Update 7

Part-2/ansible-playbook/configure_backup.yml

@@ -0,0 +1,48 @@
+- name: Configure automated backups
+  hosts: yndx-client.practicumsuperstore.ru
+  become: yes
+  vars:
+    backup_script: /home/backup-user/run-backup.sh
+    backup_dir_local: /home/backup-user/backups
+    remote_backup_dir: /home/anscfg/backups
+  tasks:
+    - name: Create local backup directory
+      file:
+        path: "{{ backup_dir_local }}"
+        state: directory
+        owner: backup-user
+        group: backup-user
+        mode: '0755'
+
+    - name: Create backup script
+      copy:
+        content: |
+          #!/bin/bash
+          DATE=$(date +%Y%m%d_%H%M%S)
+          BACKUP_FILE="/tmp/backup_${DATE}.tar.gz"
+          tar -czf "$BACKUP_FILE" /etc /var/log 2>/dev/null
+          scp -o StrictHostKeyChecking=no "$BACKUP_FILE" anscfg@yndx-ansible.practicumsuperstore.ru:"{{ remote_backup_dir }}/"
+          rm -f "$BACKUP_FILE"
+        dest: "{{ backup_script }}"
+        owner: backup-user
+        group: backup-user
+        mode: '0755'
+
+    - name: Ensure remote backup directory exists (run locally)
+      delegate_to: localhost
+      become: no
+      run_once: true
+      file:
+        path: "{{ remote_backup_dir }}"
+        state: directory
+        owner: anscfg
+        group: anscfg
+        mode: '0755'
+
+    - name: Add daily cron job for backup-user
+      cron:
+        name: "Daily system backup"
+        user: backup-user
+        minute: "0"
+        hour: "2"
+        job: "{{ backup_script }}"

Part-2/ansible-playbook/create_user.yml

@@ -0,0 +1,10 @@
+- name: Create backup-user on client
+  hosts: yndx-client.practicumsuperstore.ru
+  become: yes
+  tasks:
+    - name: Create user backup-user with home directory
+      user:
+        name: backup-user
+        shell: /bin/bash
+        create_home: yes
+        system: no

Part-2/ansible-playbook/inventory.ini

@@ -0,0 +1,6 @@
+[yndx]
+yndx-client.practicumsuperstore.ru
+
+[all:vars]
+ansible_user=anscfg
+ansible_ssh_private_key_file=/home/anscfg/.ssh/id_rsa

Part-2/ansible-playbook/setup_services.yml

@@ -0,0 +1,44 @@
+- name: Configure DNS and NTP on yndx-client
+  hosts: yndx-client.practicumsuperstore.ru
+  become: yes
+  tasks:
+    - name: Stop and disable systemd-resolved
+      systemd:
+        name: systemd-resolved
+        state: stopped
+        enabled: no
+
+    - name: Remove existing resolv.conf
+      file:
+        path: /etc/resolv.conf
+        state: absent
+
+    - name: Create new resolv.conf pointing to internal DNS
+      copy:
+        content: |
+          nameserver 10.10.1.200
+        dest: /etc/resolv.conf
+        owner: root
+        group: root
+        mode: '0644'
+
+    - name: Install chrony
+      apt:
+        name: chrony
+        state: present
+        update_cache: yes
+
+    - name: Configure chrony to use yndx-dns as NTP server
+      copy:
+        content: |
+          server 10.10.1.200 iburst
+        dest: /etc/chrony/chrony.conf
+        owner: root
+        group: root
+        mode: '0644'
+
+    - name: Restart chrony
+      systemd:
+        name: chrony
+        state: restarted
+        enabled: yes