From 0006f152ef4a0413c74b62521ce09219fdfce9eb Mon Sep 17 00:00:00 2001
From: Cian Hatton <github.qpeyb@simplelogin.fr>
Date: Sat, 17 Jun 2023 19:24:55 +0100
Subject: [PATCH] Add encryption field and update credentials (#16)

---
 .github/workflows/e2e.yml                |  2 +-
 .github/workflows/lint.yml               |  2 +-
 README.md                                | 39 ++++++++++++++++++--
 roles/docker_s3_backup/defaults/main.yml |  5 +--
 roles/docker_s3_backup/tasks/main.yml    |  5 +++
 tests/host_vars/localhost.yml            | 46 ++++++++++++------------
 6 files changed, 71 insertions(+), 28 deletions(-)

diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 1fbc673..7ca070a 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -11,7 +11,7 @@ jobs:
       uses: actions/checkout@v3
     - uses: actions/setup-python@v4
       with:
-        python-version: 3.8.9
+        python-version: '3.10'
     - name: Install dependencies
       run: make deps
     - name: Test Backup & Restore
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 4ef23c8..3d9b251 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -11,7 +11,7 @@ jobs:
       uses: actions/checkout@v3
     - uses: actions/setup-python@v4
       with:
-        python-version: 3.8.9
+        python-version: '3.10'
     - name: Install dependencies
       run: pip install -r requirements.txt
     - name: Test Directory
diff --git a/README.md b/README.md
index f61e206..d297026 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,38 @@
-# Ansible Collection - chatton.docker_backup
+# Collection chatton.docker_backup
 
-Documentation for the collection.
+This collection contains the following roles:
+
+- [chatton.docker_backup.docker_backup](#chattondocker_backupdocker_backup) (backup docker volumes)
+- [chatton.docker_backup.docker_restore](#chattondocker_backupdocker_restore) (restore docker volumes)
+
+### Shared variables
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| docker_backup_aws_s3_region | The AWS region to use | us-east-1 |
+| docker_backup_aws_s3_bucket | The AWS S3 bucket to use | backups |
+| docker_backup_host_backup_directory | The directory on the host to store the backup | "" |
+| docker_backup_aws_s3_url | The AWS S3 url to use | "" |
+| docker_backup_aws_s3_aws_access_key | The AWS access key to use | "" |
+| docker_backup_aws_s3_aws_secret_key | The AWS secret key to use | "" |
+| docker_backup_aws_s3_permissions | The AWS S3 permissions to use | [] |
+| docker_backup_aws_s3_encrypt | Whether to encrypt the backup | true |
+
+### chatton.docker_backup.docker_backup
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| container_backup | The container to backup | "" |
+
+This role will stop the given container, backup all non host volumes, and restart the container.
+The backup will be uploaded to the given AWS S3 bucket.
+
+### chatton.docker_backup.docker_restore
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| docker_backup_restore_force | forces a revert to the volume. | false |
+| docker_backup_restore_latest_s3_key | specify docker_backup_restore_latest_s3_key true to automatically determine the latest backup in the s3 backup.  | false |
+|  docker_backup_s3_volume.name | The name of the volume to restore | "" |
+|  docker_backup_s3_volume.s3_key | The s3 key to restore from | "" |
+| docker_backup_fail_on_no_s3_backups | causes the task to fail if there are no s3 backups. | true |
diff --git a/roles/docker_s3_backup/defaults/main.yml b/roles/docker_s3_backup/defaults/main.yml
index 4d77d44..9d06bda 100644
--- a/roles/docker_s3_backup/defaults/main.yml
+++ b/roles/docker_s3_backup/defaults/main.yml
@@ -2,8 +2,8 @@
 # defaults file for chatton.docker_s3_backup
 
 # the number of backups of the same volume which should be kept.
-# Any excess will be deleted.
-docker_backup_retain_count: 3
+# Any excess will be deleted. If undefined, no backups will be deleted.
+# docker_backup_retain_count: 3
 # the backup directory where backups are stored on the host machine.
 # these will be uploaded to S3.
 docker_backup_aws_s3_region: "us-east-1"
@@ -13,3 +13,4 @@ docker_backup_aws_s3_url: ""
 docker_backup_aws_s3_aws_access_key: ""
 docker_backup_aws_s3_aws_secret_key: ""
 docker_backup_aws_s3_permissions: []
+docker_backup_aws_s3_encrypt: true
diff --git a/roles/docker_s3_backup/tasks/main.yml b/roles/docker_s3_backup/tasks/main.yml
index 58cfce1..ef82c2f 100644
--- a/roles/docker_s3_backup/tasks/main.yml
+++ b/roles/docker_s3_backup/tasks/main.yml
@@ -53,11 +53,14 @@
     aws_secret_key: "{{ docker_backup_aws_s3_aws_secret_key }}"
     region: "{{ docker_backup_aws_s3_region }}"
     mode: put
+    encrypt: "{{ docker_backup_aws_s3_encrypt }}"
     permission: "{{ docker_backup_aws_s3_permissions }}"
   with_items: "{{ volume_mounts }}"
 
+
 # try and find latest volume based on the name.
 - name: Fetch Volumes From S3.
+  when: docker_backup_retain_count is defined
   amazon.aws.aws_s3:
     bucket: "{{ docker_backup_aws_s3_bucket }}"
     mode: list
@@ -70,10 +73,12 @@
   with_items: "{{ volume_mounts }}"
 
 - name: Find keys to delete.
+  when: docker_backup_retain_count is defined
   ansible.builtin.set_fact:
     s3_keys_to_delete: "{{ s3_list_outputs.results | map(attribute='s3_keys') | keep_last(docker_backup_retain_count) | flatten }}"
 
 - name: Delete old backups.
+  when: docker_backup_retain_count is defined
   amazon.aws.aws_s3:
     bucket: "{{ docker_backup_aws_s3_bucket }}"
     aws_access_key: "{{ docker_backup_aws_s3_aws_access_key }}"
diff --git a/tests/host_vars/localhost.yml b/tests/host_vars/localhost.yml
index d2ffd79..25b6999 100644
--- a/tests/host_vars/localhost.yml
+++ b/tests/host_vars/localhost.yml
@@ -1,23 +1,25 @@
 $ANSIBLE_VAULT;1.1;AES256
-31343237643365393335643262646139363037616365623238316536313238386237353436643738
-3332376365393138633962373132633562363035396161650a323039646238373162333366353533
-37333238643437623538343630393065313463313038616538613838366638636433313637313630
-3733623838373864320a373636303030373737336265353165373463306233333033393266343838
-31323634313531343262323561636438326166343461373133393166303630303865316661356165
-64366435343933396131313665336437363234393239663831363033356433383330323964613833
-36346436383739623163343130376465333465316139303437666333386633313132336234383936
-65353437336637353739373837343766333266396263396562366463626332363061383435353132
-34616134396136333266323930343866663332373864623537623765303435366331613466376137
-63346337303461623036306362306235366365646137316165376634316230396239623132363337
-35363932663361313533663436633532313732646564663463393233316231623361336332336135
-39356338363336336231643661313062303734316539653031313630363866303464643438653035
-37393039623961386539303235636562653130343237336332643639346631326633363366373466
-62356536356664353466383131306664653132393837663635366466613665626535323930366637
-38646263326264313363386634363834626638383563346361386165323430383266646631626362
-64303263383138353739656534623734623638653438353666623464656461316636626564326536
-34616163626539383265353963333734313363343162663434356337393266313637323732346231
-33373835373465666637663330653337373130373732303632326530336132333236313466653239
-30383632363337333833666132363563363361623865616134613538373439353836346366353065
-34356134633038653839333430313738613531653634333430373635373239653362393461306330
-35326532303432316636666134353534626139316331333538356165313965613739653665616237
-3165353731626130666639346263333865316362623134373463
+34636164626337666434313039376166636437323530353763393833363331333831353935633364
+6439626663363038306330646233326634363136306133650a616161313361616639376336613135
+35313033373335353938643338613465643663626162656333393439623764653865643838626332
+3639383861366166330a326565323065373436383037316634643562343065343636623637666363
+36616438396136663765373733306636383430616362633161313666346631636232306462623236
+32653934363239623930633466626361393537643433613834623631636362633762363031356439
+31376530363734663230393130616534343030616333646332333939323835336438323766313439
+36323466353533333335396430363533636437623164306466656133346435613962383235643539
+65663831633530346663343139316139343432313838333439626238393733613139333439613134
+32633736616434376635363434643664326139383166316632333238646432636638313338376234
+62663834316234336230336162396231326436323463393033313038303431386662373263333531
+37303262326561643738393334643330643037326264623737353135383764326637356334363639
+32666637363933656261333738666437386163636664376231363731643433343530363161373366
+61303635313161376662626362636636336265343934353539393035646666636538616432643666
+38366135663933613334393165333638616638373331343731356361303965613532356432376339
+30353033393831363839326231656465616632306562316630636438363339626361396165373038
+30616661636562613466366331633465393639373962356465363333393632376132343565396462
+33363733386263633934363461626537333562633238363936373639323866343135653733393538
+32373061613466663535366564663434636635306165363961643331356232373131306136363230
+62643636303635633930386463346433643330633363646230653866366138346462653032396264
+37643132633262393739306361303065353430346161613232393161666463306335326464316233
+63376562343834346565646266343437343832366230376331383266616438336261636334333563
+62386162643465663066326133666561646630346339653430363362376164363164353761346165
+63656663383133326538