dc-deployments-automation/roles/restore_backups/tasks/main.yml

---

# This role will attempt to fetch and load the backup manifest from a
# remote S3 URL. On successful completion the contents of JSON or YAML
# document will be in the var `atl_backup_manifest`.
#
# PREREQUISITES:
#  * `atl_backup_manifest_url` points at the manifest.
#  * The shared home filesystem is mounted if necessary (e.g. NFS/EFS).
#  * The database has been created and the variable `db_created` is
#    registered with the result (i.e: `register: db_created`).
#
# NOTE: The actual DB/FS restore operations could potentially be split
# out into discrete roles, but currently that is not required.
#
# TODO: Support HTTPS with authentication. Deferred until after the
# initial testing release.

- block:

    - name: Ensure temp directory is present
      file:
        path: "{{ atl_installer_temp }}"
        state: directory
        mode: 0750
        owner: "{{ atl_product_user }}"
        group: "{{ atl_product_user }}"
      changed_when: false  # For Molecule idempotence check

    - name: Parse the manifest URL
      set_fact:
        atl_backup_manifest_url: "{{ atl_backup_manifest_url | urlsplit }}"

    - name: Extract manifest file information
      set_fact:
        atl_backup_manifest_bucket: "{{ atl_backup_manifest_url.hostname }}"
        atl_backup_manifest_path: "{{ atl_backup_manifest_url.path }}"
        atl_backup_manifest_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest_url.path | basename }}"

    - name: Fetch the manifest from S3
      aws_s3:
        mode: get
        overwrite: different
        bucket: "{{ atl_backup_manifest_bucket }}"
        object: "{{ atl_backup_manifest_path }}"
        dest: "{{ atl_backup_manifest_dest }}"
      when: atl_backup_manifest_url.scheme == 's3'

    - name: Load parameters from manifest
      include_vars:
        file: "{{ atl_backup_manifest_dest }}"
        name: atl_backup_manifest

    - name: Define the DB and home dump destinations
      set_fact:
        # FIXME: The manifest format is still undecided so the
        # following usages will need to be updated once it settles..
        atl_backup_id: "{{ atl_backup_manifest.name }}"
        atl_backup_db_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest.artifacts.db.location.value | basename }}"
        atl_backup_home_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest.artifacts.sharedHome.location.value | basename }}"

    # FIXME: Here we fetch the backups. However we may wish to stream
    # these directly from S3 to the target DB/FS to avoid requiring
    # disk-space for the intermediate files.
    - name: Fetch DB backup from S3
      aws_s3:
        mode: get
        overwrite: different
        bucket: "{{ atl_backup_manifest.artifacts.db.location.value | urlsplit('hostname') }}"
        object: "{{ atl_backup_manifest.artifacts.db.location.value | urlsplit('path') }}"
        dest: "{{ atl_backup_db_dest }}"

    - name: Fetch Home backup from S3
      aws_s3:
        mode: get
        overwrite: different
        bucket: "{{ atl_backup_manifest.artifacts.sharedHome.location.value | urlsplit('hostname') }}"
        object: "{{ atl_backup_manifest.artifacts.sharedHome.location.value | urlsplit('path') }}"
        dest: "{{ atl_backup_home_dest }}"

    - name: Install distro-specific restore support packages
      include_tasks: "{{ ansible_distribution|lower }}.yml"


    - name: Restore application database
      postgresql_db:
        login_host: "{{ atl_db_host }}"
        login_user: "{{ atl_db_root_user }}"
        login_password: "{{ atl_db_root_password }}"
        port: "{{ atl_db_port }}"
        name: "{{ atl_jdbc_db_name }}"
        owner: "{{ atl_jdbc_user }}"
        encoding: "{{ atl_jdbc_encoding }}"
        lc_collate: "{{ atl_jdbc_collation }}"
        lc_ctype: "{{ atl_jdbc_ctype }}"
        template: "{{ atl_jdbc_template }}"
        # Depends on fetch_backup roles
        state: restore
        target: "{{ atl_backup_db_dest }}"
      when: db_created.changed and atl_backup_db_dest is defined


    - name: Check for the restore canary file
      stat:
        path: "{{ atl_backup_home_restore_canary_path }}"
      register: restore_canary

    - block:

        - name: Create shared home if necessary
          file:
            path: "{{ atl_product_home_shared }}"
            state: directory
            mode: 0750
            owner: "{{ atl_product_user }}"
            group: "{{ atl_product_user }}"

        - name: Restore the shared-home backup
          unarchive:
            src: "{{ atl_backup_home_dest }}"
            dest: "{{ atl_product_home_shared }}"
            owner: "{{ atl_product_user }}"
            group: "{{ atl_product_user }}"

        - name: Create restore-canary if necessary
          copy:
            dest: "{{ atl_backup_home_restore_canary_path }}"
            content: "{{ atl_backup_id }}"

      when: not restore_canary.stat.exists


  when: atl_restore_required