Move single ansible playbook to ansible directory

Make ansible playbook properly- use ansible-galaxy init commands.
2022-01-31 13:44:46 -05:00
parent c3ee4cf837
commit 838dad0302
183 changed files with 3232 additions and 0 deletions
--- a/ansible/scripts/btrfs_backup.sh
+++ b/ansible/scripts/btrfs_backup.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+export SOURCE_DIR=${SOURCE_DIR:=root}
+# Fix basename / showing up as "/" -> change to "root"
+if [ $(basename $SOURCE_DIR) = / ]; then
+    export SNAPSHOT_PREFIX=${SNAPSHOT_PREFIX:=root}
+else
+    export SNAPSHOT_PREFIX=${SNAPSHOT_PREFIX:=$(basename $SOURCE_DIR)}
+fi
+# Set snapshot prefix based on basename
+export SNAPSHOT_TIME=$(date +"%y_%m_%d-%H.%M")
+export SNAPSHOT_NAME=$SNAPSHOT_PREFIX-$SNAPSHOT_TIME
+export SNAPSHOT_DIR=${SNAPSHOT_DIR:=/.snapshots}
+export LATEST=$SNAPSHOT_PREFIX-latest
+export BACKUP_DRIVE_MNT=${BACKUP_DRIVE_MNT:=/mnt/backup0}
+export BACKUP_DIR=${BACKUP_DIR:=/mnt/backup0/DucoBacktop}
+
+# Show snapshot settings
+echo "SOURCE_DIR: $SOURCE_DIR"
+echo "SNAPSHOT_PREFIX: $SNAPSHOT_PREFIX"
+echo "SNAPSHOT_TIME: $SNAPSHOT_TIME"
+echo "SNAPSHOT_NAME: $SNAPSHOT_NAME"
+echo "SNAPSHOT_DIR: $SNAPSHOT_DIR"
+echo "LATEST: $LATEST"
+echo "BACKUP_DRIVE_MNT: $BACKUP_DRIVE_MNT"
+echo "BACKUP_DIR: $BACKUP_DIR"
+
+# Create readonly snapshot
+btrfs subvolume snapshot -r $SOURCE_DIR $SNAPSHOT_DIR/$SNAPSHOT_NAME
+
+# Check if backup disk is mounted
+mount $BACKUP_DRIVE_MNT
+mountpoint $BACKUP_DRIVE_MNT
+
+if [ $? = 0 ]; then
+    if [ -d $BACKUP_DIR/$LATEST ]; then
+        btrfs send -p $SNAPSHOT_DIR/$LATEST $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR
+    else
+        btrfs send $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR
+    fi
+
+    # Update latest in snapshot dir
+    rm -f $SNAPSHOT_DIR/$LATEST
+    ln -s $SNAPSHOT_DIR/$SNAPSHOT_NAME $SNAPSHOT_DIR/$LATEST
+    
+    # Update latest in backup dir
+    rm -f $BACKUP_DIR/$LATEST
+    ln -s $BACKUP_DIR/$SNAPSHOT_NAME $BACKUP_DIR/$LATEST
+else
+    echo "Backup location $BACKUP_DRIVE_MNT not mounted. Snapshot $SNAPSHOT_NAME not synced"
+fi
--- a/ansible/scripts/mkkeys.sh
+++ b/ansible/scripts/mkkeys.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+# Copyright (c) 2015 by Roderick W. Smith
+# Licensed under the terms of the GPL v3
+
+echo -n "Enter a Common Name to embed in the keys: "
+read NAME
+
+openssl req -new -x509 -newkey rsa:2048 -subj "/CN=$NAME PK/" -keyout PK.key \
+        -out PK.crt -days 3650 -nodes -sha256
+openssl req -new -x509 -newkey rsa:2048 -subj "/CN=$NAME KEK/" -keyout KEK.key \
+        -out KEK.crt -days 3650 -nodes -sha256
+openssl req -new -x509 -newkey rsa:2048 -subj "/CN=$NAME DB/" -keyout DB.key \
+        -out DB.crt -days 3650 -nodes -sha256
+openssl x509 -in PK.crt -out PK.cer -outform DER
+openssl x509 -in KEK.crt -out KEK.cer -outform DER
+openssl x509 -in DB.crt -out DB.cer -outform DER
+
+GUID=`python3 -c 'import uuid; print(str(uuid.uuid1()))'`
+echo $GUID > myGUID.txt
+
+cert-to-efi-sig-list -g $GUID PK.crt PK.esl
+cert-to-efi-sig-list -g $GUID KEK.crt KEK.esl
+cert-to-efi-sig-list -g $GUID DB.crt DB.esl
+rm -f noPK.esl
+touch noPK.esl
+
+sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
+                  -k PK.key -c PK.crt PK PK.esl PK.auth
+sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
+                  -k PK.key -c PK.crt PK noPK.esl noPK.auth
+sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
+                  -k PK.key -c PK.crt KEK KEK.esl KEK.auth
+sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
+                  -k KEK.key -c KEK.crt db DB.esl DB.auth
+
+chmod 0600 *.key
+
+echo ""
+echo ""
+echo "For use with KeyTool, copy the *.auth and *.esl files to a FAT USB"
+echo "flash drive or to your EFI System Partition (ESP)."
+echo "For use with most UEFIs' built-in key managers, copy the *.cer files;"
+echo "but some UEFIs require the *.auth files."
+echo ""