DEV-974: added keycloak backup

group_vars/stage_prodwork01/backup.yml

@@ -10,6 +10,10 @@ minio_cusqa_secretkey: "{{ minio_cusqa_secretkey_vault }}"
 minio_cusprod_accesskey: "{{ minio_cusprod_accesskey_vault }}"
 minio_cusprod_secretkey: "{{ minio_cusprod_secretkey_vault }}"
 
+minio_keycloak_accesskey: "{{ minio_keycloak_accesskey_vault }}"
+minio_keycloak_secretkey: "{{ minio_keycloak_secretkey_vault }}"
+minio_keycloak_url: "https://s3storage-mobene-keycloak-prodwork01.smardigo.digital"
+
 minio_stage_dicts:
   - { stage: "nsodev", url: "https://s3storage-nsodev-prodwork01.smardigo.digital", minio_accesskey: "{{ minio_nsodev_accesskey }}", minio_secretkey: "{{ minio_nsodev_secretkey }}", hour: "2", minute: "30"}
   - { stage: "cusqa", url: "https://s3storage-cusqa-prodwork01.smardigo.digital", minio_accesskey: "{{ minio_cusqa_accesskey }}", minio_secretkey: "{{ minio_cusqa_secretkey }}", hour: "2", minute: "30"}

roles/backup_minio/files/keycloak_pull_from_minio_server.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+#
+#
+
+MINIO_URL=$1
+ACCESSKEY=$2
+SECRETKEY=$3
+
+
+LOCAL_BACKUP_DIR="${HOME}/backups"
+KEYCLOAK_POSTGRES_BACKUP_DIR="${LOCAL_BACKUP_DIR}/keycloak-postgres"
+METRICS_FILE=${HOME}/metrics_keycloak.prom
+
+mkdir -p ${KEYCLOAK_POSTGRES_BACKUP_DIR}
+
+rm -rf ${KEYCLOAK_POSTGRES_BACKUP_DIR}/*
+
+mc alias set keycloak ${MINIO_URL} ${ACCESSKEY} ${SECRETKEY}
+
+mc mirror keycloak/postgres ${KEYCLOAK_POSTGRES_BACKUP_DIR} --overwrite --newer-than 1d --json | jq -e '.transferred != 0'
+if [ "$?" -eq "0" ] 
+then
+  NIGHTLY_BACKUP_SUCCESSFUL_POSTGRES="0"
+else
+  NIGHTLY_BACKUP_SUCCESSFUL_POSTGRES="1"
+fi
+
+
+mc alias rm keycloak
+
+if [[ ${NIGHTLY_BACKUP_SUCCESSFUL_POSTGRES} -eq "0" ]] && [[ ${NIGHTLY_BACKUP_SUCCESSFUL_WORDPRESS} -eq "0" ]]
+then
+  echo "Nightly Backup Successful - writing METRICS_FILE"
+  cat <<EOF > $METRICS_FILE
+# HELP nightly_backup_successful_keycloak
+# TYPE nightly_backup_successful_keycloak gauge
+nightly_backup_successful_keycloak{stage="keycloak"} 0
+EOF
+else
+  echo "Nightly Backup Failed - writing METRICS_FILE"
+  cat <<EOF > $METRICS_FILE
+# HELP nightly_backup_successful_keycloak
+# TYPE nightly_backup_successful_keycloak gauge
+nightly_backup_successful_keycloak{stage="keycloak"} 1
+EOF
+fi

roles/backup_minio/tasks/main.yml

@@ -66,6 +66,7 @@
     group: '{{ system_user }}'
   with_items:
     - pull_from_minio_server.sh
+    - keycloak_pull_from_minio_server.sh
 
 - name: Create Cron Job for pull_from_minio_server.sh script
   ansible.builtin.cron:
@@ -76,6 +77,13 @@
     job: "/home/{{ system_user }}/pull_from_minio_server.sh {{ item.url }} {{ item.stage }} {{ item.minio_accesskey }} {{ item.minio_secretkey }}"
   loop: "{{ minio_stage_dicts }}"
 
+- name: Create Cron Job for keycloak_pull_from_minio_server.sh script
+  ansible.builtin.cron:
+    name: "pull minio backups for keycloak"
+    hour: "2"
+    minute: "30"
+    user: '{{ system_user }}'
+    job: "/home/{{ system_user }}/keycloak_pull_from_minio_server.sh {{ minio_keycloak_url }} {{ minio_keycloak_accesskey }} {{ minio_keycloak_secretkey }}"
 
 - name: Touch metrics_nsodev.prom if not exists
   file:
@@ -94,3 +102,18 @@
     state: link
   loop: "{{ minio_stage_dicts }}"
 
+- name: Touch metrics_keycloak.prom if not exists
+  file:
+    path: "/home/{{ system_user }}/metrics_keycloak.prom"
+    state: touch
+    mode: '0744'
+    owner: '{{ system_user }}'
+    group: '{{ system_user }}'
+
+
+- name: Create symbolic link for node_exporter text nsodev metrics
+  file:
+    src: "/home/{{ system_user }}/metrics_keycloak.prom"
+    dest: "/var/lib/prometheus/node-exporter/metrics_keycloak.prom"
+    state: link
+