MISP
/
ansible
mirror of https://github.com/MISP/ansible
2
0
Fork 0
Code Issues Releases Wiki Activity

Allow user to choose MISP data location at installation + backup management in separate file

pull/3/head
Mathieu Deloitte 2016-08-24 14:35:57 +02:00
parent 9f60beff00
commit d837c82cf0
5 changed files with 167 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
roles/misp/defaults/main.yml
View File

@ -1,2 +1,3 @@
---
# default lower priority variables for this role
data_location: /opt/misp-server/misp/app

41
roles/misp/tasks/backup.yml Normal file
View File

@ -0,0 +1,41 @@
############################################
##### BACKUP ####
############################################
- name: Create MISP server directory
file:
path: "{{ item }}"
owner: misp
group: misp-server
mode: 02775
state: directory
with_items:
- "{{data_location}}/backup"
- name: Copy backup script
become: true
template:
src: misp/{{item}}
dest: /bin/{{item}}
mode: 0755
with_items:
- misp_backup
- name: Copy restore script
template:
src: misp/{{item}}
dest: "{{data_location}}/backup/{{item}}"
mode: 0755
owner: misp
group: misp
with_items:
- misp_restore
- name: Create backup cronjob
become: true
become_user: misp
cron:
name: "misp backup cronjob"
minute: "0"
hour: "4"
job: "sh /bin/misp_backup"

41
roles/misp/tasks/main.yml
View File

@ -72,7 +72,6 @@
- "/opt/misp-server"
- "/opt/misp-server/misp"
- "/opt/misp-server/tmp"
- "/opt/misp-server/backup"
######### PEAR: CRYPTPGP #########
- name: Configure PEAR proxy
@ -317,7 +316,7 @@
with_items:
- mysql -D misp < /opt/misp-server/misp/INSTALL/MYSQL.sql
when: mysql_init.changed
######### PERMISSIONS #########
- name: Fix all files permissions
@ -327,38 +326,14 @@
state: directory
mode: "g=u"
############################################
##### BACKUP ####
############################################
############ BACKUP ###########
- name: Copy backup script
become: true
template:
src: misp/{{item}}
dest: /bin/{{item}}
mode: 0755
with_items:
- misp_backup
- name: Configure and enable MISP backup
include: backup.yml
when: enable_auto_backup == 'y'
- name: Copy restore script
template:
src: misp/{{item}}
dest: /opt/misp-server/backup/{{item}}
mode: 0755
owner: misp
group: misp
with_items:
- misp_backup
when: enable_auto_backup == 'y'
- name: Create backup cronjob
become: true
become_user: misp
cron:
name: "misp backup cronjob"
minute: "0"
hour: "4"
job: "sh /bin/misp_backup"
when: enable_auto_backup == 'y'
####### NEW DATA LOCATION #####
- name: Change DATA location of MISP
include: new_data_location.yml
when: data_location != '/opt/misp-server/misp/app'

115
roles/misp/tasks/new_data_location.yml Normal file
View File

@ -0,0 +1,115 @@
############################################
##### NEW DATA LOCATION ####
############################################
- name: Create MISP backup and data directories
file:
path: "{{ item }}"
owner: misp
group: misp-server
mode: 0775
state: directory
with_items:
- "{{data_location}}/backup"
######### MOVE MYSQL DATA #########
- name: MySQL | Stop service to move data
service:
name: mysql
state: stopped
enabled: yes
when: mysql_init.changed
- name: MySQL | Copy data
shell: "{{ item }}"
with_items:
- "cp -R -p /var/lib/mysql {{data_location}} "
sudo: yes
when: mysql_init.changed
- name: MySQL | Update MySQL configuration
replace:
dest: /etc/mysql/my.cnf
regexp: '/var/lib/mysql'
replace: '{{data_location}}/mysql'
when: mysql_init.changed
- name: MySQL | Update AppArmor configuration
replace:
dest: /etc/apparmor.d/usr.sbin.mysqld
regexp: '/var/lib/mysql/'
replace: '{{data_location}}/mysql/'
when: mysql_init.changed
- name: MySQL | Reload service AppArmor
service:
name: apparmor
state: reloaded
enabled: yes
when: mysql_init.changed
- name: MySQL | Start service after moving data
service:
name: mysql
state: restarted
enabled: yes
when: mysql_init.changed
- name: MySQL | Check if old data directory is removed
file:
path: /var/lib/mysql
state: absent
sudo: yes
#### MISP DATA MOVE ####
# Copy with SHELL since Ansible does not currently support recursive remote copying
- name: Copy tmp data
shell: "{{ item }}"
with_items:
- "cp -rp /opt/misp-server/misp/app/tmp {{data_location}}/ "
sudo: yes
when: mysql_init.changed
- name: Remove old MISP tmp data directory
file:
path: /opt/misp-server/misp/app/tmp
state: absent
sudo: yes
when: mysql_init.changed
- name: Link MISP tmp data directory to new data location
file:
src: "{{data_location}}/tmp"
dest: /opt/misp-server/misp/app/tmp
state: link
force: yes
owner: misp
group: misp-server
mode: 777
# Copy with SHELL since Ansible does not currently support recursive remote copying
- name: Copy MISP file data directory to /DATA
shell: "{{ item }}"
with_items:
- "cp -rp /opt/misp-server/misp/app/files {{data_location}}/ "
sudo: yes
when: mysql_init.changed
- name: Remove old MISP files data directory
file:
path: /opt/misp-server/misp/app/files
state: absent
sudo: yes
when: mysql_init.changed
- name: Link MISP file data directory to /DATA
file:
src: "{{data_location}}/files"
dest: /opt/misp-server/misp/app/files
state: link
force: yes
owner: misp
group: misp-server
mode: 777

4
roles/misp/templates/misp/misp_backup
View File

@ -5,13 +5,13 @@
###########################################
TIMESTAMP=`date +%m%d%Y%H%M`
BACKUP_PATH='/opt/misp-server/backup'
BACKUP_PATH='{{data_location}}/backup'
BACKUP_DIR="$BACKUP_PATH/$TIMESTAMP"
BACKUP_MYSQL_DIR="$BACKUP_DIR/mysql"
BACKUP_FILES_DIR="$BACKUP_DIR/misp"
MISP_FILES="/opt/misp-server/misp/app/files"
MISP_FILES="{{data_location}}/files"
MISP_CONF="/opt/misp-server/misp/app/Config"
mkdir "$BACKUP_DIR"