From 887e5060447aba82967e44121e83a5b1a8dfe2d1 Mon Sep 17 00:00:00 2001 From: Riku Rouvila Date: Fri, 9 Feb 2024 17:51:38 +0900 Subject: [PATCH] add error if periodic backup sync is enabled without passphrase --- .../server-setup/tasks/backups/crontab.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/infrastructure/server-setup/tasks/backups/crontab.yml b/infrastructure/server-setup/tasks/backups/crontab.yml index b793d1633..e1424628e 100644 --- a/infrastructure/server-setup/tasks/backups/crontab.yml +++ b/infrastructure/server-setup/tasks/backups/crontab.yml @@ -7,14 +7,20 @@ job: 'cd / && bash /opt/opencrvs/infrastructure/backups/backup.sh --passphrase={{ backup_encryption_passphrase }} --ssh_user={{ external_backup_server_user }} --ssh_host={{ external_backup_server_ip }} --ssh_port={{ external_backup_server_ssh_port }} --production_ip={{ manager_production_server_ip }} --remote_dir={{ external_backup_server_remote_directory }} --replicas=1 >> /var/log/opencrvs-backup.log 2>&1' state: "{{ 'present' if (external_backup_server_ip is defined and backup_encryption_passphrase and enable_backups) else 'absent' }}" +## +# For machines that periodically restore from backup (staging) +## + - name: Set default value for periodic_restore_from_backup set_fact: periodic_restore_from_backup: false when: periodic_restore_from_backup is not defined -## -# For machines that periodically restore from backup (staging) -## +- name: Throw an error if periodic_restore_from_backup is true but restore_backup_encryption_passphrase is not defined + fail: + msg: 'Error: restore_backup_encryption_passphrase is not defined. It usually means you haven't set RESTORE_BACKUP_ENCRYPTION_PASSPHRASE in your staging environments secrets' + when: periodic_restore_from_backup and restore_backup_encryption_passphrase is not defined + - name: 'Setup crontab to download a backup periodically the opencrvs data' cron: user: '{{ crontab_user }}'