From 9080b3751ba685e30e51c7610d7631eb1be708a0 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 20 Mar 2024 14:51:58 +0100 Subject: [PATCH 01/18] feat(tls): add tls encryption variables --- defaults/main.yml | 9 +++++++++ templates/bareos-dir.conf.j2 | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index d5c21ac..dff3c83 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -30,6 +30,15 @@ bareos_dir_tls_enable: yes # Verify the peer. bareos_dir_tls_verify_peer: no +# The path of the CA certificate file. +bareos_dir_ca_cert: "/etc/bareos/bareosCA.pem" + +# The path of the client certificate of the director +bareos_dir_client_cert: "/etc/bareos/director.pem" + +# The path of the client certificate key of the director +bareos_dir_client_key: "/etc/bareos/director.key" + # A list of catalogs to configure. bareos_dir_catalogs: [] diff --git a/templates/bareos-dir.conf.j2 b/templates/bareos-dir.conf.j2 index 3e62985..da20ec4 100644 --- a/templates/bareos-dir.conf.j2 +++ b/templates/bareos-dir.conf.j2 @@ -18,4 +18,13 @@ Director { Plugin Names = "{{ bareos_dir_plugin_name }}" Plugin Directory = "{{ bareos_dir_plugin_dir }}" {% endif %} +{% if bareos_dir_ca_cert is defined %} + TLS CA Certificate File = "{{ bareos_dir_ca_cert }}" +{% endif %} +{% if bareos_dir_client_cert is defined %} + TLS Certificate = "{{ bareos_dir_client_cert }}" +{% endif %} +{% if bareos_dir_client_key is defined %} + TLS Key = "{{ bareos_dir_client_key }}" +{% endif %} } From b50da94aa647c40e9a6c667de828775ac432114f Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 30 Apr 2024 16:59:10 +0200 Subject: [PATCH 02/18] feat: removed static file names --- defaults/main.yml | 6 +++--- templates/bareos-dir.conf.j2 | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index dff3c83..9b5a0e5 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,13 +31,13 @@ bareos_dir_tls_enable: yes bareos_dir_tls_verify_peer: no # The path of the CA certificate file. -bareos_dir_ca_cert: "/etc/bareos/bareosCA.pem" +bareos_dir_tls_ca_cert: "" # The path of the client certificate of the director -bareos_dir_client_cert: "/etc/bareos/director.pem" +bareos_dir_tls_cert: "" # The path of the client certificate key of the director -bareos_dir_client_key: "/etc/bareos/director.key" +bareos_dir_tls_cert_key: "" # A list of catalogs to configure. bareos_dir_catalogs: [] diff --git a/templates/bareos-dir.conf.j2 b/templates/bareos-dir.conf.j2 index da20ec4..f371478 100644 --- a/templates/bareos-dir.conf.j2 +++ b/templates/bareos-dir.conf.j2 @@ -18,13 +18,13 @@ Director { Plugin Names = "{{ bareos_dir_plugin_name }}" Plugin Directory = "{{ bareos_dir_plugin_dir }}" {% endif %} -{% if bareos_dir_ca_cert is defined %} - TLS CA Certificate File = "{{ bareos_dir_ca_cert }}" +{% if bareos_dir_tls_ca_cert is defined and bareos_dir_tls_ca_cert != "" %} + TLS CA Certificate File = "{{ bareos_dir_tls_ca_cert }}" {% endif %} -{% if bareos_dir_client_cert is defined %} - TLS Certificate = "{{ bareos_dir_client_cert }}" +{% if bareos_dir_tls_cert is defined and bareos_dir_tls_cert != "" %} + TLS Certificate = "{{ bareos_dir_tls_cert }}" {% endif %} -{% if bareos_dir_client_key is defined %} - TLS Key = "{{ bareos_dir_client_key }}" +{% if bareos_dir_tls_cert_key is defined and bareos_dir_tls_cert_key != "" %} + TLS Key = "{{ bareos_dir_tls_cert_key }}" {% endif %} } From f62d4290684189139d1cc008fc3cf12ec9ab44d2 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 30 Apr 2024 16:59:38 +0200 Subject: [PATCH 03/18] feat: add TLS certificate copy task --- tasks/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index 31e184d..a53d422 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -53,6 +53,21 @@ - name: Run handlers ansible.builtin.meta: flush_handlers +- name: Place TLS certificates + ansible.builtin.copy: + src: "{{ item.src }}" + dest: "{{ item.dst }}" + owner: bareos + group: bareos + mode: "0640" + backup: "{{ bareos_dir_backup_configurations }}" + loop: + - { src: "ca.pem", dst: "{{ bareos_dir_tls_ca_cert }}" } + - { src: "director.pem", dst: "{{ bareos_dir_tls_cert }}" } + - { src: "director.key", dst: "{{ bareos_dir_tls_cert_key }}" } + when: + - bareos_dir_tls_enable == "yes" + - name: Place bareos-dir.conf ansible.builtin.template: src: bareos-dir.conf.j2 From 99c581e866f4d22fc88183e0b1132333b360ee00 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:28:01 +0200 Subject: [PATCH 04/18] feat: added biased certificate paths --- defaults/main.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index dff3c83..c50b1a5 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,13 +31,19 @@ bareos_dir_tls_enable: yes bareos_dir_tls_verify_peer: no # The path of the CA certificate file. -bareos_dir_ca_cert: "/etc/bareos/bareosCA.pem" +bareos_dir_ca_cert: + src: "" + dest: "/etc/bareos/bareosCA.pem" # The path of the client certificate of the director -bareos_dir_client_cert: "/etc/bareos/director.pem" +bareos_dir_client_cert: + src: "" + dest: "/etc/bareos/director.pem" # The path of the client certificate key of the director -bareos_dir_client_key: "/etc/bareos/director.key" +: "/etc/bareos/director.key" + src: "" + dest: "/etc/bareos/director.key" # A list of catalogs to configure. bareos_dir_catalogs: [] From 15a87df691db255686cec31bc51111a6801ca724 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:28:11 +0200 Subject: [PATCH 05/18] chore: updated variables --- meta/argument_specs.yml | 9 +++++++++ tasks/assert.yml | 18 ++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/meta/argument_specs.yml b/meta/argument_specs.yml index 50ac6db..3abf718 100644 --- a/meta/argument_specs.yml +++ b/meta/argument_specs.yml @@ -39,6 +39,15 @@ argument_specs: type: "bool" default: no description: "Verify the peer." + bareos_dir_tls_ca_cert: + type: "str" + description: "The CA Certificate for the Director" + bareos_dir_tls_cert: + type: "str" + description: "The TLS certificate of the director" + bareos_dir_tls_cert_key: + type: "str" + description: "The TLS certificate key of the director" bareos_dir_catalogs: type: "list" default: [] diff --git a/tasks/assert.yml b/tasks/assert.yml index 11f933d..6c77373 100644 --- a/tasks/assert.yml +++ b/tasks/assert.yml @@ -60,6 +60,24 @@ - bareos_dir_tls_verify_peer is boolean quiet: true +- name: assert | Test bareos_dir_tls_ca_cert + ansible.builtin.assert: + that: + - bareos_dir_tls_ca_cert is defined + - bareos_dir_tls_ca_cert is string + +- name: assert | Test bareos_dir_tls_cert + ansible.builtin.assert: + that: + - bareos_dir_tls_cert is defined + - bareos_dir_tls_cert is string + +- name: assert | Test bareos_dir_tls_cert_key + ansible.builtin.assert: + that: + - bareos_dir_tls_cert_key is defined + - bareos_dir_tls_cert_key is string + - name: assert | Test bareos_dir_catalogs ansible.builtin.assert: that: From c6c05f5d5d93b36e546b26040fe608535ebd4e73 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:43:23 +0200 Subject: [PATCH 06/18] feat: added place tls cert task --- tasks/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index 31e184d..a53d422 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -53,6 +53,21 @@ - name: Run handlers ansible.builtin.meta: flush_handlers +- name: Place TLS certificates + ansible.builtin.copy: + src: "{{ item.src }}" + dest: "{{ item.dst }}" + owner: bareos + group: bareos + mode: "0640" + backup: "{{ bareos_dir_backup_configurations }}" + loop: + - { src: "ca.pem", dst: "{{ bareos_dir_tls_ca_cert }}" } + - { src: "director.pem", dst: "{{ bareos_dir_tls_cert }}" } + - { src: "director.key", dst: "{{ bareos_dir_tls_cert_key }}" } + when: + - bareos_dir_tls_enable == "yes" + - name: Place bareos-dir.conf ansible.builtin.template: src: bareos-dir.conf.j2 From 0da687565017e14b62e9ae3fe9876239aa0e9b93 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:46:39 +0200 Subject: [PATCH 07/18] chore: removed typo --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index c50b1a5..23cf026 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -41,7 +41,7 @@ bareos_dir_client_cert: dest: "/etc/bareos/director.pem" # The path of the client certificate key of the director -: "/etc/bareos/director.key" +"/etc/bareos/director.key" src: "" dest: "/etc/bareos/director.key" From e44e07c8a2a7a951ded649f3c29a4f6e0b323002 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:46:57 +0200 Subject: [PATCH 08/18] feat: updated to new looping / variable structure --- tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index a53d422..2acd4f0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -56,15 +56,15 @@ - name: Place TLS certificates ansible.builtin.copy: src: "{{ item.src }}" - dest: "{{ item.dst }}" + dest: "{{ item.dest }}" owner: bareos group: bareos mode: "0640" backup: "{{ bareos_dir_backup_configurations }}" loop: - - { src: "ca.pem", dst: "{{ bareos_dir_tls_ca_cert }}" } - - { src: "director.pem", dst: "{{ bareos_dir_tls_cert }}" } - - { src: "director.key", dst: "{{ bareos_dir_tls_cert_key }}" } + - bareos_dir_tls_ca_cert + - bareos_dir_tls_cert + - bareos_dir_tls_cert_key when: - bareos_dir_tls_enable == "yes" From 20e14a19983a20fd94816eb14da418dea947e8d9 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:47:43 +0200 Subject: [PATCH 09/18] feat: removed boolean string comparison --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 2acd4f0..8a1b742 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -66,7 +66,7 @@ - bareos_dir_tls_cert - bareos_dir_tls_cert_key when: - - bareos_dir_tls_enable == "yes" + - bareos_dir_tls_enable - name: Place bareos-dir.conf ansible.builtin.template: From 47a902d8d62bb3d490a57da2f2e841a393bb3c1e Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:52:42 +0200 Subject: [PATCH 10/18] chore: updated variable names --- defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 23cf026..71c5d6b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -36,12 +36,12 @@ bareos_dir_ca_cert: dest: "/etc/bareos/bareosCA.pem" # The path of the client certificate of the director -bareos_dir_client_cert: +bareos_dir_tls_cert: src: "" dest: "/etc/bareos/director.pem" # The path of the client certificate key of the director -"/etc/bareos/director.key" +bareos_dir_tls_cert_key: src: "" dest: "/etc/bareos/director.key" From 22eba19ee4529b4c9b3124910b2c2b97b3f54ab1 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Wed, 19 Jun 2024 16:54:31 +0200 Subject: [PATCH 11/18] chore: unify indendation --- meta/argument_specs.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/meta/argument_specs.yml b/meta/argument_specs.yml index 3abf718..31d75cb 100644 --- a/meta/argument_specs.yml +++ b/meta/argument_specs.yml @@ -40,14 +40,14 @@ argument_specs: default: no description: "Verify the peer." bareos_dir_tls_ca_cert: - type: "str" - description: "The CA Certificate for the Director" + type: "str" + description: "The CA Certificate for the Director" bareos_dir_tls_cert: - type: "str" - description: "The TLS certificate of the director" + type: "str" + description: "The TLS certificate of the director" bareos_dir_tls_cert_key: - type: "str" - description: "The TLS certificate key of the director" + type: "str" + description: "The TLS certificate key of the director" bareos_dir_catalogs: type: "list" default: [] From b40ea5621a7155c77dcf3dd452fb4becd850393d Mon Sep 17 00:00:00 2001 From: Joel Joos <45602122+JoelJoos@users.noreply.github.com> Date: Tue, 2 Jul 2024 11:18:35 +0200 Subject: [PATCH 12/18] Update tasks/main.yml Co-authored-by: adf-patrickha <84573341+adf-patrickha@users.noreply.github.com> --- tasks/main.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 8a1b742..8756455 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -62,11 +62,16 @@ mode: "0640" backup: "{{ bareos_dir_backup_configurations }}" loop: - - bareos_dir_tls_ca_cert - - bareos_dir_tls_cert - - bareos_dir_tls_cert_key + - src: bareos_dir_tls_ca_cert_src + dest: bareos_dir_tls_ca_cert_dest + - src: bareos_dir_tls_cert_src + dest: bareos_dir_tls_cert_dest + - src: bareos_dir_tls_cert_key_src + dest: bareos_dir_tls_cert_key_dest when: - bareos_dir_tls_enable + - item.src != "" + - item.dest != "" - name: Place bareos-dir.conf ansible.builtin.template: From 0157a9906149885cc9423db0cdbd4d74290e9099 Mon Sep 17 00:00:00 2001 From: Joel Joos <45602122+JoelJoos@users.noreply.github.com> Date: Tue, 2 Jul 2024 11:18:50 +0200 Subject: [PATCH 13/18] Update defaults/main.yml Co-authored-by: adf-patrickha <84573341+adf-patrickha@users.noreply.github.com> --- defaults/main.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 71c5d6b..368d527 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,19 +31,16 @@ bareos_dir_tls_enable: yes bareos_dir_tls_verify_peer: no # The path of the CA certificate file. -bareos_dir_ca_cert: - src: "" - dest: "/etc/bareos/bareosCA.pem" +bareos_dir_ca_cert_src: "" +bareos_dir_ca_cert_dest: "/etc/bareos/bareosCA.pem" # The path of the client certificate of the director -bareos_dir_tls_cert: - src: "" - dest: "/etc/bareos/director.pem" +bareos_dir_tls_cert_src: "" +bareos_dir_tls_cert_dest: "/etc/bareos/director.pem" # The path of the client certificate key of the director -bareos_dir_tls_cert_key: - src: "" - dest: "/etc/bareos/director.key" +bareos_dir_tls_cert_key_src: "" +bareos_dir_tls_cert_key_dest: "/etc/bareos/director.key" # A list of catalogs to configure. bareos_dir_catalogs: [] From 8bac87ca09b214df3b31db42d0d0f1d8e711ebe5 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 2 Jul 2024 11:20:46 +0200 Subject: [PATCH 14/18] feat: added new src / dest variables --- defaults/main.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 71c5d6b..8650d0f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,19 +31,16 @@ bareos_dir_tls_enable: yes bareos_dir_tls_verify_peer: no # The path of the CA certificate file. -bareos_dir_ca_cert: - src: "" - dest: "/etc/bareos/bareosCA.pem" +bareos_dir_tls_ca_cert_src: "" +bareos_dir_tls_ca_cert_dest: "/etc/bareos/bareosCA.pem" # The path of the client certificate of the director -bareos_dir_tls_cert: - src: "" - dest: "/etc/bareos/director.pem" +bareos_dir_tls_cert_src: "" +bareos_dir_tls_cert_dest: "/etc/bareos/director.pem" # The path of the client certificate key of the director -bareos_dir_tls_cert_key: - src: "" - dest: "/etc/bareos/director.key" +bareos_dir_tls_cert_key_src: "" +bareos_dir_tls_cert_key_dest: "/etc/bareos/director.key" # A list of catalogs to configure. bareos_dir_catalogs: [] From 6db1c9c1fa6f9f634381e40c412d79913787de5e Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 2 Jul 2024 11:22:18 +0200 Subject: [PATCH 15/18] feat: added new vars --- tasks/assert.yml | 109 ++++++++++++++++++++--------------- templates/bareos-dir.conf.j2 | 12 ++-- 2 files changed, 69 insertions(+), 52 deletions(-) diff --git a/tasks/assert.yml b/tasks/assert.yml index 6c77373..2b6539c 100644 --- a/tasks/assert.yml +++ b/tasks/assert.yml @@ -60,104 +60,121 @@ - bareos_dir_tls_verify_peer is boolean quiet: true -- name: assert | Test bareos_dir_tls_ca_cert +- name: assert | Test bareos_dir_tls_ca_cert_src ansible.builtin.assert: that: - - bareos_dir_tls_ca_cert is defined - - bareos_dir_tls_ca_cert is string + - bareos_dir_tls_ca_cert_src is defined + - bareos_dir_tls_ca_cert_src is string -- name: assert | Test bareos_dir_tls_cert +- name: assert | Test bareos_dir_tls_ca_cert_dest ansible.builtin.assert: that: - - bareos_dir_tls_cert is defined - - bareos_dir_tls_cert is string + - bareos_dir_tls_ca_cert_dest is defined + - bareos_dir_tls_ca_cert_dest is string -- name: assert | Test bareos_dir_tls_cert_key +- name: assert | Test bareos_dir_tls_cert_src ansible.builtin.assert: that: - - bareos_dir_tls_cert_key is defined - - bareos_dir_tls_cert_key is string + - bareos_dir_tls_cert_src is defined + - bareos_dir_tls_cert_src is string -- name: assert | Test bareos_dir_catalogs +- name: assert | Test bareos_dir_tls_cert_dest ansible.builtin.assert: that: - - bareos_dir_catalogs is defined - - bareos_dir_catalogs is iterable - quiet: true + - bareos_dir_tls_cert_dest is defined + - bareos_dir_tls_cert_dest is string -- name: assert | Test bareos_dir_consoles +- name: assert | Test bareos_dir_tls_cert_key_src ansible.builtin.assert: that: - - bareos_dir_consoles is defined - - bareos_dir_consoles is iterable + - bareos_dir_tls_cert_key_src is defined + - bareos_dir_tls_cert_key_src is string + +- name: assert | Test bareos_dir_tls_cert_key_dest + ansible.builtin.assert: + that: + - bareos_dir_tls_cert_key_dest is defined + - bareos_dir_tls_cert_key_dest is string + +- name: assert | Test bareos_dir_pools + ansible.builtin.assert: + that: + - bareos_dir_pools is defined + - bareos_dir_pools is iterable quiet: true -- name: assert | Test bareos_dir_clients +- name: assert | Test bareos_dir_profiles ansible.builtin.assert: that: - - bareos_dir_clients is defined - - bareos_dir_clients is iterable + - bareos_dir_profiles is defined + - bareos_dir_profiles is iterable quiet: true -- name: assert | Test bareos_dir_filesets +- name: assert | Test bareos_dir_schedules ansible.builtin.assert: that: - - bareos_dir_filesets is defined - - bareos_dir_filesets is iterable + - bareos_dir_schedules is defined + - bareos_dir_schedules is iterable quiet: true -- name: assert | Test bareos_dir_jobdefs +- name: assert | Test bareos_dir_storages ansible.builtin.assert: that: - - bareos_dir_jobdefs is defined - - bareos_dir_jobdefs is iterable + - bareos_dir_storages is defined + - bareos_dir_storages is iterable quiet: true -- name: assert | Test bareos_dir_jobs +- name: assert | Test bareos_dir_install_debug_packages ansible.builtin.assert: that: - - bareos_dir_jobs is defined - - bareos_dir_jobs is iterable + - bareos_dir_install_debug_packages is defined + - bareos_dir_install_debug_packages is boolean quiet: true -- name: assert | Test bareos_dir_messages + +- name: assert | Test bareos_dir_catalogs ansible.builtin.assert: that: - - bareos_dir_messages is defined - - bareos_dir_messages is iterable + - bareos_dir_catalogs is defined + - bareos_dir_catalogs is iterable quiet: true -- name: assert | Test bareos_dir_pools +- name: assert | Test bareos_dir_consoles ansible.builtin.assert: that: - - bareos_dir_pools is defined - - bareos_dir_pools is iterable + - bareos_dir_consoles is defined + - bareos_dir_consoles is iterable quiet: true -- name: assert | Test bareos_dir_profiles +- name: assert | Test bareos_dir_clients ansible.builtin.assert: that: - - bareos_dir_profiles is defined - - bareos_dir_profiles is iterable + - bareos_dir_clients is defined + - bareos_dir_clients is iterable quiet: true -- name: assert | Test bareos_dir_schedules +- name: assert | Test bareos_dir_filesets ansible.builtin.assert: that: - - bareos_dir_schedules is defined - - bareos_dir_schedules is iterable + - bareos_dir_filesets is defined + - bareos_dir_filesets is iterable quiet: true -- name: assert | Test bareos_dir_storages +- name: assert | Test bareos_dir_jobdefs ansible.builtin.assert: that: - - bareos_dir_storages is defined - - bareos_dir_storages is iterable + - bareos_dir_jobdefs is defined + - bareos_dir_jobdefs is iterable quiet: true -- name: assert | Test bareos_dir_install_debug_packages +- name: assert | Test bareos_dir_jobs ansible.builtin.assert: that: - - bareos_dir_install_debug_packages is defined - - bareos_dir_install_debug_packages is boolean + - bareos_dir_jobs is defined + - bareos_dir_jobs is iterable quiet: true + +- name: assert | Test bareos_dir_messages + ansible.builtin.assert: + that: + - bareos_dir_messages is defined \ No newline at end of file diff --git a/templates/bareos-dir.conf.j2 b/templates/bareos-dir.conf.j2 index f371478..e6a12f1 100644 --- a/templates/bareos-dir.conf.j2 +++ b/templates/bareos-dir.conf.j2 @@ -18,13 +18,13 @@ Director { Plugin Names = "{{ bareos_dir_plugin_name }}" Plugin Directory = "{{ bareos_dir_plugin_dir }}" {% endif %} -{% if bareos_dir_tls_ca_cert is defined and bareos_dir_tls_ca_cert != "" %} - TLS CA Certificate File = "{{ bareos_dir_tls_ca_cert }}" +{% if bareos_dir_tls_ca_cert_dest is defined and bareos_dir_tls_ca_cert_dest != "" %} + TLS CA Certificate File = "{{ bareos_dir_tls_ca_cert_dest }}" {% endif %} -{% if bareos_dir_tls_cert is defined and bareos_dir_tls_cert != "" %} - TLS Certificate = "{{ bareos_dir_tls_cert }}" +{% if bareos_dir_tls_cert_dest is defined and bareos_dir_tls_cert_dest != "" %} + TLS Certificate = "{{ bareos_dir_tls_cert_dest }}" {% endif %} -{% if bareos_dir_tls_cert_key is defined and bareos_dir_tls_cert_key != "" %} - TLS Key = "{{ bareos_dir_tls_cert_key }}" +{% if bareos_dir_tls_cert_key_dest is defined and bareos_dir_tls_cert_key_dest != "" %} + TLS Key = "{{ bareos_dir_tls_cert_key_dest }}" {% endif %} } From 357970deb3c47af5859fb925b8c7a484021c0438 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 2 Jul 2024 11:25:11 +0200 Subject: [PATCH 16/18] feat: changed to new var names --- meta/argument_specs.yml | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/meta/argument_specs.yml b/meta/argument_specs.yml index 31d75cb..e526288 100644 --- a/meta/argument_specs.yml +++ b/meta/argument_specs.yml @@ -39,15 +39,24 @@ argument_specs: type: "bool" default: no description: "Verify the peer." - bareos_dir_tls_ca_cert: + bareos_dir_tls_ca_cert_src: type: "str" - description: "The CA Certificate for the Director" - bareos_dir_tls_cert: + description: "The CA Certificate for the Director (src)" + bareos_dir_tls_ca_cert_dest: type: "str" - description: "The TLS certificate of the director" - bareos_dir_tls_cert_key: + description: "The CA Certificate for the Director (dest)" + bareos_dir_tls_cert_src: type: "str" - description: "The TLS certificate key of the director" + description: "The TLS certificate of the director (src)" + bareos_dir_tls_cert_dest: + type: "str" + description: "The TLS certificate of the director (dest)" + bareos_dir_tls_cert_key_src: + type: "str" + description: "The TLS certificate key of the director (src)" + bareos_dir_tls_cert_key_dest: + type: "str" + description: "The TLS certificate key of the director (dest)" bareos_dir_catalogs: type: "list" default: [] From fe6c7884ad5de2cb6aed330b5ba31ecab4237ed9 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 2 Jul 2024 11:36:30 +0200 Subject: [PATCH 17/18] chore: added newline --- tasks/assert.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/assert.yml b/tasks/assert.yml index 2b6539c..c0377c6 100644 --- a/tasks/assert.yml +++ b/tasks/assert.yml @@ -177,4 +177,4 @@ - name: assert | Test bareos_dir_messages ansible.builtin.assert: that: - - bareos_dir_messages is defined \ No newline at end of file + - bareos_dir_messages is defined From f97bf6d233381b0883f940771f45fb1ad00de939 Mon Sep 17 00:00:00 2001 From: Joel Joos Date: Tue, 2 Jul 2024 11:45:13 +0200 Subject: [PATCH 18/18] feat: added new conditionals for TLS cert placing --- tasks/main.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 8756455..4a10bc0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -70,8 +70,10 @@ dest: bareos_dir_tls_cert_key_dest when: - bareos_dir_tls_enable - - item.src != "" - - item.dest != "" + - bareos_dir_tls_enable + - bareos_dir_tls_ca_cert.src != "" + - bareos_dir_tls_cert.src != "" + - bareos_dir_tls_cert_key.src != "" - name: Place bareos-dir.conf ansible.builtin.template: