feat : utilisation web disponible et simplification du deployement des scripts (WIP)

2026-03-17 13:43:34 +01:00
parent a1fb6f5504
commit 8ef81add14
4 changed files with 72 additions and 45 deletions
--- a/RebuildBdd/Config/Targets/test.env.example
+++ b/RebuildBdd/Config/Targets/test.env.example
@@ -1,38 +1,42 @@
 ###############################################################################
-# config/global.env.example
+# config/targets/test.env.example
 ###############################################################################

-# Defaults d'exécution
-ALLOW_OVERWRITE=no
-RESTORE_ROLES=yes
+# SSH bootstrap cible
+TARGET_HOST=192.168.1.50
+TARGET_PORT=22
+TARGET_BOOTSTRAP_USER=backup_liot
+TARGET_BOOTSTRAP_SSH_KEY=/home/matteo/.ssh/id_ed25519_target_test
+TARGET_RUNTIME_USER=backup_liot

-# Dépôt scripts
-GLOBAL_REPO_URL=git@gitea.example.tld:team/RebuildBdd.git
-GLOBAL_REPO_BRANCH=main
+# Bootstrap
+TARGET_ENABLE_BOOTSTRAP=yes
+TARGET_BOOTSTRAP_ALLOW_PASSWORDLESS_SUDO=yes

-# Backup central
-GLOBAL_BACKUP_REMOTE_USER=backup
-GLOBAL_BACKUP_REMOTE_HOST=192.168.1.60
-GLOBAL_BACKUP_REMOTE_PORT=22
-GLOBAL_BACKUP_REMOTE_BASE_DIR=/home/backup/backups
+# Repo local cible
+TARGET_REPO_DIR=/home/backup_liot/RebuildBdd
+TARGET_ENV_FILE=/home/backup_liot/RebuildBdd/.env

-# Clé SSH de lecture backup copiée sur les cibles
-GLOBAL_BACKUP_SSH_PRIVATE_KEY=/home/matteo/.ssh/id_ed25519_backup_readonly
-GLOBAL_BACKUP_SSH_PUBLIC_KEY=/home/matteo/.ssh/id_ed25519_backup_readonly.pub
-GLOBAL_BACKUP_KNOWN_HOSTS_STRICT=yes
+# PostgreSQL cible
+TARGET_ENV_NAME=RECETTE
+TARGET_PGHOST=127.0.0.1
+TARGET_PGPORT=5432
+TARGET_PGUSER=backup_liot
+TARGET_PGPASSWORD=change_me_pg_password
+TARGET_DBS="sirh inventory ferme"

-# Defaults PostgreSQL
-GLOBAL_PGHOST=127.0.0.1
-GLOBAL_PGPORT=5432
+# Backup cible
+TARGET_BACKUP_SUBDIR=bdd-recette

-# Defaults scripts
-GLOBAL_REMOTE_ROLES_DIR_NAME=user
-GLOBAL_EXCLUDED_RESTORE_ROLES="postgres"
+# Logs / tmp / ssh cible
+TARGET_BACKUP_LOG_DIR=/home/backup_liot/logs/rebuild_bdd
+TARGET_LOCAL_RESTORE_BASE_DIR=/home/backup_liot/RebuildBdd/restore_tmp
+TARGET_SSH_KEY=/home/backup_liot/.ssh/id_ed25519_backup_readonly

-# Defaults bootstrap / cible
-GLOBAL_ENABLE_BOOTSTRAP=yes
-GLOBAL_BOOTSTRAP_ALLOW_PASSWORDLESS_SUDO=yes
-GLOBAL_AUTO_INSTALL_POSTGRES=yes
-GLOBAL_AUTO_CREATE_PGUSER=yes
-GLOBAL_PGUSER_SUPERUSER=no
-GLOBAL_AUTO_CONFIGURE_SUDOERS=no
+# Options cible
+TARGET_REMOTE_ROLES_DIR_NAME=user
+TARGET_EXCLUDED_RESTORE_ROLES="postgres"
+TARGET_AUTO_INSTALL_POSTGRES=yes
+TARGET_AUTO_CREATE_PGUSER=yes
+TARGET_PGUSER_SUPERUSER=no
+TARGET_AUTO_CONFIGURE_SUDOERS=no
--- a/RebuildBdd/bootstrap-target-host.sh
+++ b/RebuildBdd/bootstrap-target-host.sh
@@ -2,9 +2,9 @@
 set -euo pipefail

 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-CONFIG_DIR="${SCRIPT_DIR}/config"
+CONFIG_DIR="${SCRIPT_DIR}/Config"
 GLOBAL_ENV_FILE_DEFAULT="${CONFIG_DIR}/global.env"
-TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets"
+TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets"

 GLOBAL_ENV_FILE="${GLOBAL_ENV_FILE:-$GLOBAL_ENV_FILE_DEFAULT}"
 TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}"
@@ -102,6 +102,36 @@ cleanup() {
 }
 trap cleanup EXIT

+copy_file_to_remote() {
+  local local_file="$1"
+  local remote_final_path="$2"
+  local remote_mode="$3"
+  local remote_parent
+  local remote_tmp
+
+  [[ -f "$local_file" ]] || fail "fichier source introuvable : $local_file"
+  [[ -r "$local_file" ]] || fail "fichier source non lisible : $local_file"
+
+  remote_parent="$(dirname "$remote_final_path")"
+  remote_tmp="/tmp/$(basename "$remote_final_path").$$.$RANDOM.tmp"
+
+  ssh "${SSH_OPTS[@]}" "$REMOTE" "
+    set -euo pipefail
+    mkdir -p $(shell_quote "$remote_parent")
+    test -d $(shell_quote "$remote_parent")
+    test -w $(shell_quote "$remote_parent")
+  " >/dev/null 2>&1 || fail "dossier distant absent ou non inscriptible : $remote_parent"
+
+  scp "${SSH_OPTS[@]}" "$local_file" "${REMOTE}:${remote_tmp}" >/dev/null 2>&1 \
+    || fail "échec de copie temporaire vers ${remote_tmp}"
+
+  ssh "${SSH_OPTS[@]}" "$REMOTE" "
+    set -euo pipefail
+    install -m $(shell_quote "$remote_mode") $(shell_quote "$remote_tmp") $(shell_quote "$remote_final_path")
+    rm -f $(shell_quote "$remote_tmp")
+  " >/dev/null 2>&1 || fail "échec d'installation distante : $remote_final_path"
+}
+
 TARGET_NAME="${CLI_TARGET:-${TARGET_NAME:-}}"
 [[ -n "$TARGET_NAME" ]] || fail "target manquante"

@@ -291,24 +321,17 @@ EXCLUDED_RESTORE_ROLES=$(printf '%s\n' "$TARGET_EXCLUDED_RESTORE_ROLES_VALUE")
 EOF

 log "Copie du .env cible"
-scp "${SSH_OPTS[@]}" "$TMP_ENV_FILE" "${REMOTE}:$(printf '%q' "$TARGET_ENV_FILE_PATH")" >/dev/null 2>&1 \
-  || fail "échec de copie du .env cible"
+copy_file_to_remote "$TMP_ENV_FILE" "$TARGET_ENV_FILE_PATH" "600"

 REMOTE_SSH_DIR="$(dirname "$TARGET_SSH_KEY_VALUE")"
 REMOTE_KNOWN_HOSTS="${REMOTE_SSH_DIR}/known_hosts"

 log "Copie de la clé privée backup sur la cible"
-scp "${SSH_OPTS[@]}" \
-  "$TARGET_BACKUP_SOURCE_SSH_PRIVATE_KEY_VALUE" \
-  "${REMOTE}:$(printf '%q' "$TARGET_SSH_KEY_VALUE")" >/dev/null 2>&1 \
-  || fail "échec de copie de la clé privée backup"
+copy_file_to_remote "$TARGET_BACKUP_SOURCE_SSH_PRIVATE_KEY_VALUE" "$TARGET_SSH_KEY_VALUE" "600"

 if [[ -n "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" ]]; then
  log "Copie de la clé publique backup sur la cible"
-  scp "${SSH_OPTS[@]}" \
-    "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" \
-    "${REMOTE}:$(printf '%q' "${TARGET_SSH_KEY_VALUE}.pub")" >/dev/null 2>&1 \
-    || fail "échec de copie de la clé publique backup"
+  copy_file_to_remote "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" "${TARGET_SSH_KEY_VALUE}.pub" "644"
 fi

 REMOTE_SSH_PERMS_CMD="
--- a/RebuildBdd/create-target-config.sh
+++ b/RebuildBdd/create-target-config.sh
@@ -2,8 +2,8 @@
 set -euo pipefail

 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-CONFIG_DIR="${SCRIPT_DIR}/config"
-TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets"
+CONFIG_DIR="${SCRIPT_DIR}/Config"
+TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets"

 TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}"

--- a/RebuildBdd/run-rebuild-bdd.sh
+++ b/RebuildBdd/run-rebuild-bdd.sh
@@ -2,9 +2,9 @@
 set -euo pipefail

 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-CONFIG_DIR="${SCRIPT_DIR}/config"
+CONFIG_DIR="${SCRIPT_DIR}/Config"
 GLOBAL_ENV_FILE_DEFAULT="${CONFIG_DIR}/global.env"
-TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets"
+TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets"

 GLOBAL_ENV_FILE="${GLOBAL_ENV_FILE:-$GLOBAL_ENV_FILE_DEFAULT}"
 TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}"