From 8264dfeb381f11fd672691e5a44d47d9cfd12e4c Mon Sep 17 00:00:00 2001 From: Viyurz Date: Mon, 7 Oct 2024 15:06:44 +0200 Subject: [PATCH] [python] Add fstab/storagebox --- README.md | 12 ++++++++++++ fstab | 4 ++++ pyenv.yml | 38 +------------------------------------- pysecrets.yml.example | 4 ---- setup.sh | 4 ++-- 5 files changed, 19 insertions(+), 43 deletions(-) create mode 100644 fstab diff --git a/README.md b/README.md index c46c629..b5a165f 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,18 @@ sudo zerossl-bot certonly --nginx -m viyurz@viyurz.fr -d turn.viyurz.fr sudo certbot certonly --nginx -d mail.viyurz.fr ``` +### Storagebox + +Add credential: +``` +/etc/storagebox-cifs-credentials.txt +--- +username=MYUSERNAME +password=MYPASSWORD +``` + +Copy & edit file `fstab`. + ## Secrets Copy the existing `secrets.yml.example` to `secrets.yml`, run `ansible-vault encrypt secrets.yml` to encrypt the file with a password, and finally edit the newly encrypted file with `ansible-vault edit secrets.yml`. diff --git a/fstab b/fstab new file mode 100644 index 0000000..4bd233e --- /dev/null +++ b/fstab @@ -0,0 +1,4 @@ +//USERNAME.your-storagebox.de/backup/backups /mnt/storagebox/backups smb3 uid=0,gid=1000,file_mode=0640,dir_mode=0750,credentials=/etc/storagebox-cifs-credentials.txt,iocharset=utf8,rw,mfsymlinks,vers=3,seal 0 0 +//USERNAME.your-storagebox.de/backup /mnt/storagebox smb3 uid=0,gid=0,file_mode=0640,dir_mode=0755,credentials=/etc/storagebox-cifs-credentials.txt,iocharset=utf8,rw,mfsymlinks,vers=3,seal 0 0 +//USERNAME.your-storagebox.de/backup/syncthing /mnt/storagebox/syncthing smb3 uid=101000,gid=101000,file_mode=0640,dir_mode=0750,credentials=/etc/storagebox-cifs-credentials.txt,iocharset=utf8,rw,mfsymlinks,vers=3,seal 0 0 +//USERNAME.your-storagebox.de/backup/fireshare /mnt/storagebox/fireshare smb3 uid=101006,gid=101006,file_mode=0644,dir_mode=0755,credentials=/etc/storagebox-cifs-credentials.txt,iocharset=utf8,rw,mfsymlinks,vers=3,seal 0 0 diff --git a/pyenv.yml b/pyenv.yml index 263a474..51c218c 100644 --- a/pyenv.yml +++ b/pyenv.yml @@ -20,43 +20,7 @@ socket: "/run/podman/podman.sock" % endif -# cifs_credentials is undefined when we run the backup playbook -# as a cronjob, so set empty default value to prevent errors, -# which is fine because we don't use it. -cifs_host: "{{ cifs_credentials['username'] | default('') }}.your-storagebox.de" - -cifs_mounts: - backups: - src: "//{{ cifs_host }}/backup/backups" - path: /mnt/storagebox/backups - uid: 0 - gid: "{{ host_uid }}" - file_mode: 640 - dir_mode: 750 - fireshare: - src: "//{{ cifs_host }}/backup/fireshare" - path: /mnt/storagebox/fireshare - uid: "{{ users['fireshare'] + uid_shift }}" - gid: "{{ users['fireshare'] + uid_shift }}" - file_mode: 644 - dir_mode: 755 - storagebox: - src: "//{{ cifs_host }}/backup" - path: /mnt/storagebox - uid: 0 - gid: 0 - file_mode: 640 - dir_mode: 751 - syncthing: - src: "//{{ cifs_host }}/backup/syncthing" - path: /mnt/storagebox/syncthing - uid: "{{ users['syncthing'] + uid_shift }}" - gid: "{{ users['syncthing'] + uid_shift }}" - file_mode: 640 - dir_mode: 750 - - -borg_repodir: "{env['cifs_mounts']['backups']['path']}/borg" +borg_repodir: /mnt/storagebox/backups/borg borg_passphrase_file: /etc/borg-passphrase.txt diff --git a/pysecrets.yml.example b/pysecrets.yml.example index 62d5605..0f02580 100644 --- a/pysecrets.yml.example +++ b/pysecrets.yml.example @@ -2,10 +2,6 @@ borg: -cifs: - user: - pass: - diun_webhookurl: diff --git a/setup.sh b/setup.sh index 3445ba5..f75c483 100755 --- a/setup.sh +++ b/setup.sh @@ -15,14 +15,14 @@ declare -a podman_units=(podman.service podman.socket podman-auto-update.service if [[ "$podman_mode" == "rootless" ]]; then - sudo apt install -y aardvark-dns dbus-user-session nftables passt podman podman-compose python3-mako uidmap + sudo apt install -y aardvark-dns cifs-utils dbus-user-session nftables passt podman podman-compose python3-mako uidmap sudo loginctl enable-linger "$USER" sudo systemctl disable --now "${podman_units[@]}" systemctl --user enable --now "${podman_units[@]}" else - sudo apt install -y aardvark-dns nftables podman podman-compose python3-mako + sudo apt install -y aardvark-dns cifs-utils nftables podman podman-compose python3-mako systemctl --user disable --now "${podman_units[@]}" sudo systemctl enable --now "${podman_units[@]}"