From 8ef81add148f2c6671dd2394c842c618a9e69312 Mon Sep 17 00:00:00 2001 From: Matteo Date: Tue, 17 Mar 2026 13:43:34 +0100 Subject: [PATCH] feat : utilisation web disponible et simplification du deployement des scripts (WIP) --- RebuildBdd/Config/Targets/test.env.example | 62 ++++++++++++---------- RebuildBdd/bootstrap-target-host.sh | 47 +++++++++++----- RebuildBdd/create-target-config.sh | 4 +- RebuildBdd/run-rebuild-bdd.sh | 4 +- 4 files changed, 72 insertions(+), 45 deletions(-) diff --git a/RebuildBdd/Config/Targets/test.env.example b/RebuildBdd/Config/Targets/test.env.example index ff66962..8244082 100644 --- a/RebuildBdd/Config/Targets/test.env.example +++ b/RebuildBdd/Config/Targets/test.env.example @@ -1,38 +1,42 @@ ############################################################################### -# config/global.env.example +# config/targets/test.env.example ############################################################################### -# Defaults d'exécution -ALLOW_OVERWRITE=no -RESTORE_ROLES=yes +# SSH bootstrap cible +TARGET_HOST=192.168.1.50 +TARGET_PORT=22 +TARGET_BOOTSTRAP_USER=backup_liot +TARGET_BOOTSTRAP_SSH_KEY=/home/matteo/.ssh/id_ed25519_target_test +TARGET_RUNTIME_USER=backup_liot -# Dépôt scripts -GLOBAL_REPO_URL=git@gitea.example.tld:team/RebuildBdd.git -GLOBAL_REPO_BRANCH=main +# Bootstrap +TARGET_ENABLE_BOOTSTRAP=yes +TARGET_BOOTSTRAP_ALLOW_PASSWORDLESS_SUDO=yes -# Backup central -GLOBAL_BACKUP_REMOTE_USER=backup -GLOBAL_BACKUP_REMOTE_HOST=192.168.1.60 -GLOBAL_BACKUP_REMOTE_PORT=22 -GLOBAL_BACKUP_REMOTE_BASE_DIR=/home/backup/backups +# Repo local cible +TARGET_REPO_DIR=/home/backup_liot/RebuildBdd +TARGET_ENV_FILE=/home/backup_liot/RebuildBdd/.env -# Clé SSH de lecture backup copiée sur les cibles -GLOBAL_BACKUP_SSH_PRIVATE_KEY=/home/matteo/.ssh/id_ed25519_backup_readonly -GLOBAL_BACKUP_SSH_PUBLIC_KEY=/home/matteo/.ssh/id_ed25519_backup_readonly.pub -GLOBAL_BACKUP_KNOWN_HOSTS_STRICT=yes +# PostgreSQL cible +TARGET_ENV_NAME=RECETTE +TARGET_PGHOST=127.0.0.1 +TARGET_PGPORT=5432 +TARGET_PGUSER=backup_liot +TARGET_PGPASSWORD=change_me_pg_password +TARGET_DBS="sirh inventory ferme" -# Defaults PostgreSQL -GLOBAL_PGHOST=127.0.0.1 -GLOBAL_PGPORT=5432 +# Backup cible +TARGET_BACKUP_SUBDIR=bdd-recette -# Defaults scripts -GLOBAL_REMOTE_ROLES_DIR_NAME=user -GLOBAL_EXCLUDED_RESTORE_ROLES="postgres" +# Logs / tmp / ssh cible +TARGET_BACKUP_LOG_DIR=/home/backup_liot/logs/rebuild_bdd +TARGET_LOCAL_RESTORE_BASE_DIR=/home/backup_liot/RebuildBdd/restore_tmp +TARGET_SSH_KEY=/home/backup_liot/.ssh/id_ed25519_backup_readonly -# Defaults bootstrap / cible -GLOBAL_ENABLE_BOOTSTRAP=yes -GLOBAL_BOOTSTRAP_ALLOW_PASSWORDLESS_SUDO=yes -GLOBAL_AUTO_INSTALL_POSTGRES=yes -GLOBAL_AUTO_CREATE_PGUSER=yes -GLOBAL_PGUSER_SUPERUSER=no -GLOBAL_AUTO_CONFIGURE_SUDOERS=no \ No newline at end of file +# Options cible +TARGET_REMOTE_ROLES_DIR_NAME=user +TARGET_EXCLUDED_RESTORE_ROLES="postgres" +TARGET_AUTO_INSTALL_POSTGRES=yes +TARGET_AUTO_CREATE_PGUSER=yes +TARGET_PGUSER_SUPERUSER=no +TARGET_AUTO_CONFIGURE_SUDOERS=no \ No newline at end of file diff --git a/RebuildBdd/bootstrap-target-host.sh b/RebuildBdd/bootstrap-target-host.sh index 9181ad3..e030f8b 100755 --- a/RebuildBdd/bootstrap-target-host.sh +++ b/RebuildBdd/bootstrap-target-host.sh @@ -2,9 +2,9 @@ set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -CONFIG_DIR="${SCRIPT_DIR}/config" +CONFIG_DIR="${SCRIPT_DIR}/Config" GLOBAL_ENV_FILE_DEFAULT="${CONFIG_DIR}/global.env" -TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets" +TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets" GLOBAL_ENV_FILE="${GLOBAL_ENV_FILE:-$GLOBAL_ENV_FILE_DEFAULT}" TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}" @@ -102,6 +102,36 @@ cleanup() { } trap cleanup EXIT +copy_file_to_remote() { + local local_file="$1" + local remote_final_path="$2" + local remote_mode="$3" + local remote_parent + local remote_tmp + + [[ -f "$local_file" ]] || fail "fichier source introuvable : $local_file" + [[ -r "$local_file" ]] || fail "fichier source non lisible : $local_file" + + remote_parent="$(dirname "$remote_final_path")" + remote_tmp="/tmp/$(basename "$remote_final_path").$$.$RANDOM.tmp" + + ssh "${SSH_OPTS[@]}" "$REMOTE" " + set -euo pipefail + mkdir -p $(shell_quote "$remote_parent") + test -d $(shell_quote "$remote_parent") + test -w $(shell_quote "$remote_parent") + " >/dev/null 2>&1 || fail "dossier distant absent ou non inscriptible : $remote_parent" + + scp "${SSH_OPTS[@]}" "$local_file" "${REMOTE}:${remote_tmp}" >/dev/null 2>&1 \ + || fail "échec de copie temporaire vers ${remote_tmp}" + + ssh "${SSH_OPTS[@]}" "$REMOTE" " + set -euo pipefail + install -m $(shell_quote "$remote_mode") $(shell_quote "$remote_tmp") $(shell_quote "$remote_final_path") + rm -f $(shell_quote "$remote_tmp") + " >/dev/null 2>&1 || fail "échec d'installation distante : $remote_final_path" +} + TARGET_NAME="${CLI_TARGET:-${TARGET_NAME:-}}" [[ -n "$TARGET_NAME" ]] || fail "target manquante" @@ -291,24 +321,17 @@ EXCLUDED_RESTORE_ROLES=$(printf '%s\n' "$TARGET_EXCLUDED_RESTORE_ROLES_VALUE") EOF log "Copie du .env cible" -scp "${SSH_OPTS[@]}" "$TMP_ENV_FILE" "${REMOTE}:$(printf '%q' "$TARGET_ENV_FILE_PATH")" >/dev/null 2>&1 \ - || fail "échec de copie du .env cible" +copy_file_to_remote "$TMP_ENV_FILE" "$TARGET_ENV_FILE_PATH" "600" REMOTE_SSH_DIR="$(dirname "$TARGET_SSH_KEY_VALUE")" REMOTE_KNOWN_HOSTS="${REMOTE_SSH_DIR}/known_hosts" log "Copie de la clé privée backup sur la cible" -scp "${SSH_OPTS[@]}" \ - "$TARGET_BACKUP_SOURCE_SSH_PRIVATE_KEY_VALUE" \ - "${REMOTE}:$(printf '%q' "$TARGET_SSH_KEY_VALUE")" >/dev/null 2>&1 \ - || fail "échec de copie de la clé privée backup" +copy_file_to_remote "$TARGET_BACKUP_SOURCE_SSH_PRIVATE_KEY_VALUE" "$TARGET_SSH_KEY_VALUE" "600" if [[ -n "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" ]]; then log "Copie de la clé publique backup sur la cible" - scp "${SSH_OPTS[@]}" \ - "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" \ - "${REMOTE}:$(printf '%q' "${TARGET_SSH_KEY_VALUE}.pub")" >/dev/null 2>&1 \ - || fail "échec de copie de la clé publique backup" + copy_file_to_remote "$TARGET_BACKUP_SOURCE_SSH_PUBLIC_KEY_VALUE" "${TARGET_SSH_KEY_VALUE}.pub" "644" fi REMOTE_SSH_PERMS_CMD=" diff --git a/RebuildBdd/create-target-config.sh b/RebuildBdd/create-target-config.sh index 1d17ae6..3878ba9 100644 --- a/RebuildBdd/create-target-config.sh +++ b/RebuildBdd/create-target-config.sh @@ -2,8 +2,8 @@ set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -CONFIG_DIR="${SCRIPT_DIR}/config" -TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets" +CONFIG_DIR="${SCRIPT_DIR}/Config" +TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets" TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}" diff --git a/RebuildBdd/run-rebuild-bdd.sh b/RebuildBdd/run-rebuild-bdd.sh index c4779a5..cf3bc01 100755 --- a/RebuildBdd/run-rebuild-bdd.sh +++ b/RebuildBdd/run-rebuild-bdd.sh @@ -2,9 +2,9 @@ set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -CONFIG_DIR="${SCRIPT_DIR}/config" +CONFIG_DIR="${SCRIPT_DIR}/Config" GLOBAL_ENV_FILE_DEFAULT="${CONFIG_DIR}/global.env" -TARGETS_DIR_DEFAULT="${CONFIG_DIR}/targets" +TARGETS_DIR_DEFAULT="${CONFIG_DIR}/Targets" GLOBAL_ENV_FILE="${GLOBAL_ENV_FILE:-$GLOBAL_ENV_FILE_DEFAULT}" TARGETS_DIR="${TARGETS_DIR:-$TARGETS_DIR_DEFAULT}"