.conf' ansible.builtin.template: + backup: true src: 'etc/chrony.conf.j2' dest: '/etc/chrony.conf' mode: 0o644 diff --git a/roles/clamav/tasks/main.yml b/roles/clamav/tasks/main.yml index 6fa4dd87d..aa59c1317 100644 --- a/roles/clamav/tasks/main.yml +++ b/roles/clamav/tasks/main.yml @@ -15,6 +15,7 @@ - name: 'Deploy /etc/systemd/system/clamav-clamonacc.service.d/fdpass.conf' ansible.builtin.template: + backup: true src: 'etc/systemd/system/clamav-clamonacc.service.d/fdpass.conf.j2' dest: '/etc/systemd/system/clamav-clamonacc.service.d/fdpass.conf' owner: 'root' @@ -50,6 +51,7 @@ - name: 'Deploy /etc/logrotate.d/clamav' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/clamav.j2' dest: '/etc/logrotate.d/clamav' owner: 'root' @@ -64,6 +66,7 @@ - name: 'Deploy /etc/clamd.d/scan.conf' ansible.builtin.template: + backup: true src: 'etc/clamd.d/scan.conf.j2' dest: '/etc/clamd.d/scan.conf' owner: 'root' @@ -82,6 +85,7 @@ - name: 'Deploy /etc/freshclam.conf' ansible.builtin.template: + backup: true src: 'etc/freshclam.conf.j2' dest: '/etc/freshclam.conf' owner: 'root' @@ -98,6 +102,7 @@ - name: 'Deploy /var/lib/clamav/lfops_whitelist.ign2' ansible.builtin.template: + backup: true src: 'var/lib/clamav/lfops_whitelist.ign2.j2' dest: '/var/lib/clamav/lfops_whitelist.ign2' owner: 'root' @@ -107,6 +112,7 @@ - name: 'Deploy /var/lib/clamav/lfops_whitelist.fp' ansible.builtin.template: + backup: true src: 'var/lib/clamav/lfops_whitelist.fp.j2' dest: '/var/lib/clamav/lfops_whitelist.fp' owner: 'root' @@ -116,6 +122,7 @@ - name: 'Deploy /etc/clamd.d/clamdscan.filelist' ansible.builtin.template: + backup: true src: 'etc/clamd.d/clamdscan.filelist.j2' dest: '/etc/clamd.d/clamdscan.filelist' owner: 'root' diff --git a/roles/collabora/tasks/main.yml b/roles/collabora/tasks/main.yml index cff5c0aad..b6d04004a 100644 --- a/roles/collabora/tasks/main.yml +++ b/roles/collabora/tasks/main.yml @@ -38,6 +38,7 @@ - name: 'deploy /etc/coolwsd/coolwsd.xml (v{{ collabora__installed_version }}{{ collabora__use_code | bool | ternary("-code", "") }})' ansible.builtin.template: + backup: true src: 'etc/coolwsd/{{ collabora__installed_version }}-coolwsd{{ collabora__use_code | bool | ternary("-code", "") }}.xml.j2' dest: '/etc/coolwsd/coolwsd.xml' owner: 'cool' @@ -54,6 +55,7 @@ - name: 'Deploy /etc/logrotate.d/coolwsd' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/coolwsd.j2' dest: '/etc/logrotate.d/coolwsd' owner: 'root' diff --git a/roles/coturn/tasks/main.yml b/roles/coturn/tasks/main.yml index e52568109..ecc8c506d 100644 --- a/roles/coturn/tasks/main.yml +++ b/roles/coturn/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'Deploy /etc/coturn/turnserver.conf' ansible.builtin.template: + backup: true src: 'etc/coturn/turnserver.conf.j2' dest: '/etc/coturn/turnserver.conf' owner: 'root' diff --git a/roles/crypto_policy/tasks/main.yml b/roles/crypto_policy/tasks/main.yml index 20d7ca031..57af2aa1c 100644 --- a/roles/crypto_policy/tasks/main.yml +++ b/roles/crypto_policy/tasks/main.yml @@ -2,6 +2,7 @@ - name: 'Deploy /etc/crypto-policies/policies/modules/*.pmod' ansible.builtin.template: + backup: true src: '{{ item }}' dest: '/etc/crypto-policies/policies/modules/{{ item | basename | split(".") | first }}.pmod' owner: 'root' diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 98715e16e..93e15860c 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -17,6 +17,7 @@ - name: 'Deploy /etc/docker/daemon.json' ansible.builtin.template: + backup: true src: 'etc/docker/daemon.json.j2' dest: '/etc/docker/daemon.json' mode: 0o640 diff --git a/roles/duplicity/tasks/main.yml b/roles/duplicity/tasks/main.yml index d8626a3d4..07e3fa7b1 100644 --- a/roles/duplicity/tasks/main.yml +++ b/roles/duplicity/tasks/main.yml @@ -61,12 +61,14 @@ - name: 'Deploy /etc/duba/duba.json' ansible.builtin.template: + backup: true src: 'etc/duba/duba.json.j2' dest: '/etc/duba/duba.json' mode: 0o600 # file contains secrets - name: 'Deploy /etc/systemd/system/duba.service' ansible.builtin.template: + backup: true src: 'etc/systemd/system/duba.service.j2' dest: '/etc/systemd/system/duba.service' owner: 'root' @@ -84,6 +86,7 @@ - name: 'Deploy /etc/logrotate.d/duplicity' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/duplicity.j2' dest: '/etc/logrotate.d/duplicity' owner: 'root' @@ -98,6 +101,7 @@ - name: 'Deploy /usr/local/bin/duba' ansible.builtin.template: + backup: true src: 'usr/local/bin/duba.j2' dest: '/usr/local/bin/duba' owner: 'root' diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml index ca1ce4273..97b01c1d3 100644 --- a/roles/fail2ban/tasks/main.yml +++ b/roles/fail2ban/tasks/main.yml @@ -26,6 +26,7 @@ - name: 'Deploy actions' ansible.builtin.template: + backup: true src: 'etc/fail2ban/action.d/{{ item }}.conf.j2' dest: '/etc/fail2ban/action.d/{{ item }}.conf' owner: 'root' @@ -38,6 +39,7 @@ - name: 'Deploy filters' ansible.builtin.template: + backup: true src: 'etc/fail2ban/filter.d/{{ item }}.conf.j2' dest: '/etc/fail2ban/filter.d/{{ item }}.conf' owner: 'root' @@ -51,6 +53,7 @@ - name: 'Deploy /etc/fail2ban/jail.d/z00-defaults.conf' ansible.builtin.template: + backup: true src: 'etc/fail2ban/jail.d/z00-defaults.conf.j2' dest: '/etc/fail2ban/jail.d/z00-defaults.conf' owner: 'root' @@ -75,6 +78,7 @@ - name: 'Create Jails' ansible.builtin.template: + backup: true src: 'etc/fail2ban/jail.d/z10-{{ item["template"] }}.conf.j2' dest: '/etc/fail2ban/jail.d/{{ item["filename"] }}.conf' owner: 'root' diff --git a/roles/fangfrisch/tasks/main.yml b/roles/fangfrisch/tasks/main.yml index 392b64e01..f1bcc4150 100644 --- a/roles/fangfrisch/tasks/main.yml +++ b/roles/fangfrisch/tasks/main.yml @@ -10,6 +10,7 @@ - name: 'Deploy /etc/fangfrisch.conf' ansible.builtin.template: + backup: true src: 'etc/fangfrisch.conf.j2' dest: '/etc/fangfrisch.conf' owner: 'clamupdate' diff --git a/roles/github_project_createrepo/tasks/main.yml b/roles/github_project_createrepo/tasks/main.yml index 7cb659eb3..b6cf937d7 100644 --- a/roles/github_project_createrepo/tasks/main.yml +++ b/roles/github_project_createrepo/tasks/main.yml @@ -108,6 +108,7 @@ - name: 'deploy /etc/github-project-createrepo.yml' ansible.builtin.template: + backup: true src: 'etc/github-project-createrepo.yml.j2' dest: '/etc/github-project-createrepo.yml' owner: 'root' diff --git a/roles/gitlab_ce/tasks/main.yml b/roles/gitlab_ce/tasks/main.yml index 4e0a25000..04be021f4 100644 --- a/roles/gitlab_ce/tasks/main.yml +++ b/roles/gitlab_ce/tasks/main.yml @@ -56,6 +56,7 @@ - name: 'Deploy /etc/gitlab/gitlab.rb' ansible.builtin.template: + backup: true src: 'etc/gitlab/gitlab.rb.j2' dest: '/etc/gitlab/gitlab.rb' owner: 'root' diff --git a/roles/glpi_agent/tasks/main.yml b/roles/glpi_agent/tasks/main.yml index f559c6c02..fa28c603e 100644 --- a/roles/glpi_agent/tasks/main.yml +++ b/roles/glpi_agent/tasks/main.yml @@ -59,6 +59,7 @@ - name: 'Deploy /etc/glpi-agent/conf.d/z00-linuxfabrik.cfg' ansible.builtin.template: + backup: true src: 'etc/glpi-agent/conf.d/z00-linuxfabrik.cfg.j2' dest: '/etc/glpi-agent/conf.d/z00-linuxfabrik.cfg' owner: 'root' diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml index 0704982e8..5425b2f77 100644 --- a/roles/grafana/tasks/main.yml +++ b/roles/grafana/tasks/main.yml @@ -28,6 +28,7 @@ - name: 'deploy /etc/grafana/grafana.ini' ansible.builtin.template: + backup: true src: 'etc/grafana/grafana.ini.j2' dest: '/etc/grafana/grafana.ini' owner: 'root' @@ -44,6 +45,7 @@ - name: 'deploy /etc/grafana/ldap.toml' ansible.builtin.template: + backup: true src: 'etc/grafana/ldap.toml.j2' dest: '/etc/grafana/ldap.toml' owner: 'root' @@ -82,6 +84,7 @@ - name: 'deploy the grafana datasource provisioning file' ansible.builtin.template: + backup: true src: 'etc/grafana/provisioning/datasources/linuxfabrik-monitoring-plugins.yml.j2' dest: '/etc/grafana/provisioning/datasources/linuxfabrik-monitoring-plugins.yml' owner: 'grafana' @@ -99,6 +102,7 @@ - name: 'deploy the grafana dashboard provisioning file' ansible.builtin.template: + backup: true src: 'etc/grafana/provisioning/dashboards/linuxfabrik-monitoring-plugins.yml.j2' dest: '/etc/grafana/provisioning/dashboards/linuxfabrik-monitoring-plugins.yml' owner: 'grafana' diff --git a/roles/graylog_datanode/tasks/main.yml b/roles/graylog_datanode/tasks/main.yml index fb353ecde..933644909 100644 --- a/roles/graylog_datanode/tasks/main.yml +++ b/roles/graylog_datanode/tasks/main.yml @@ -22,6 +22,7 @@ - name: 'Deploy /etc/graylog/datanode/datanode.conf (version: {{ graylog_datanode__installed_version[:3] }})' ansible.builtin.template: + backup: true src: 'etc/graylog/datanode/{{ graylog_datanode__installed_version[:3] }}-datanode.conf.j2' dest: '/etc/graylog/datanode/datanode.conf' owner: 'root' @@ -38,6 +39,7 @@ - name: 'Deploy /etc/graylog/datanode/jvm.options' ansible.builtin.template: + backup: true src: 'etc/graylog/datanode/jvm.options.j2' dest: '/etc/graylog/datanode/jvm.options' owner: 'root' diff --git a/roles/graylog_server/tasks/main.yml b/roles/graylog_server/tasks/main.yml index 1ace6b819..c9a688508 100644 --- a/roles/graylog_server/tasks/main.yml +++ b/roles/graylog_server/tasks/main.yml @@ -27,6 +27,7 @@ - name: 'Deploy /etc/graylog/server/server.conf (version: {{ graylog_server__installed_version[:3] }})' ansible.builtin.template: + backup: true src: 'etc/graylog/server/{{ graylog_server__installed_version[:3] }}-server.conf.j2' dest: '/etc/graylog/server/server.conf' owner: 'graylog' @@ -43,6 +44,7 @@ - name: 'Deploy {{ graylog_server__opts_file }}' ansible.builtin.template: + backup: true src: '{{ graylog_server__opts_file[1:] }}.j2' dest: '{{ graylog_server__opts_file }}' owner: 'root' diff --git a/roles/icinga2_agent/tasks/RedHat.yml b/roles/icinga2_agent/tasks/RedHat.yml index 0896c25d8..595f7a8ad 100644 --- a/roles/icinga2_agent/tasks/RedHat.yml +++ b/roles/icinga2_agent/tasks/RedHat.yml @@ -2,6 +2,7 @@ - name: 'Deploy /etc/logrotate.d/icinga2' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/icinga2.j2' dest: '/etc/logrotate.d/icinga2' owner: 'root' diff --git a/roles/icinga2_master/tasks/RedHat.yml b/roles/icinga2_master/tasks/RedHat.yml index 86f51feb8..b26d6cdeb 100644 --- a/roles/icinga2_master/tasks/RedHat.yml +++ b/roles/icinga2_master/tasks/RedHat.yml @@ -2,6 +2,7 @@ - name: 'Deploy /etc/logrotate.d/icinga2' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/icinga2.j2' dest: '/etc/logrotate.d/icinga2' owner: 'root' diff --git a/roles/icinga2_master/tasks/main.yml b/roles/icinga2_master/tasks/main.yml index ffa22217a..6dc264452 100644 --- a/roles/icinga2_master/tasks/main.yml +++ b/roles/icinga2_master/tasks/main.yml @@ -41,6 +41,7 @@ - name: 'deploy /etc/icinga2/conf.d/api-users.conf' ansible.builtin.template: + backup: true src: 'etc/icinga2/conf.d/api-users.conf.j2' dest: '/etc/icinga2/conf.d/api-users.conf' owner: 'root' @@ -64,6 +65,7 @@ - name: 'Deploy /etc/icinga2/features-available/influxdb.conf' ansible.builtin.template: + backup: true src: 'etc/icinga2/features-available/influxdb.conf.j2' dest: '/etc/icinga2/features-available/influxdb.conf' owner: '{{ icinga2_master__icinga_user }}' @@ -183,6 +185,7 @@ # do this after the node setup - name: 'Deploy /etc/icinga2/zones.conf' ansible.builtin.template: + backup: true src: 'etc/icinga2/zones.conf.j2' dest: '/etc/icinga2/zones.conf' owner: '{{ icinga2_master__icinga_user }}' diff --git a/roles/icinga_kubernetes/tasks/main.yml b/roles/icinga_kubernetes/tasks/main.yml index cf38299cc..ab670fde3 100644 --- a/roles/icinga_kubernetes/tasks/main.yml +++ b/roles/icinga_kubernetes/tasks/main.yml @@ -8,6 +8,7 @@ - name: 'Deploy /etc/icinga-kubernetes/config.yml' ansible.builtin.template: + backup: true src: 'etc/icinga-kubernetes/config.yml.j2' dest: '/etc/icinga-kubernetes/config.yml' owner: 'icinga-kubernetes' @@ -17,6 +18,7 @@ - name: 'Deploy /etc/icinga-kubernetes/*.env' ansible.builtin.template: + backup: true src: 'etc/icinga-kubernetes/cluster.env.j2' dest: '/etc/icinga-kubernetes/{{ item["name"] }}.env' owner: 'root' diff --git a/roles/icinga_kubernetes_web/tasks/main.yml b/roles/icinga_kubernetes_web/tasks/main.yml index f80ed7f3e..be9e03dc1 100644 --- a/roles/icinga_kubernetes_web/tasks/main.yml +++ b/roles/icinga_kubernetes_web/tasks/main.yml @@ -54,6 +54,7 @@ - name: 'Deploy /etc/icingaweb2/modules/kubernetes/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/kubernetes/config.ini.j2' dest: '/etc/icingaweb2/modules/kubernetes/config.ini' owner: '{{ icinga_kubernetes_web__icingaweb2_owner }}' diff --git a/roles/icingadb/tasks/main.yml b/roles/icingadb/tasks/main.yml index 9e8216717..4b8f9e377 100644 --- a/roles/icingadb/tasks/main.yml +++ b/roles/icingadb/tasks/main.yml @@ -24,6 +24,7 @@ - name: 'deploy /etc/icinga2/features-available/icingadb.conf' ansible.builtin.template: + backup: true src: 'etc/icinga2/features-available/icingadb.conf.j2' dest: '/etc/icinga2/features-available/icingadb.conf' owner: '{{ icingadb__icinga_user }}' @@ -80,6 +81,7 @@ - name: 'deploy /etc/icingadb/config.yml' ansible.builtin.template: + backup: true src: 'etc/icingadb/config.yml.j2' dest: '/etc/icingadb/config.yml' owner: 'icingadb' @@ -123,6 +125,7 @@ - name: 'deploy /tmp/icingadb-migration.yml' ansible.builtin.template: + backup: true src: 'tmp/icingadb-migration.yml.j2' dest: '/tmp/icingadb-migration.yml' mode: 0o600 # contains secrets diff --git a/roles/icingadb_web/tasks/main.yml b/roles/icingadb_web/tasks/main.yml index a6ceef5fc..7ba2dc584 100644 --- a/roles/icingadb_web/tasks/main.yml +++ b/roles/icingadb_web/tasks/main.yml @@ -22,6 +22,7 @@ - name: 'Generate icingadb-web config files' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/icingadb/{{ item }}.j2' dest: '/etc/icingaweb2/modules/icingadb/{{ item }}' owner: '{{ icingadb_web__icingaweb2_owner }}' diff --git a/roles/icingaweb2/tasks/main.yml b/roles/icingaweb2/tasks/main.yml index 6331e1b7f..af540051f 100644 --- a/roles/icingaweb2/tasks/main.yml +++ b/roles/icingaweb2/tasks/main.yml @@ -91,6 +91,7 @@ - name: 'Deploy config files to /etc/icingaweb2/' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/{{ item }}.j2' dest: "/etc/icingaweb2/{{ item }}" owner: '{{ icingaweb2__webserver_owner }}' @@ -103,6 +104,7 @@ - name: 'Deploy /etc/icingaweb2/navigation/host-actions.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/navigation/host-actions.ini.j2' dest: '/etc/icingaweb2/navigation/host-actions.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -111,6 +113,7 @@ - name: 'Deploy /etc/icingaweb2/navigation/icingadb-host-actions.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/navigation/icingadb-host-actions.ini.j2' dest: '/etc/icingaweb2/navigation/icingadb-host-actions.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -119,6 +122,7 @@ - name: 'Deploy /etc/icingaweb2/navigation/icingadb-service-actions.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/navigation/icingadb-service-actions.ini.j2' dest: '/etc/icingaweb2/navigation/icingadb-service-actions.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -127,6 +131,7 @@ - name: 'Deploy /etc/icingaweb2/navigation/menu.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/navigation/menu.ini.j2' dest: '/etc/icingaweb2/navigation/menu.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -135,6 +140,7 @@ - name: 'Deploy /etc/icingaweb2/navigation/service-actions.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/navigation/service-actions.ini.j2' dest: '/etc/icingaweb2/navigation/service-actions.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -158,6 +164,7 @@ - name: 'Deploy /etc/icingaweb2/resources.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/resources.ini.j2' dest: '/etc/icingaweb2/resources.ini' owner: '{{ icingaweb2__webserver_owner }}' @@ -174,9 +181,10 @@ - name: 'Deploy /etc/icingaweb2/roles.ini' ansible.builtin.template: - src: 'etc/icingaweb2/roles.ini.j2' + backup: true dest: '/etc/icingaweb2/roles.ini' owner: '{{ icingaweb2__webserver_owner }}' + src: 'etc/icingaweb2/roles.ini.j2' group: 'icingaweb2' mode: 0o660 @@ -231,4 +239,4 @@ tags: - 'icingaweb2' - - 'icingaweb2:user' + - 'icingaweb2:user' \ No newline at end of file diff --git a/roles/icingaweb2_module_director/tasks/main.yml b/roles/icingaweb2_module_director/tasks/main.yml index 9e727edc6..c020b9602 100644 --- a/roles/icingaweb2_module_director/tasks/main.yml +++ b/roles/icingaweb2_module_director/tasks/main.yml @@ -113,6 +113,7 @@ - name: 'Deploy director config files' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/director/{{ item }}.j2' dest: '/etc/icingaweb2/modules/director/{{ item }}' owner: '{{ icingaweb2_module_director__icingaweb2_owner }}' diff --git a/roles/icingaweb2_module_grafana/tasks/main.yml b/roles/icingaweb2_module_grafana/tasks/main.yml index 4647b2b05..8cb70d472 100644 --- a/roles/icingaweb2_module_grafana/tasks/main.yml +++ b/roles/icingaweb2_module_grafana/tasks/main.yml @@ -81,6 +81,7 @@ - name: 'Deploy /etc/icingaweb2/modules/grafana/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/grafana/config.ini.j2' dest: '/etc/icingaweb2/modules/grafana/config.ini' owner: '{{ icingaweb2_module_grafana__icingaweb2_owner }}' diff --git a/roles/icingaweb2_module_jira/tasks/main.yml b/roles/icingaweb2_module_jira/tasks/main.yml index 9f15015e6..ee482f776 100644 --- a/roles/icingaweb2_module_jira/tasks/main.yml +++ b/roles/icingaweb2_module_jira/tasks/main.yml @@ -54,6 +54,7 @@ - name: 'Deploy /etc/icingaweb2/modules/jira/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/jira/config.ini.j2' dest: '/etc/icingaweb2/modules/jira/config.ini' owner: '{{ icingaweb2_module_jira__icingaweb2_owner }}' diff --git a/roles/icingaweb2_module_reporting/tasks/main.yml b/roles/icingaweb2_module_reporting/tasks/main.yml index e3c7c433f..03f663581 100644 --- a/roles/icingaweb2_module_reporting/tasks/main.yml +++ b/roles/icingaweb2_module_reporting/tasks/main.yml @@ -54,6 +54,7 @@ - name: 'Deploy /etc/icingaweb2/modules/reporting/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/reporting/config.ini.j2' dest: '/etc/icingaweb2/modules/reporting/config.ini' owner: '{{ icingaweb2_module_reporting__icingaweb2_owner }}' diff --git a/roles/icingaweb2_module_vspheredb/tasks/main.yml b/roles/icingaweb2_module_vspheredb/tasks/main.yml index 41d84dffe..304b5f559 100644 --- a/roles/icingaweb2_module_vspheredb/tasks/main.yml +++ b/roles/icingaweb2_module_vspheredb/tasks/main.yml @@ -58,6 +58,7 @@ - name: 'Deploy /etc/tmpfiles.d/icinga-vspheredb.conf' ansible.builtin.template: + backup: true src: 'etc/tmpfiles.d/icinga-vspheredb.conf.j2' dest: '/etc/tmpfiles.d/icinga-vspheredb.conf' owner: 'root' @@ -89,6 +90,7 @@ - name: 'Deploy /etc/icingaweb2/modules/vspheredb/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/vspheredb/config.ini.j2' dest: '/etc/icingaweb2/modules/vspheredb/config.ini' owner: '{{ icingaweb2_module_vspheredb__icingaweb2_owner }}' diff --git a/roles/icingaweb2_module_x509/tasks/main.yml b/roles/icingaweb2_module_x509/tasks/main.yml index 55bc98b81..c15f4eddb 100644 --- a/roles/icingaweb2_module_x509/tasks/main.yml +++ b/roles/icingaweb2_module_x509/tasks/main.yml @@ -54,6 +54,7 @@ - name: 'Deploy /etc/icingaweb2/modules/x509/config.ini' ansible.builtin.template: + backup: true src: 'etc/icingaweb2/modules/x509/config.ini.j2' dest: '/etc/icingaweb2/modules/x509/config.ini' owner: '{{ icingaweb2_module_x509__icingaweb2_owner }}' diff --git a/roles/influxdb/tasks/main.yml b/roles/influxdb/tasks/main.yml index 11989023a..a626a4998 100644 --- a/roles/influxdb/tasks/main.yml +++ b/roles/influxdb/tasks/main.yml @@ -28,6 +28,7 @@ - name: 'Deploy /etc/influxdb/influxdb.conf' ansible.builtin.template: + backup: true src: 'etc/influxdb/influxdb.conf.j2' dest: '/etc/influxdb/influxdb.conf' owner: 'root' @@ -112,6 +113,7 @@ - name: 'Deploy /usr/local/bin/influxdb-dump' ansible.builtin.template: + backup: true src: 'usr/local/bin/influxdb-dump.j2' dest: '/usr/local/bin/influxdb-dump' mode: 0o755 diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml index 20f01cd57..d689fd645 100644 --- a/roles/keepalived/tasks/main.yml +++ b/roles/keepalived/tasks/main.yml @@ -8,6 +8,7 @@ - name: 'Deploy /etc/keepalived/keepalived.conf' ansible.builtin.template: + backup: true src: 'etc/keepalived/keepalived.conf.j2' dest: '/etc/keepalived/keepalived.conf' owner: 'root' diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index a3e7a2c14..6c66f09a5 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -100,7 +100,6 @@ - name: 'Create keycloak.service' ansible.builtin.template: - backup: true src: 'etc/systemd/system/keycloak.service.j2' dest: '/etc/systemd/system/keycloak.service' owner: 'root' diff --git a/roles/kibana/tasks/main.yml b/roles/kibana/tasks/main.yml index 0b72d1089..1345d691b 100644 --- a/roles/kibana/tasks/main.yml +++ b/roles/kibana/tasks/main.yml @@ -74,6 +74,7 @@ - name: 'deploy /etc/kibana/kibana.yml' ansible.builtin.template: + backup: true src: 'etc/kibana/kibana.yml.j2' dest: '/etc/kibana/kibana.yml' owner: 'root' diff --git a/roles/kvm_host/tasks/main.yml b/roles/kvm_host/tasks/main.yml index aa156dc0f..88934266f 100644 --- a/roles/kvm_host/tasks/main.yml +++ b/roles/kvm_host/tasks/main.yml @@ -18,6 +18,7 @@ - name: 'deploy {{ __kvm_host__libvirt_guests_path }}' ansible.builtin.template: + backup: true src: 'etc/sysconfig/libvirt-guests.j2' dest: '{{ __kvm_host__libvirt_guests_path }}' owner: 'root' diff --git a/roles/kvm_vm/tasks/main.yml b/roles/kvm_vm/tasks/main.yml index 22fdcf6e5..fb19efb27 100644 --- a/roles/kvm_vm/tasks/main.yml +++ b/roles/kvm_vm/tasks/main.yml @@ -66,16 +66,19 @@ - name: 'deploy {{ kvm_vm__cloud_init_tempdir_result["path"] }}/meta-data' ansible.builtin.template: + backup: true src: 'cloud-init/meta-data.j2' dest: '{{ kvm_vm__cloud_init_tempdir_result["path"] }}/meta-data' - name: 'deploy {{ kvm_vm__cloud_init_tempdir_result["path"] }}/network-config' ansible.builtin.template: + backup: true src: 'cloud-init/network-config.j2' dest: '{{ kvm_vm__cloud_init_tempdir_result["path"] }}/network-config' - name: 'deploy {{ kvm_vm__cloud_init_tempdir_result["path"] }}/user-data' ansible.builtin.template: + ackup: true src: 'cloud-init/user-data.j2' dest: '{{ kvm_vm__cloud_init_tempdir_result["path"] }}/user-data' diff --git a/roles/logrotate/tasks/main.yml b/roles/logrotate/tasks/main.yml index d4b1f1a54..0ffa47640 100644 --- a/roles/logrotate/tasks/main.yml +++ b/roles/logrotate/tasks/main.yml @@ -12,6 +12,7 @@ - name: 'Copy logrotate.conf template to /etc' ansible.builtin.template: + backup: true src: 'etc/logrotate.conf.j2' dest: '/etc/logrotate.conf' owner: 'root' @@ -27,6 +28,7 @@ - name: 'Copy system logrotate templates to /etc/logrotate.d' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/syslog.j2' dest: '/etc/logrotate.d/{{ logrotate__syslog_filename }}' owner: 'root' diff --git a/roles/logstash/tasks/main.yml b/roles/logstash/tasks/main.yml index 2ce115b7a..9c10d5f3f 100644 --- a/roles/logstash/tasks/main.yml +++ b/roles/logstash/tasks/main.yml @@ -40,6 +40,7 @@ - name: 'Deploy /etc/systemd/system/logstash.service.d/z10-config-reload.conf' ansible.builtin.template: + backup: true src: 'etc/systemd/system/logstash.service.d/z10-config-reload.conf.j2' dest: '/etc/systemd/system/logstash.service.d/z10-config-reload.conf' owner: 'root' @@ -81,6 +82,7 @@ - name: 'Deploy /etc/logstash/logstash.yml' ansible.builtin.template: + backup: true src: 'etc/logstash/logstash.yml.j2' dest: '/etc/logstash/logstash.yml' owner: 'root' @@ -98,6 +100,7 @@ - name: 'Deploy /etc/logstash/pipelines.yml' ansible.builtin.template: + backup: true src: 'etc/logstash/pipelines.yml.j2' dest: '/etc/logstash/pipelines.yml' owner: 'root' @@ -108,6 +111,7 @@ - name: 'Deploy /etc/default/logstash' ansible.builtin.template: + backup: true src: 'etc/default/logstash.j2' dest: '/etc/default/logstash' owner: 'root' diff --git a/roles/mailx/tasks/main.yml b/roles/mailx/tasks/main.yml index 247af0394..5de25e953 100644 --- a/roles/mailx/tasks/main.yml +++ b/roles/mailx/tasks/main.yml @@ -12,6 +12,7 @@ - name: 'Deploy bash wrapper script that make sending mail easier to /root/send-mail' ansible.builtin.template: + backup: true src: 'root/send-mail.j2' dest: '/root/send-mail' owner: 'root' diff --git a/roles/mariadb_server/tasks/main.yml b/roles/mariadb_server/tasks/main.yml index 0d9fc8843..207e107ff 100644 --- a/roles/mariadb_server/tasks/main.yml +++ b/roles/mariadb_server/tasks/main.yml @@ -164,6 +164,7 @@ - name: 'Deploy /etc/tmpfiles.d/mariadb-linuxfabrik.conf for the socket path' ansible.builtin.template: # we need to use a different name than the packaged /usr/lib/tmpfiles.d/mariadb.conf, else it is overwritten completely + backup: true src: 'etc/tmpfiles.d/mariadb-linuxfabrik.conf.j2' dest: '/etc/tmpfiles.d/mariadb-linuxfabrik.conf' owner: 'root' @@ -340,6 +341,7 @@ - name: 'Deploy /etc/systemd/system/mariadb.service.d/socket-selinux-workaround.conf' ansible.builtin.template: + backup: true src: 'etc/systemd/system/mariadb.service.d/socket-selinux-workaround.conf.j2' dest: '/etc/systemd/system/mariadb.service.d/socket-selinux-workaround.conf' owner: 'root' @@ -350,6 +352,7 @@ - name: 'Deploy /etc/systemd/system/mariadb.service.d/z00-linuxfabrik.conf' ansible.builtin.template: + backup: true src: 'etc/systemd/system/mariadb.service.d/z00-linuxfabrik.conf.j2' dest: '/etc/systemd/system/mariadb.service.d/z00-linuxfabrik.conf' owner: 'root' @@ -368,6 +371,7 @@ - name: 'Deploy {{ mariadb_server__logrotate_path }}' ansible.builtin.template: + backup: true src: 'etc/logrotate.d/mariadb.j2' dest: '{{ mariadb_server__logrotate_path }}' owner: 'root' @@ -590,6 +594,7 @@ - name: 'Deploy /usr/local/bin/mariadb-dump' ansible.builtin.template: + backup: true src: 'usr/local/bin/mariadb-dump.j2' dest: '/usr/local/bin/mariadb-dump' mode: 0o755 diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml index 231166202..4487b320a 100644 --- a/roles/mastodon/tasks/main.yml +++ b/roles/mastodon/tasks/main.yml @@ -13,6 +13,7 @@ - name: 'Deploy {{ mastodon__user_home_directory }}/mastodon.env' ansible.builtin.template: + backup: true src: 'opt/mastodon/mastodon.env.j2' dest: '{{ mastodon__user_home_directory }}/mastodon.env' owner: 'mastodon' diff --git a/roles/minio_client/tasks/main.yml b/roles/minio_client/tasks/main.yml index 21e304ce8..cbf1d2051 100644 --- a/roles/minio_client/tasks/main.yml +++ b/roles/minio_client/tasks/main.yml @@ -44,6 +44,7 @@ - name: 'Deploy /etc/mc/config.json' ansible.builtin.template: + backup: true src: 'etc/mc/config.json.j2' dest: '/etc/mc/config.json' owner: 'root' diff --git a/roles/mirror/tasks/main.yml b/roles/mirror/tasks/main.yml index 9891c8cf2..3a622c8fc 100644 --- a/roles/mirror/tasks/main.yml +++ b/roles/mirror/tasks/main.yml @@ -113,6 +113,7 @@ - name: 'deploy /etc/mirror.yml' ansible.builtin.template: + backup: true src: 'etc/mirror.yml.j2' dest: '/etc/mirror.yml' owner: 'root' diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 72de05eb4..1819c0b0f 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -242,6 +242,7 @@ - name: 'Deploy /etc/mongodb-dump.conf' ansible.builtin.template: + backup: true src: 'etc/mongodb-dump.conf.j2' dest: '/etc/mongodb-dump.conf' owner: 'root' diff --git a/roles/opensearch/tasks/main.yml b/roles/opensearch/tasks/main.yml index 65327945b..d5dfc4d20 100644 --- a/roles/opensearch/tasks/main.yml +++ b/roles/opensearch/tasks/main.yml @@ -23,6 +23,7 @@ - name: 'Deploy /etc/opensearch/{{ __opensearch__installed_version[:1] }}.x-opensearch.yml' ansible.builtin.template: + backup: true src: 'etc/opensearch/{{ __opensearch__installed_version[:1] }}.x-opensearch.yml.j2' dest: '/etc/opensearch/opensearch.yml' owner: 'opensearch' @@ -47,6 +48,7 @@ - name: 'Deploy /etc/sysconfig/opensearch' ansible.builtin.template: + backup: true src: 'etc/sysconfig/opensearch.j2' dest: '/etc/sysconfig/opensearch' owner: 'opensearch' @@ -144,6 +146,7 @@ - name: 'Deploy /etc/opensearch/opensearch-security/internal_users.yml' ansible.builtin.template: + backup: true src: 'etc/opensearch/opensearch-security/internal_users.yml.j2' dest: '/etc/opensearch/opensearch-security/internal_users.yml' owner: 'opensearch' @@ -212,6 +215,7 @@ - name: 'Deploy /tmp/opensearch-certs/config/{{ inventory_hostname }}-tlsconfig.yml' ansible.builtin.template: + backup: true src: 'tmp/opensearch-certs/config/tlsconfig.yml.j2' dest: '/tmp/opensearch-certs/config/{{ inventory_hostname }}-tlsconfig.yml' diff --git a/roles/openvpn_server/tasks/main.yml b/roles/openvpn_server/tasks/main.yml index 292f5ae24..c85f627c7 100644 --- a/roles/openvpn_server/tasks/main.yml +++ b/roles/openvpn_server/tasks/main.yml @@ -30,6 +30,7 @@ - name: 'Deploy client-configs to /etc/openvpn/ccd' ansible.builtin.template: + backup: true src: 'etc/openvpn/ccd/raw.j2' dest: '/etc/openvpn/ccd/{{ item["name"] }}' group: 'openvpn' @@ -39,6 +40,7 @@ - name: 'Deploy /etc/openvpn/server/server.conf' ansible.builtin.template: + backup: true src: 'etc/openvpn/server/server.conf.j2' dest: '/etc/openvpn/server/server.conf' group: 'openvpn' @@ -83,6 +85,7 @@ - name: 'Deploy example client config to /tmp/{{ inventory_hostname }}.conf (on ansible control node)' ansible.builtin.template: + backup: true src: 'tmp/client.conf.j2' dest: '/tmp/{{ inventory_hostname }}.conf' delegate_to: 'localhost' diff --git a/roles/php/tasks/main.yml b/roles/php/tasks/main.yml index c5c211f3e..8642121a9 100644 --- a/roles/php/tasks/main.yml +++ b/roles/php/tasks/main.yml @@ -108,6 +108,7 @@ - name: 'Deploy the PHP configs' ansible.builtin.template: + backup: true src: 'etc/php.d/{{ php__installed_version }}-z00-linuxfabrik.ini.j2' dest: '{{ item }}' owner: 'root' @@ -135,6 +136,7 @@ - name: 'Deploy the pools to {{ php__fpm_pools_path }}' ansible.builtin.template: + backup: true src: 'etc/php-fpm.d/{{ ansible_facts["os_family"] }}-pool.conf.j2' dest: '{{ php__fpm_pools_path }}/{{ item["name"] }}.conf' owner: 'root' diff --git a/roles/podman_containers/tasks/main.yml b/roles/podman_containers/tasks/main.yml index cfe39f0b3..baf6054bb 100644 --- a/roles/podman_containers/tasks/main.yml +++ b/roles/podman_containers/tasks/main.yml @@ -106,6 +106,7 @@ - name: 'Deploy network units' ansible.builtin.template: + backup: true src: 'etc/containers/systemd/network.j2' dest: '{{ (item["user"] is defined and item["user"] | length) | ternary( "/etc/containers/systemd/users/" ~ ansible_facts["getent_passwd"][item["user"]][1], @@ -144,6 +145,7 @@ - name: 'Deploy volume units' ansible.builtin.template: + backup: true src: 'etc/containers/systemd/volume.j2' dest: '{{ (item["user"] is defined and item["user"] | length) | ternary( "/etc/containers/systemd/users/" ~ ansible_facts["getent_passwd"][item["user"]][1], @@ -245,6 +247,7 @@ - name: 'Deploy podman-auto-update.timer.d/z00-linuxfabrik.conf # system' ansible.builtin.template: + backup: true src: 'etc/systemd/system/podman-auto-update.timer.d/z00-linuxfabrik.conf.j2' dest: '/etc/systemd/system/podman-auto-update.timer.d/z00-linuxfabrik.conf' owner: 'root' @@ -258,6 +261,7 @@ - name: 'Deploy podman-auto-update.timer.d/z00-linuxfabrik.conf # user' ansible.builtin.template: + backup: true src: 'etc/systemd/system/podman-auto-update.timer.d/z00-linuxfabrik.conf.j2' dest: '~{{ item["user"] }}/.config/systemd/user/podman-auto-update.timer.d/z00-linuxfabrik.conf' owner: '{{ item["user"] }}' diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml index b8c16a070..13e760a82 100644 --- a/roles/postfix/tasks/main.yml +++ b/roles/postfix/tasks/main.yml @@ -47,6 +47,7 @@ - name: 'Deploy /etc/aliases' ansible.builtin.template: + backup: true src: 'etc/aliases.j2' dest: '/etc/aliases' owner: 'root' @@ -56,6 +57,7 @@ - name: 'Deploy /etc/postfix/canonical' ansible.builtin.template: + backup: true src: 'etc/postfix/canonical.j2' dest: '/etc/postfix/canonical' mode: 0o644 @@ -65,6 +67,7 @@ - name: 'Deploy /etc/postfix/sasl_passwd' ansible.builtin.template: + backup: true src: 'etc/postfix/sasl_passwd.j2' dest: '/etc/postfix/sasl_passwd' owner: 'root' diff --git a/roles/proxysql/tasks/main.yml b/roles/proxysql/tasks/main.yml index a7bbdc3ca..e068b0b93 100644 --- a/roles/proxysql/tasks/main.yml +++ b/roles/proxysql/tasks/main.yml @@ -14,6 +14,7 @@ - name: 'Deploy /etc/proxysql.cnf' ansible.builtin.template: + backup: true src: 'etc/proxysql.cnf.j2' dest: '/etc/proxysql.cnf' owner: 'root' diff --git a/roles/python_venv/tasks/main.yml b/roles/python_venv/tasks/main.yml index 7b8168db6..5326da6ed 100644 --- a/roles/python_venv/tasks/main.yml +++ b/roles/python_venv/tasks/main.yml @@ -16,6 +16,7 @@ - name: 'Deploy /etc/pip.conf' ansible.builtin.template: + backup: true src: 'etc/pip.conf.j2' dest: '/etc/pip.conf' owner: 'root' diff --git a/roles/redis/tasks/main.yml b/roles/redis/tasks/main.yml index a199eee61..8443869dd 100644 --- a/roles/redis/tasks/main.yml +++ b/roles/redis/tasks/main.yml @@ -24,6 +24,7 @@ - name: 'Deploy /etc/redis/redis.conf (v{{ redis__installed_version }})' ansible.builtin.template: + backup: true src: 'etc/redis/{{ redis__installed_version }}-redis.conf.j2' dest: '/etc/redis/redis.conf' owner: 'root' @@ -45,6 +46,7 @@ - name: 'Deploy /etc/systemd/system/{{ redis__service_name }}.d/z00-linuxfabrik.conf.j2' ansible.builtin.template: + backup: true src: 'etc/systemd/system/redis.service.d/z00-linuxfabrik.conf.j2' dest: '/etc/systemd/system/{{ redis__service_name }}.d/z00-linuxfabrik.conf' owner: 'root' diff --git a/roles/repo_baseos/tasks/main.yml b/roles/repo_baseos/tasks/main.yml index 047fe6f91..5efb4cfa2 100644 --- a/roles/repo_baseos/tasks/main.yml +++ b/roles/repo_baseos/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'Deploy the repo files (mirror: {{ repo_baseos__mirror_url | default("") }})' ansible.builtin.template: + backup: true src: '{{ item }}.j2' dest: '/etc/yum.repos.d/{{ item | basename }}' owner: 'root' diff --git a/roles/repo_collabora/tasks/main.yml b/roles/repo_collabora/tasks/main.yml index 635241127..31feeee8f 100644 --- a/roles/repo_collabora/tasks/main.yml +++ b/roles/repo_collabora/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'deploy /etc/yum.repos.d/Collabora.repo (mirror: {{ repo_collabora__mirror_url | default(default) }})' ansible.builtin.template: + backup: true src: 'etc/yum.repos.d/CollaboraOnline.repo.j2' dest: '/etc/yum.repos.d/Collabora.repo' owner: 'root' diff --git a/roles/repo_collabora_code/tasks/main.yml b/roles/repo_collabora_code/tasks/main.yml index 6df3c33ca..052cdf8fd 100644 --- a/roles/repo_collabora_code/tasks/main.yml +++ b/roles/repo_collabora_code/tasks/main.yml @@ -8,6 +8,7 @@ - name: 'deploy /etc/yum.repos.d/Collabora.repo (mirror: {{ repo_collabora_code__mirror_url | default(default) }})' ansible.builtin.template: + backup: true src: 'etc/yum.repos.d/{{ ansible_facts["os_family"] }}{{ ansible_facts["distribution_major_version"] }}-CollaboraOnline_CODE.repo.j2' dest: '/etc/yum.repos.d/Collabora.repo' owner: 'root' diff --git a/roles/repo_debian_base/tasks/main.yml b/roles/repo_debian_base/tasks/main.yml index 603999260..29a1706b5 100644 --- a/roles/repo_debian_base/tasks/main.yml +++ b/roles/repo_debian_base/tasks/main.yml @@ -2,6 +2,7 @@ - name: 'deploy the repo files (mirror: {{ repo_debian_base__mirror_url | default("") }})' ansible.builtin.template: + backup: true src: 'etc/apt/{{ ansible_facts["os_family"] }}{{ ansible_facts["distribution_major_version"] }}-sources.list.j2' dest: '/etc/apt/sources.list' owner: 'root' diff --git a/roles/repo_docker/tasks/main.yml b/roles/repo_docker/tasks/main.yml index 029337f04..4e03f17ba 100644 --- a/roles/repo_docker/tasks/main.yml +++ b/roles/repo_docker/tasks/main.yml @@ -3,6 +3,7 @@ # https://docs.docker.com/engine/install/centos/ - name: 'deploy the Docker CE repo (mirror: {{ repo_docker__mirror_url }})' ansible.builtin.template: + backup: true src: 'etc/yum.repos.d/docker-ce.repo.j2' dest: '/etc/yum.repos.d/docker-ce.repo' owner: 'root' diff --git a/roles/rocketchat/tasks/main.yml b/roles/rocketchat/tasks/main.yml index b9ea09a8e..f9c9a52d9 100644 --- a/roles/rocketchat/tasks/main.yml +++ b/roles/rocketchat/tasks/main.yml @@ -2,6 +2,7 @@ - name: 'Deploy {{ rocketchat__user_home_directory }}/rocketchat.env' ansible.builtin.template: + backup: true src: 'opt/rocketchat/rocketchat.env.j2' dest: '{{ rocketchat__user_home_directory }}/rocketchat.env' owner: 'rocketchat' diff --git a/roles/rsyslog/tasks/main.yml b/roles/rsyslog/tasks/main.yml index 6edaa3ae0..5a7d1229c 100644 --- a/roles/rsyslog/tasks/main.yml +++ b/roles/rsyslog/tasks/main.yml @@ -45,6 +45,7 @@ - name: 'Create conf files in /etc/rsyslog.d/' ansible.builtin.template: + backup: true src: 'etc/rsyslog.d/{{ item["template"]}}.conf.j2' dest: '/etc/rsyslog.d/{{ item["filename"] }}.conf' owner: 'root' diff --git a/roles/snmp/tasks/main.yml b/roles/snmp/tasks/main.yml index 2b5cbed56..ef09bc463 100644 --- a/roles/snmp/tasks/main.yml +++ b/roles/snmp/tasks/main.yml @@ -10,6 +10,7 @@ - name: 'Deploy /etc/snmp/snmpd.conf' ansible.builtin.template: + backup: true src: 'etc/snmp/snmpd.conf.j2' dest: '/etc/snmp/snmpd.conf' owner: 'root' diff --git a/roles/squid/tasks/main.yml b/roles/squid/tasks/main.yml index 2fafa023d..b84364747 100644 --- a/roles/squid/tasks/main.yml +++ b/roles/squid/tasks/main.yml @@ -14,6 +14,7 @@ - name: 'Deploy /etc/squid/squid.conf' ansible.builtin.template: + backup: true src: 'etc/squid/squid.conf.j2' dest: '/etc/squid/squid.conf' owner: 'root' diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 90bad5d5b..3d3a9a155 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'Deploy /etc/ssh/sshd_config' ansible.builtin.template: + backup: true src: '{{ lookup("ansible.builtin.first_found", __task_file) }}' dest: '/etc/ssh/sshd_config' owner: 'root' diff --git a/roles/systemd_journald/tasks/main.yml b/roles/systemd_journald/tasks/main.yml index efd8fc132..d0798917f 100644 --- a/roles/systemd_journald/tasks/main.yml +++ b/roles/systemd_journald/tasks/main.yml @@ -24,6 +24,7 @@ - name: 'Deploy /etc/systemd/journald.conf.d/' ansible.builtin.template: + backup: true src: 'etc/systemd/journald.conf.d/z00-linuxfabrik.conf.j2' dest: '/etc/systemd/journald.conf.d/z00-linuxfabrik.conf' owner: 'root' diff --git a/roles/telegraf/tasks/main.yml b/roles/telegraf/tasks/main.yml index a063e68e9..1808d84be 100644 --- a/roles/telegraf/tasks/main.yml +++ b/roles/telegraf/tasks/main.yml @@ -7,6 +7,7 @@ - name: 'Deploy /etc/telegraf/telegraf.conf' ansible.builtin.template: + backup: true src: 'etc/telegraf/telegraf.conf.j2' dest: '/etc/telegraf/telegraf.conf' owner: 'root' @@ -23,6 +24,7 @@ - name: 'Deploy /etc/telegraf/telegraf.d configs' ansible.builtin.template: + backup: true src: 'etc/telegraf/telegraf.d/{{ item["template"] }}.conf.j2' dest: '/etc/telegraf/telegraf.d/{{ item["filename"] }}.conf' owner: 'root'