From 9a76361218a75b98e994d294ea013091e864386b Mon Sep 17 00:00:00 2001
From: Sven Ketelsen <sven.ketelsen@netgo.de>
Date: Tue, 23 May 2023 20:27:56 +0200
Subject: [PATCH] DEV-1058 bugfix backup process

- hard coded access to gitea::communication-keys.git
---
 gitlab-mirrors.yml                        | 2 +-
 group_vars/all/backup.yml                 | 2 ++
 group_vars/all/services.yml               | 3 +++
 group_vars/stage_demompmx/plain.yml       | 2 +-
 group_vars/stage_dev/plain.yml            | 1 -
 group_vars/stage_prodnso/plain.yml        | 1 -
 group_vars/stage_qa/plain.yml             | 1 -
 roles/kubernetes/awx/tasks/awx-config.yml | 2 +-
 roles/maria/tasks/_create_backup.yml      | 4 ++--
 roles/postgres/tasks/_create_backup.yml   | 4 ++--
 10 files changed, 12 insertions(+), 10 deletions(-)
 create mode 100644 group_vars/all/backup.yml

diff --git a/gitlab-mirrors.yml b/gitlab-mirrors.yml
index 67e6b23..c56e67c 100644
--- a/gitlab-mirrors.yml
+++ b/gitlab-mirrors.yml
@@ -53,7 +53,7 @@
         body:
           enabled: true
           only_protected_branches: true
-          url: "https://{{ gitea_admin_username }}:{{ gitea_admin_password }}@{{ shared_service_gitea_hostname }}/argocd/{{ item.name }}.git"
+          url: "https://{{ gitea_admin_username }}:{{ gitea_admin_password }}@{{ shared_service_hostname_gitea }}/argocd/{{ item.name }}.git"
         headers:
           PRIVATE-TOKEN: "{{ lookup('env', 'GITLAB_API_TOKEN') }}"
         status_code: [201]
diff --git a/group_vars/all/backup.yml b/group_vars/all/backup.yml
new file mode 100644
index 0000000..6695dc4
--- /dev/null
+++ b/group_vars/all/backup.yml
@@ -0,0 +1,2 @@
+---
+backup_communication_keys_repository: "https://{{ gitea_admin_username | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ shared_service_hostname_gitea }}/gitea-admin/communication-keys.git"
diff --git a/group_vars/all/services.yml b/group_vars/all/services.yml
index efb721c..5c27641 100644
--- a/group_vars/all/services.yml
+++ b/group_vars/all/services.yml
@@ -6,6 +6,8 @@ elastic_exporter_id: "{{ inventory_hostname }}-elastic-exporter"
 
 shared_service_url_harbor: "https://{{ shared_service_hostname_harbor }}"
 shared_service_hostname_harbor: "{{ stage }}-harbor-01.{{ domain_env }}"
+shared_service_url_gitea: "https://{{ shared_service_hostname_gitea }}"
+shared_service_hostname_gitea: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_url_keycloak: "https://{{ shared_service_hostname_keycloak }}"
 shared_service_hostname_keycloak: "{{ stage }}-keycloak-01.{{ domain_env }}"
 shared_service_url_kibana: "https://{{ shared_service_hostname_kibana }}"
@@ -14,6 +16,7 @@ shared_service_host_management: "{{ stage }}-management-01"
 shared_service_url_management: "https://{{ shared_service_hostname_management }}"
 shared_service_hostname_management: "{{ shared_service_host_management }}-connect.{{ domain_env }}"
 
+
 # use private loadbalancer ip for all kubernetes services
 stage_kube: "{{ stage }}"
 shared_service_kube_url_argocd: "https://{{ shared_service_kube_hostname_argocd }}"
diff --git a/group_vars/stage_demompmx/plain.yml b/group_vars/stage_demompmx/plain.yml
index 8f8aedc..1295fa5 100644
--- a/group_vars/stage_demompmx/plain.yml
+++ b/group_vars/stage_demompmx/plain.yml
@@ -21,7 +21,7 @@ gpg_key_smardigo_automation__private: "{{ gpg_key_smardigo_automation__private__
 pgadmin4_admin_username: "{{ pgadmin4_admin_email }}"
 pgadmin4_admin_password: "{{ pgadmin4_admin_password_vault }}"
 
-shared_service_gitea_hostname: "{{ shared_service_kube_hostname_gitea }}"
+shared_service_hostname_gitea: "{{ shared_service_kube_hostname_gitea }}"
 shared_service_hostname_harbor: "{{ shared_service_kube_hostname_harbor }}"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
diff --git a/group_vars/stage_dev/plain.yml b/group_vars/stage_dev/plain.yml
index 036fdb4..243f16a 100644
--- a/group_vars/stage_dev/plain.yml
+++ b/group_vars/stage_dev/plain.yml
@@ -12,7 +12,6 @@ shared_service_logstash_hostname: "{{ stage }}-elastic-stack-logstash-01"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
diff --git a/group_vars/stage_prodnso/plain.yml b/group_vars/stage_prodnso/plain.yml
index c7d100e..9f4b4e6 100644
--- a/group_vars/stage_prodnso/plain.yml
+++ b/group_vars/stage_prodnso/plain.yml
@@ -11,7 +11,6 @@ shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_logstash_hostname: "{{ stage }}-elastic-stack-logstash-01"
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
diff --git a/group_vars/stage_qa/plain.yml b/group_vars/stage_qa/plain.yml
index f8bdd87..d602ede 100644
--- a/group_vars/stage_qa/plain.yml
+++ b/group_vars/stage_qa/plain.yml
@@ -12,7 +12,6 @@ shared_service_logstash_hostname: "{{ stage }}-elastic-stack-logstash-01"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_gitea_hostname: "{{ stage }}-gitea-01.{{ domain_env }}"
 shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
diff --git a/roles/kubernetes/awx/tasks/awx-config.yml b/roles/kubernetes/awx/tasks/awx-config.yml
index 0e690cd..6df0ea7 100644
--- a/roles/kubernetes/awx/tasks/awx-config.yml
+++ b/roles/kubernetes/awx/tasks/awx-config.yml
@@ -478,7 +478,7 @@
     description: "hetzner-ansible"
     local_path: "hetzner-ansible"
     scm_type: git
-    scm_url: 'https://{{ shared_service_gitea_hostname }}/gitea-admin/hetzner-ansible.git'
+    scm_url: 'https://{{ shared_service_hostname_gitea }}/gitea-admin/hetzner-ansible.git'
     scm_branch: '{{ awx_hetzner_ansible_revision | default(stage) }}'
     scm_refspec: ''
     scm_clean: false
diff --git a/roles/maria/tasks/_create_backup.yml b/roles/maria/tasks/_create_backup.yml
index e8de826..65dc496 100644
--- a/roles/maria/tasks/_create_backup.yml
+++ b/roles/maria/tasks/_create_backup.yml
@@ -29,8 +29,8 @@
 
     - name: "Checkout repo for gpg communication-keys"
       ansible.builtin.git:
-        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.smardigo.digital/gitea-admin/communication-keys.git'
-        dest: '{{ tempdir.path }}'
+        repo: "{{ backup_communication_keys_repository }}"
+        dest: "{{ tempdir.path }}"
         version: master
 
 # there is no ansible gpg module already in place
diff --git a/roles/postgres/tasks/_create_backup.yml b/roles/postgres/tasks/_create_backup.yml
index df9ae8e..151a529 100644
--- a/roles/postgres/tasks/_create_backup.yml
+++ b/roles/postgres/tasks/_create_backup.yml
@@ -26,8 +26,8 @@
 
     - name: "Checkout repo for gpg communication-keys"
       ansible.builtin.git:
-        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.{{ domain }}/gitea-admin/communication-keys.git'
-        dest: '{{ tempdir.path }}'
+        repo: "{{ backup_communication_keys_repository }}"
+        dest: "{{ tempdir.path }}"
         version: master
 
 # there is no ansible gpg module already in place