Fixed taging for disabled host

all.yml

@@ -31,3 +31,5 @@
       tags: vnc_server
     - role: promtail
       tags: promtail
+    - role: sudoers
+      tags: sudoers

roles/omv_backup/files/omv_backup.service

@@ -0,0 +1,8 @@
+[Unit]
+Description=Enable OMV backup
+
+[Service]
+ExecStart = nohup /myapps/omv_backup.py -b > /dev/null  2>&1 &
+
+[Install]
+WantedBy=basic.target

roles/omv_backup/tasks/main.yml

@@ -1,109 +1,79 @@
-- block:
-  - name: include vault
-    ansible.builtin.include_vars:
-      file: jaydee.yml
-  - name: Delete content & directory
-    ansible.builtin.file:
-      state: absent
-      path: "{{ dest_folder }}"
-  - name: GIT pull
-    tags:
-      - git_pull
-    git:
-      repo: "https://{{ git_user | urlencode }}:{{ git_password_mqtt | urlencode }}@gitlab.sectorq.eu/jaydee/omv_backup.git"
-      dest: "{{ dest_folder }}"
-      update: yes
-      clone: yes
-      version: main
-  - debug:
-      msg: "{{ inventory_hostname }}"
-  - name: Create a directory if it does not exist
-    ansible.builtin.file:
-      path: /myapps
-      state: directory
-      mode: '0755'
-      owner: root
-      group: root
-
-  - name: Upload script
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/omv_backup_v3.py"
-      dest: /myapps/omv_backup.py
-      remote_src: true
-      mode: '0755'
-      owner: root
-      group: root
-    when: inventory_hostname != 'nas.home.lan' 
-  - name: Upload script
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/omv_backup_v3.py"
-      dest: /myapps/omv_backup.py
-      remote_src: true
-      mode: '0755'
-      owner: root
-      group: root
-    when: inventory_hostname != 'nas.home.lan' 
-  - name: Upload script
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/docker_backups.py"
-      dest: /myapps/docker_backups.py
-      remote_src: true
-      mode: '0755'
-      owner: root
-      group: root
-    when: inventory_hostname != 'nas.home.lan'
-  - name: Upload requirements
-    ansible.builtin.copy:
-      src: "{{ dest_folder }}/requirements.txt"
-      dest: /myapps/requirements.txt
-      remote_src: true
-    when: inventory_hostname != 'nas.home.lan' 
-
-  - name: Install venv
-    ansible.builtin.apt:
-      name: 
-        - python3-virtualenv
-
-  - name: Install specified python requirements in indicated (virtualenv)
-    ansible.builtin.pip:
-      requirements: /myapps/requirements.txt
-      virtualenv: /myapps/venv
-
-  - name: 'Ensure an old job is no longer present. Removes any job that is prefixed by "#Ansible: an old job" from the crontab'
-    ansible.builtin.cron:
-      name: "omv_backup"
-      state: absent
-
-  # - name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /dev/null"
-  #   ansible.builtin.cron:
-  #     name: "omv_backup"
-  #     minute: "0"
-  #     hour: "8"
-  #     job: "/myapps/venv/bin/python3 /myapps/omv_backup.py -b > /dev/null  2>&1 &"
-  
-  - name: Creating config
-    ansible.builtin.copy:
-      dest: "/etc/systemd/system/omv_backup.service"
-      content: |
-        [Unit]
-        Description=Enable OMV backup
-
-        [Service]
-        ExecStart = nohup /myapps/venv/bin/python3 /myapps/omv_backup.py -b > /dev/null  2>&1 &
-
-        [Install]
-        WantedBy=basic.target
-      owner: root
-      mode: '0744'
-    when: inventory_hostname == 'amd.home.lan' 
-
-  - name: Restart service omv_backup, in all cases
-    ansible.builtin.service:
-      name: omv_backup
-      state: restarted
-      enabled: true
-    # async: 
-    # poll: 0
-    # ignore_errors: true
-    when: inventory_hostname == 'amd.home.lan' 
+- name: Omv Setup
   become: true
+  block:
+    - name: include vault
+      ansible.builtin.include_vars:
+        file: jaydee.yml
+    - name: Delete content & directory
+      ansible.builtin.file:
+        state: absent
+        path: "{{ dest_folder }}"
+    - name: GIT pull
+      tags:
+        - git_pull
+      git:
+        repo: "https://{{ git_user | urlencode }}:{{ git_password_mqtt | urlencode }}@gitlab.sectorq.eu/jaydee/omv_backup.git"
+        dest: "{{ dest_folder }}"
+        update: yes
+        clone: yes
+        version: main
+    - debug:
+        msg: "{{ inventory_hostname }}"
+    - name: Create a directory if it does not exist
+      ansible.builtin.file:
+        path: /myapps
+        state: directory
+        mode: '0755'
+        owner: root
+        group: root
+
+    - name: Upload script
+      ansible.builtin.copy:
+        src: "{{ dest_folder }}/omv_backup_v4.py"
+        dest: /myapps/omv_backup.py
+        remote_src: true
+        mode: '0755'
+        owner: root
+        group: root
+      when: inventory_hostname != 'nas.home.lan' 
+
+    - name: Upload requirements
+      ansible.builtin.copy:
+        src: "{{ dest_folder }}/requirements.txt"
+        dest: /myapps/requirements.txt
+        remote_src: true
+      when: inventory_hostname != 'nas.home.lan' 
+
+    - name: Install venv
+      ansible.builtin.apt:
+        name: 
+          - python3-virtualenv
+
+    - name: Install specified python requirements in indicated (virtualenv)
+      ansible.builtin.pip:
+        requirements: /myapps/requirements.txt
+        virtualenv: /myapps/venv
+
+    - name: 'Ensure an old job is no longer present. Removes any job that is prefixed by "#Ansible: an old job" from the crontab'
+      ansible.builtin.cron:
+        name: "omv_backup"
+        state: absent
+    - name: Upload service config
+      ansible.builtin.copy:
+        src: omv_backup.service
+        dest: /etc/systemd/system/omv_backup.service
+      when: inventory_hostname == 'amd.home.lan'
+    - name: Restart omv service
+      ansible.builtin.service:
+        name: omv_backup
+        state: restarted
+        daemon_reload: true
+        enabled: true
+      when: inventory_hostname == 'amd.home.lan'
+    # - name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /dev/null"
+    #   ansible.builtin.cron:
+    #     name: "omv_backup"
+    #     minute: "0"
+    #     hour: "8"
+    #     job: "sudo /myapps/omv_backup.py -b > /dev/null  2>&1 &"
+    #     state: present

roles/sudoers/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Set sudoers
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+  block:
+    - name: Allow the backup jd to sudo /myapps/omv_backup.py
+      community.general.sudoers:
+        name: allow-backup
+        state: present
+        user: jd
+        commands: /myapps/omv_backup.py*