From d48b30fdb8bd516919e7fe9da18197b53ba19669 Mon Sep 17 00:00:00 2001
From: Riku Rouvila <riku.rouvila@gmail.com>
Date: Tue, 17 Oct 2023 16:26:48 +0300
Subject: [PATCH] Ensure jq is installed on all production servers (#759)

* ensure jq is installed on all production servers

* fix file path used when rsyncing minio and metabase data to backup server
---
 infrastructure/emergency-backup-metadata.sh | 15 ++++++++++-----
 infrastructure/server-setup/playbook-1.yml  |  5 +++++
 infrastructure/server-setup/playbook-3.yml  |  7 ++++++-
 infrastructure/server-setup/playbook-5.yml  |  9 +++++++--
 4 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/infrastructure/emergency-backup-metadata.sh b/infrastructure/emergency-backup-metadata.sh
index 8e7277042..b67b6c7b4 100755
--- a/infrastructure/emergency-backup-metadata.sh
+++ b/infrastructure/emergency-backup-metadata.sh
@@ -286,14 +286,19 @@ else
 fi
 
 echo "Creating a backup for Minio"
-cd $ROOT_PATH/minio && tar -zcvf $ROOT_PATH/backups/minio/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz . && cd /
+
+LOCAL_MINIO_BACKUP=$ROOT_PATH/backups/minio/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz
+cd $ROOT_PATH/minio && tar -zcvf $LOCAL_MINIO_BACKUP . && cd /
 
 echo "Creating a backup for Metabase"
 
-cd $ROOT_PATH/metabase && tar -zcvf $ROOT_PATH/backups/metabase/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz . && cd /
+LOCAL_METABASE_BACKUP=$ROOT_PATH/backups/metabase/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz
+cd $ROOT_PATH/metabase && tar -zcvf $LOCAL_METABASE_BACKUP . && cd /
 
 echo "Creating a backup for VSExport"
-cd $ROOT_PATH/vsexport && tar -zcvf $ROOT_PATH/backups/vsexport/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz . && cd /
+
+LOCAL_VSEXPORT_BACKUP=$ROOT_PATH/backups/vsexport/ocrvs-${LABEL:-$BACKUP_DATE}.tar.gz
+cd $ROOT_PATH/vsexport && tar -zcvf $LOCAL_VSEXPORT_BACKUP . && cd /
 
 if [[ "$IS_LOCAL" = true ]]; then
   echo $WORKING_DIR
@@ -305,8 +310,8 @@ fi
 #----------------------------------------------------
 if [[ "$OWN_IP" = "$PRODUCTION_IP" || "$OWN_IP" = "$(dig $PRODUCTION_IP +short)" ]]; then
   script -q -c "rsync -a -r --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/elasticsearch/ $SSH_USER@$SSH_HOST:$REMOTE_DIR/elasticsearch" && echo "Copied elasticsearch backup files to remote server."
-  script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/minio/${LABEL:-$BACKUP_DATE} $SSH_USER@$SSH_HOST:$REMOTE_DIR/minio" && echo "Copied minio backup files to remote server."
-  script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/metabase/${LABEL:-$BACKUP_DATE} $SSH_USER@$SSH_HOST:$REMOTE_DIR/metabase" && echo "Copied Metabase backup files to remote server."
+  script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $LOCAL_MINIO_BACKUP $SSH_USER@$SSH_HOST:$REMOTE_DIR/minio" && echo "Copied minio backup files to remote server."
+  script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $LOCAL_METABASE_BACKUP $SSH_USER@$SSH_HOST:$REMOTE_DIR/metabase" && echo "Copied Metabase backup files to remote server."
   script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/influxdb/${LABEL:-$BACKUP_DATE} $SSH_USER@$SSH_HOST:$REMOTE_DIR/influxdb" && echo "Copied influx backup files to remote server."
   script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/mongo/hearth-dev-${LABEL:-$BACKUP_DATE}.gz $SSH_USER@$SSH_HOST:$REMOTE_DIR/mongo" && echo "Copied hearth backup files to remote server."
   script -q -c "rsync -a -r --ignore-existing --progress --rsh='ssh -p$SSH_PORT' $ROOT_PATH/backups/mongo/user-mgnt-${LABEL:-$BACKUP_DATE}.gz $SSH_USER@$SSH_HOST:$REMOTE_DIR/mongo" && echo "Copied user backup files to remote server."
diff --git a/infrastructure/server-setup/playbook-1.yml b/infrastructure/server-setup/playbook-1.yml
index 2ed307378..2ecf4ce76 100644
--- a/infrastructure/server-setup/playbook-1.yml
+++ b/infrastructure/server-setup/playbook-1.yml
@@ -66,6 +66,11 @@
         name: python3-pip
         state: present
 
+    - name: 'Install jq'
+      apt:
+        name: jq
+        state: present
+
     - name: 'Install pexpect python module for ansible expect commands'
       pip:
         name: pexpect
diff --git a/infrastructure/server-setup/playbook-3.yml b/infrastructure/server-setup/playbook-3.yml
index 60a1d307f..9dc2de818 100644
--- a/infrastructure/server-setup/playbook-3.yml
+++ b/infrastructure/server-setup/playbook-3.yml
@@ -74,6 +74,11 @@
         name: python3-pip
         state: present
 
+    - name: 'Install jq'
+      apt:
+        name: jq
+        state: present
+
     - name: 'Install pexpect python module for ansible expect commands'
       pip:
         name: pexpect
@@ -366,7 +371,7 @@
       apt:
         name: fail2ban
         state: present
-        
+
     - name: 'Copy fail2ban jail.local'
       copy:
         src: ../jail.local
diff --git a/infrastructure/server-setup/playbook-5.yml b/infrastructure/server-setup/playbook-5.yml
index 5308ea210..d6b195f42 100644
--- a/infrastructure/server-setup/playbook-5.yml
+++ b/infrastructure/server-setup/playbook-5.yml
@@ -64,6 +64,11 @@
         name: python3-pip
         state: present
 
+    - name: 'Install jq'
+      apt:
+        name: jq
+        state: present
+
     - name: 'Install pexpect python module for ansible expect commands'
       pip:
         name: pexpect
@@ -350,12 +355,12 @@
       ufw:
         rule: allow
         name: OpenSSH
-    
+
     - name: 'Install Fail2Ban'
       apt:
         name: fail2ban
         state: present
-        
+
     - name: 'Copy fail2ban jail.local'
       copy:
         src: ../jail.local