diff --git a/aws_bitbucket_nfs_node.yml b/aws_bitbucket_nfs_node.yml index 7227539..8e95593 100644 --- a/aws_bitbucket_nfs_node.yml +++ b/aws_bitbucket_nfs_node.yml @@ -12,3 +12,4 @@ - role: linux_common - role: aws_common - role: nfs_server + - role: diy_backup diff --git a/group_vars/aws_node_local.yml b/group_vars/aws_node_local.yml index 5d0f330..d983341 100644 --- a/group_vars/aws_node_local.yml +++ b/group_vars/aws_node_local.yml @@ -80,6 +80,7 @@ atl_catalina_opts: "{{ lookup('env', 'ATL_CATALINA_OPTS') or '' }}" atl_proxy_name: "{{ lookup('env', 'ATL_PROXY_NAME') | lower }}" atl_proxy_port: "{{ lookup('env', 'ATL_TOMCAT_PROXYPORT') }}" atl_tomcat_port: "{{ lookup('env', 'ATL_TOMCAT_DEFAULTCONNECTORPORT') or '8080' }}" +atl_ssl_proxy: "{{ lookup('env', 'ATL_SSL_PROXY') or 'false' }}" atl_tomcat_acceptcount: "{{ lookup('env', 'ATL_TOMCAT_ACCEPTCOUNT') or '10' }}" atl_tomcat_connectiontimeout: "{{ lookup('env', 'ATL_TOMCAT_CONNECTIONTIMEOUT') or '20000' }}" @@ -93,6 +94,13 @@ atl_tomcat_scheme: "{{ lookup('env', 'ATL_TOMCAT_SCHEME') or 'http' }}" atl_tomcat_secure: "{{ lookup('env', 'ATL_TOMCAT_SECURE') or 'false' }}" atl_fileserver_host: "{{ lookup('env', 'ATL_FILESERVER_IP') }}" -atl_elasticsearch_endpoint: "{{ lookup('env', 'ATL_ELASTICSEARCH_ENDPOINT') }}" - -atl_ssl_proxy: "{{ lookup('env', 'ATL_SSL_PROXY') or 'false' }}" +atl_elasticsearch_host: "{{ lookup('env', 'ATL_ELASTICSEARCH_HOST') }}" +atl_elasticsearch_endpoint: "http://{{ lookup('env', 'ATL_ELASTICSEARCH_HOST') }}" +atl_nfs_server_device: "{{ lookup('env', 'ATL_NFS_SERVER_DEVICE') }}" +atl_nfs_disk_volume_type: "{{ lookup('env', 'ATL_NFS_DISK_VOLUME_TYPE') }}" +atl_nfs_disk_volume_iops: "{{ lookup('env', 'ATL_NFS_DISK_VOLUME_IOPS') }}" +atl_rds_instance_id: "{{ lookup('env', 'ATL_RDS_INSTANCE_ID') }}" +atl_rds_instance_class: "{{ lookup('env', 'ATL_RDS_INSTANCE_CLASS') }}" +atl_rds_multi_az: "{{ lookup('env', 'ATL_RDS_MULTI_AZ') }}" +atl_rds_subnet_group_name: "{{ lookup('env', 'ATL_RDS_SUBNET_GROUP_NAME') }}" +atl_rds_security_group: "{{ lookup('env', 'ATL_RDS_SECURITY_GROUP') }}" diff --git a/roles/diy_backup/molecule/default/playbook.yml b/roles/diy_backup/molecule/default/playbook.yml index d46bce6..88861a3 100644 --- a/roles/diy_backup/molecule/default/playbook.yml +++ b/roles/diy_backup/molecule/default/playbook.yml @@ -6,6 +6,18 @@ atl_product_family: "stash" atl_product_edition: "bitbucket" + atl_aws_iam_role: "atl_aws_iam_role" + atl_aws_stack_name: "atl_aws_stack_name" + atl_nfs_disk_volume_iops: "atl_nfs_disk_volume_iops" + atl_nfs_disk_volume_type: "atl_nfs_disk_volume_type" + atl_nfs_fs_type: "atl_nfs_fs_type" + atl_proxy_name: "atl_proxy_name" + atl_rds_instance_class: "atl_rds_instance_class" + atl_rds_instance_id: "atl_rds_instance_id" + atl_rds_multi_az: "atl_rds_multi_az" + atl_rds_security_group: "atl_rds_security_group" + atl_rds_subnet_group_name: "atl_rds_subnet_group_name" + pre_tasks: - name: Create base dir file: diff --git a/roles/diy_backup/molecule/default/tests/test_default.py b/roles/diy_backup/molecule/default/tests/test_default.py index cf881db..580f08b 100644 --- a/roles/diy_backup/molecule/default/tests/test_default.py +++ b/roles/diy_backup/molecule/default/tests/test_default.py @@ -10,3 +10,7 @@ def test_git_clone(host): f = host.file('/opt/atlassian/bitbucket-diy-backup') assert f.exists assert f.is_directory + +def test_diy_config(host): + f = host.file('/opt/atlassian/bitbucket-diy-backup/bitbucket.diy-backup.vars.sh') + assert f.exists diff --git a/roles/diy_backup/tasks/main.yml b/roles/diy_backup/tasks/main.yml index 8b066ec..c675375 100644 --- a/roles/diy_backup/tasks/main.yml +++ b/roles/diy_backup/tasks/main.yml @@ -6,3 +6,9 @@ repo: "{{ atl_diy_backup_repo }}" dest: "{{ atl_diy_backup_dir }}" version: "master" + +- name: Configure DIY backup for BB on AWS + template: + src: "bitbucket.diy-backup.vars.sh.j2" + dest: "{{ atl_diy_backup_dir }}/bitbucket.diy-backup.vars.sh" + mode: 0640 diff --git a/roles/diy_backup/templates/bitbucket.diy-backup.vars.sh.j2 b/roles/diy_backup/templates/bitbucket.diy-backup.vars.sh.j2 new file mode 100644 index 0000000..32b06ff --- /dev/null +++ b/roles/diy_backup/templates/bitbucket.diy-backup.vars.sh.j2 @@ -0,0 +1,53 @@ +INSTANCE_NAME={{ atl_aws_stack_name }} + +AWS_INFO=$(curl -Lsf http://169.254.169.254/latest/dynamic/instance-identity/document) +AWS_ACCOUNT_ID=$(echo "${AWS_INFO}" | jq -r .accountId) +AWS_AVAILABILITY_ZONE=$(echo "${AWS_INFO}" | jq -r .availabilityZone) +AWS_REGION=$(echo "${AWS_INFO}" | jq -r .region) +AWS_EC2_INSTANCE_ID=$(echo "${AWS_INFO}" | jq -r .instanceId) + +BITBUCKET_VERBOSE_BACKUP=true +KEEP_BACKUPS=5 + +{% if atl_ssl_proxy is defined and atl_ssl_proxy %} +BITBUCKET_URL=https://{{ atl_proxy_name }} +{% else %} +BITBUCKET_URL=http://{{ atl_proxy_name }} +{% endif %} + +BITBUCKET_UID={{ atl_product_user }} +BITBUCKET_GID={{ atl_product_user }} + +BACKUP_ZERO_DOWNTIME=true + +BACKUP_ELASTICSEARCH_TYPE=amazon-es +BACKUP_ARCHIVE_TYPE=aws-snapshots + +BACKUP_DISK_TYPE=amazon-ebs +STANDBY_DISK_TYPE=none +EBS_VOLUME_MOUNT_POINT_AND_DEVICE_NAMES=({{ atl_shared_mountpoint }}:{{ atl_nfs_server_device }}) +HOME_DIRECTORY_MOUNT_POINT={{ atl_shared_mountpoint }} +RESTORE_DISK_VOLUME_TYPE={{ atl_nfs_disk_volume_type }} +RESTORE_DISK_IOPS={{ atl_nfs_disk_volume_iops }} +FILESYSTEM_TYPE={{ atl_nfs_fs_type }} + +BACKUP_DATABASE_TYPE=amazon-rds +RDS_INSTANCE_ID={{ atl_rds_instance_id }} +RESTORE_RDS_INSTANCE_CLASS={{ atl_rds_instance_class }} +RESTORE_RDS_MULTI_AZ={{ atl_rds_multi_az }} +RESTORE_RDS_SUBNET_GROUP_NAME={{ atl_rds_subnet_group_name }} +RESTORE_RDS_SECURITY_GROUP={{ atl_rds_security_group }} +DR_RDS_READ_REPLICA= + +BACKUP_DEST_AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID +BACKUP_DEST_REGION=$AWS_REGION +BACKUP_DEST_AWS_ROLE={{ atl_aws_iam_role }} + +ELASTICSEARCH_INDEX_NAME=bitbucket-search-v1 +ELASTICSEARCH_REPOSITORY_NAME=bitbucket-snapshots +ELASTICSEARCH_HOST={{ atl_elasticsearch_host }} +ELASTICSEARCH_S3_BUCKET= +ELASTICSEARCH_S3_BUCKET_REGION=us-east-1 +ELASTICSEARCH_SNAPSHOT_IAM_ROLE={{ atl_aws_iam_role }} + +STANDBY_JDBC_URL=