add neo4j ansible role

ansible/roles/neo4j/tasks/backup.yml

@@ -0,0 +1,47 @@
+---
+
+- name: Setting up mount point for /nas
+  ansible.posix.mount:
+    path: "/nas"
+    src: "{{ neo4j_nfs_server }}:/data/shares/neo4j"
+    fstype: "nfs4"
+    opts: "rw,noatime,nodiratime,_netdev"
+    state: mounted
+  tags: backup
+
+- name: Ensure scripts folder exists
+  ansible.builtin.file:
+    path: "/data/scripts"
+    owner: root
+    group: root
+    mode: 0644
+    state: directory
+  tags: backup
+
+- name: Deploy backup script
+  ansible.builtin.copy:
+    src: "neo4j-dump-database.sh"
+    dest: "/data/scripts/neo4j-dump-database.sh"
+    owner: root
+    group: root
+    mode: 0750
+  tags: backup
+
+- name: Setting up backup cron
+  ansible.builtin.cron:
+    name: "neo4j backup"
+    minute: "0"
+    hour: "04"
+    job: "/data/scripts/neo4j-dump-database.sh -r 7 -d /nas -c"
+    disabled: true
+    user: root
+    cron_file: neo4j-backup
+    state: present
+  tags: backup
+
+- name: Adding checkmk config for backup script
+  ansible.builtin.lineinfile:
+    path: "/etc/check_mk/mrpe.cfg"
+    regexp: "^#?neo4j_dump /usr/local/nagios/plugins/check_batch neo4j-dump-database.sh 129600"
+    line: "#neo4j_dump /usr/local/nagios/plugins/check_batch neo4j-dump-database.sh 129600"
+  tags: backup

ansible/roles/neo4j/tasks/install.yml

@@ -0,0 +1,56 @@
+---
+
+- name: checking dependencies
+  ansible.builtin.apt:
+    package: "{{ item }}"
+    state: present
+  with_items:
+    - apt-transport-https
+    - ca-certificates
+    - gnupg2
+    - openjdk-17-jdk
+    - nfs-common
+  tags: install
+
+- name: adding neo4j pgp key
+  ansible.builtin.get_url:
+    url: "https://debian.neo4j.com/neotechnology.gpg.key"
+    dest: "/usr/share/keyrings/neo4j.asc"
+    mode: 0644
+    force: true
+  tags: install
+
+- name: adding repo
+  ansible.builtin.apt_repository:
+    repo: "deb [signed-by=/usr/share/keyrings/neo4j.asc] https://debian.neo4j.com stable latest"
+    update_cache: true
+    state: present
+  tags: install
+
+- name: install package
+  ansible.builtin.apt:
+    package: "neo4j"
+    state: present
+  tags: install
+
+- name: holding package
+  ansible.builtin.dpkg_selections:
+    name: neo4j
+    selection: hold
+  tags: install
+
+- name: Enable neo4j service
+  ansible.builtin.systemd_service:
+    name: neo4j.service
+    enabled: true
+  tags: install
+
+- name: Deploy neo4j.yml
+  ansible.builtin.template:
+    src: neo4j.conf.j2
+    dest: "/etc/neo4j/neo4j.conf"
+    owner: neo4j
+    group: neo4j
+    mode: 0660
+  tags: install,config
+  notify: restart neo4j

ansible/roles/neo4j/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+
+- include_tasks: install.yml
+  tags: install,config
+
+- include_tasks: backup.yml
+  tags: backup