Fixed taging for disabled host

all.yml

@@ -31,3 +31,5 @@
       tags: vnc_server
     - role: promtail
       tags: promtail
+    - role: sudoers
+      tags: sudoers

roles/omv_backup/files/omv_backup.service

@@ -0,0 +1,8 @@
+[Unit]
+Description=Enable OMV backup
+
+[Service]
+ExecStart = nohup /myapps/omv_backup.py -b > /dev/null  2>&1 &
+
+[Install]
+WantedBy=basic.target

roles/omv_backup/tasks/main.yml

@@ -1,4 +1,6 @@
-- block:
+- name: Omv Setup
+  become: true
+  block:
     - name: include vault
       ansible.builtin.include_vars:
         file: jaydee.yml
@@ -27,31 +29,14 @@
 
     - name: Upload script
       ansible.builtin.copy:
-      src: "{{ dest_folder }}/omv_backup_v3.py"
+        src: "{{ dest_folder }}/omv_backup_v4.py"
         dest: /myapps/omv_backup.py
         remote_src: true
         mode: '0755'
         owner: root
         group: root
       when: inventory_hostname != 'nas.home.lan' 
-  - name: Upload script
+
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/omv_backup_v3.py"
-      dest: /myapps/omv_backup.py
-      remote_src: true
-      mode: '0755'
-      owner: root
-      group: root
-    when: inventory_hostname != 'nas.home.lan' 
-  - name: Upload script
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/docker_backups.py"
-      dest: /myapps/docker_backups.py
-      remote_src: true
-      mode: '0755'
-      owner: root
-      group: root
-    when: inventory_hostname != 'nas.home.lan'
     - name: Upload requirements
       ansible.builtin.copy:
         src: "{{ dest_folder }}/requirements.txt"
@@ -73,37 +58,22 @@
       ansible.builtin.cron:
         name: "omv_backup"
         state: absent
-
+    - name: Upload service config
+      ansible.builtin.copy:
+        src: omv_backup.service
+        dest: /etc/systemd/system/omv_backup.service
+      when: inventory_hostname == 'amd.home.lan'
+    - name: Restart omv service
+      ansible.builtin.service:
+        name: omv_backup
+        state: restarted
+        daemon_reload: true
+        enabled: true
+      when: inventory_hostname == 'amd.home.lan'
     # - name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /dev/null"
     #   ansible.builtin.cron:
     #     name: "omv_backup"
     #     minute: "0"
     #     hour: "8"
-  #     job: "/myapps/venv/bin/python3 /myapps/omv_backup.py -b > /dev/null  2>&1 &"
+    #     job: "sudo /myapps/omv_backup.py -b > /dev/null  2>&1 &"
-  
+    #     state: present
-  - name: Creating config
-    ansible.builtin.copy:
-      dest: "/etc/systemd/system/omv_backup.service"
-      content: |
-        [Unit]
-        Description=Enable OMV backup
-
-        [Service]
-        ExecStart = nohup /myapps/venv/bin/python3 /myapps/omv_backup.py -b > /dev/null  2>&1 &
-
-        [Install]
-        WantedBy=basic.target
-      owner: root
-      mode: '0744'
-    when: inventory_hostname == 'amd.home.lan' 
-
-  - name: Restart service omv_backup, in all cases
-    ansible.builtin.service:
-      name: omv_backup
-      state: restarted
-      enabled: true
-    # async: 
-    # poll: 0
-    # ignore_errors: true
-    when: inventory_hostname == 'amd.home.lan' 
-  become: true

roles/sudoers/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Set sudoers
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+  block:
+    - name: Allow the backup jd to sudo /myapps/omv_backup.py
+      community.general.sudoers:
+        name: allow-backup
+        state: present
+        user: jd
+        commands: /myapps/omv_backup.py*