From cd1e399601bbee338a742e44d384ee5287d78783 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:35:08 -0400 Subject: [PATCH 1/4] Adding workflow for DAG definition check. --- .gitea/workflows/dag-config-check.yml | 64 +++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 .gitea/workflows/dag-config-check.yml diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml new file mode 100644 index 0000000..6dbe296 --- /dev/null +++ b/.gitea/workflows/dag-config-check.yml @@ -0,0 +1,64 @@ +# .github/workflows/validate-dags.yml +name: Validate DAGs + +on: + push: + paths: ['./app-configs/rinoa/dagu/dags/**'] + +env: + DAGS_PATH: "./app-configs/rinoa/dagu/dags" + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} + +jobs: + validate: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Install Ansible + uses: alex-oleshkevich/setup-ansible@v1.0.1 + with: + version: "11.4.0" + + - name: Set up Vault CLI + uses: hashicorp/setup-vault@v2 + with: + version: 1.18.0 + + - name: Install hvac (Vault Python SDK) + run: pip install hvac + + - name: Render .yaml.j2 templates + uses: dawidd6/action-ansible-playbook@v2 + with: + directory: . + vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} + requirements: collections/requirements.yml + playbook: | + - hosts: localhost + gather_facts: false + vars: + vault_addr: ${{ env.VAULT_ADDR }} + vault_token: ${{ env.VAULT_TOKEN }} + dags_path: ${{ env.DAGS_PATH }} + tasks: + - name: Render DAG templates + template: + src: "{{ item }}" + dest: "{{ item | regex_replace('\\.j2$', '') }}" + loop: "{{ lookup('fileglob', dags_path ~ '/*.yaml.j2', wantlist=True) }}" + + - name: Install dagu + uses: jaxxstorm/action-install-gh-release@v1 + with: + repo: dagu-org/dagu + platform: linux + arch: amd64 + + - name: Validate DAGs + run: | + for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do + echo "Validating $dag" + dagu dry "$dag" + done -- 2.52.0 From 9b861884af51a4ded5a5a7f0d956d59138e2af3f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:36:15 -0400 Subject: [PATCH 2/4] Adding MariaDB backup task. --- .../rinoa/dagu/dags/mariadb-backups.yaml.j2 | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 new file mode 100644 index 0000000..87c5666 --- /dev/null +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -0,0 +1,33 @@ +name: mariadb-backup +description: "Backup of all databases from MariaDB container" +schedule: "30 23 * * *" + +env: + MARIADB_ROOT_PASSWORD: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD'] }} + +steps: + - name: list-all-databases + shell: nix-shell + shellPackages: [mariadb] + command: | + mariadb -h mariadb -u root -p"${MARIADB_ROOT_PASSWORD}" -Nse "SHOW DATABASES;" | egrep -v '(information|performance)_schema|mysql|sys' + output: RINOA_MADB_LIST + + - name: db-folder-check-creation-backup + depends: list-all-databases + shell: nix-shell + shellPackages: [mariadb] + workingDir: /backups/dbs/mariadb + script: | + for mdatabase in $(echo ${RINOA_MADB_LIST}) ; do + mkdir -p ${mdatabase} + mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/${mdatabase}_$(date +%Y-%m-%dT%H-%M-%S).sql + done + + - name: db-backup-cleanup + depends: + - list-all-databases + - db-folder-check-creation-backup + workingDir: /backups/dbs/mariadb + command: > + find $(pwd) -type f -name "*.sql" -ctime +7 | xargs rm -fv \ No newline at end of file -- 2.52.0 From c2bb3799f00101480265dc2d8fd1334580502401 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:46:12 -0400 Subject: [PATCH 3/4] Workflow_run trigger. --- .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 95483bc..05e3b58 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -3,7 +3,7 @@ name: Gitea Branch PR & Ansible Deployment on: workflow_dispatch: workflow_run: - workflows: ["Home Assistant Config Check"] + workflows: [Home Assistant Config Check, Validate DAs] types: - completed branches: main -- 2.52.0 From 752a6bf362d8b7353e24f9c9c1748b4953f6c1a0 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:50:04 -0400 Subject: [PATCH 4/4] ... --- .gitea/workflows/dag-config-check.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 6dbe296..48980ae 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -2,8 +2,11 @@ name: Validate DAGs on: + workflow_dispatch: push: paths: ['./app-configs/rinoa/dagu/dags/**'] + branches-ignore: + - main env: DAGS_PATH: "./app-configs/rinoa/dagu/dags" -- 2.52.0