Rolle: restic (#23)

kommentare doku musterrolle aktualisiert fange mount fehler ab samba smb version zwischnen 2.0 und 3.0 defautls aktualisiert Feintuning restic: versuche 3x Backup zu machen bevor abbruch + Mail versenden Co-authored-by: Michael Grote <38253905+quotengrote@users.noreply.github.com> Reviewed-on: mg/ansible#23 Co-Authored-By: mg <michael.grote@posteo.de> Co-Committed-By: mg <michael.grote@posteo.de>
2021-01-05 17:41:18 +01:00 · 2021-01-05 17:41:18 +01:00 · 2055e122eb
commit 2055e122eb
parent ebc7dd57fd
6 changed files with 66 additions and 43 deletions
--- a/group_vars/ansible.yml
+++ b/group_vars/ansible.yml
@ -8,3 +8,5 @@
  ### geerlingguy.ansible
  ansible_install_method: pip
  ansible_install_version_pip: '2.10'
+  ### mgrote.restic
+  restic_folders_to_backup: "/usr/local /etc /root /home"
--- a/roles/mgrote.fileserver_smb/defaults/main.yml
+++ b/roles/mgrote.fileserver_smb/defaults/main.yml
@ -12,7 +12,7 @@

  # Global SMB options
  smb_min_protocol: "SMB3_00"
-  smb_client_min_protocol: "SMB3_00"
+  smb_client_min_protocol: "SMB2_00"
  smb_client_max_protocol: "SMB3_00"
  smb_log_level: "1"
  smb_server_string: "%h_server"
--- a/roles/mgrote.musterrolle/README.md
+++ b/roles/mgrote.musterrolle/README.md
@ -5,13 +5,10 @@
 ### Funktioniert auf
 - [ ] Ubuntu (>=18.04)
 - [ ] Debian
-
 - [ ] ProxMox 6.1

 ### Variablen + Defaults
-##### Erklaerung
-befehl...
-
+see [defaults](./defaults/main.yml)


 ## Checkliste fuer Rolle
--- a/roles/mgrote.restic/README.md
+++ b/roles/mgrote.restic/README.md
@ -10,17 +10,4 @@ Es wird ein Cronjob angelegt, bei dem die Minuten quasi-zufaellig auf Basis des
 - [X] ProxMox 6.1

 ### Variablen + Defaults
-##### Wohin wird der Share gemountet
-restic_mount: /mnt/restic
-##### NAS + Repository
-restic_repository: //fileserver2.grote.lan/Backup/restic
-##### Password fuer das Restic-Repository
-restic_repository_password: xxxxxx
-##### Stunden Cronjob
-restic_cron_hours: 8,19
-##### Nutzername fuer die Freigabe
-restic_mount_user: restic
-##### Password fuer die Freigabe
-restic_mount_password: xxx
-##### Welche Ordner sollen gesichert werden
-restic_folders_to_backup: "/usr/local /etc /root /var/www /home /var/lib/docker/volumes"
+see [defaults](./defaults/main.yml)
--- a/roles/mgrote.restic/defaults/main.yml
+++ b/roles/mgrote.restic/defaults/main.yml
@ -1,6 +1,14 @@
 ---
-  restic_folders_to_backup: "/usr/local /etc /root /var/www /home"
-  restic_exclude: |
+  restic_anzahl_versuche_backup: "3" # wie oft soll restic versuchen ein backup zu starten
+  restic_wartezeit: "60" # wartezeit zwischen den versuchen
+  restic_folders_to_backup: "/usr/local /etc /root /var/www /home" # welche ordner sollen gesichert werden
+  restic_cron_hours: "19" # zu welcher stunde soll das script gestartet werden(nibute wird aus dem hostnamen generiert)
+  restic_repository: "ANY.SMB.SHARE" # smb-share mit dem repository: z.B. "//fileserver2.grote.lan/backup/restic"
+  restic_repository_password: XXXXX # password für das repo
+  restic_mount: "/mnt/restic" # wohin soll das repo gemountet werden
+  restic_mount_user: restic # nutzer für den share/mount
+  restic_mount_password: XXXXX # passwort für den mount
+  restic_exclude: |     # was soll ausgeschlossen werden, siehe: https://github.com/restic/restic/issues/1005; https://forum.restic.net/t/exclude-syntax-confusion/1531/12
        ._*
        desktop.ini
        .Trash-*
--- a/roles/mgrote.restic/templates/restic_backup.sh
+++ b/roles/mgrote.restic/templates/restic_backup.sh
@ -1,34 +1,63 @@
 #!/bin/bash
-# https://forum.rclone.org/t/bash-script-cronjob-for-automating-rclone-sync/13526/2
-LOCKDIR=${HOME}/.cache
-# Get an exclusive lock or exit
-function exlock() {
+LOCKDIR=${HOME}/.cache # set lockdir
+function exlock() { # define Function for setting lock; stops the script i a lock exists
    exec {lock_fd}>${LOCKDIR}/$(basename $0).lock
    flock -nx "$lock_fd"
    if [[ $? == 1 ]]; then
        exit 1
    fi
 }
-# Cleanup lock file and exit
-function unlock() {
+function unlock() { # define function for removing lock
    rm "${LOCKDIR}/$(basename $0).lock"
    [[ -n $1 ]] && exit $1
    exit
 }
-# Damit prueft ob das Script ob es schon laeuft
-exlock
-{ #<-- ist keine Subshell sondern Grouping, https://askubuntu.com/questions/662190/write-the-output-of-multiple-sequential-commands-to-a-text-file
-echo "--------------------------------------------------"
-echo $(date)
-mount -t cifs -o credentials="/etc/restic/smb_password.txt",vers=3.0 {{ restic_repository }} {{ restic_mount }}
-restic -r {{ restic_mount }} --password-file /etc/restic/password.txt backup --exclude-file /etc/restic/exclude.txt {{ restic_folders_to_backup }}
-retVal=$? #schreib Exit Code in Variable
-umount {{ restic_mount }}
-} >> /var/log/restic.log 2>&1;
-echo $retVal
-# Mail wenn Restix Exit != 0 #https://stackoverflow.com/a/45817972
-if [ $retVal -ne 0 ]; then
-    tail "/var/log/restic.log" | mail -s "ERROR - Restic - $HOSTNAME" {{ empfaenger_mail }}
+
+exlock # set lock
+abbruch_restic=0 # set counter for error
+
+mount -t cifs -o credentials="/etc/restic/smb_password.txt",vers=3.0 {{ restic_repository }} {{ restic_mount }}  # mount share
+mount_return_value=$? # schreib Exit Code in Variable
+if ( [ "$mount_return_value" -ne 0 ] ); then
+    {
+    echo "--------------------------------------------------" # Trenner logfile
+    echo $(date) # Datum für logfile
+    echo "mount error"
+    } >> /var/log/restic.log 2>&1;
+    tail --lines=5 "/var/log/restic.log" | mail -s "Backup-Error - restic - $HOSTNAME" {{ empfaenger_mail }}
+    exit 1
+else
+    {
+    echo "--------------------------------------------------" # Trenner logfile
+    echo $(date) # Datum für logfile
+    echo "mount successful"
+    } >> /var/log/restic.log 2>&1;
 fi
-#Hiermit wird die Lockdatei geloescht
-unlock
+
+
+
+while [[ "$abbruch_restic" -le {{ restic_anzahl_versuche_backup }} ]] # Schleife für Abbruchbedingung; um die eckikgen Klammern(Befehl "test") muss immer ein leerzeichen sein
+do
+    {  # ist keine Subshell sondern Grouping; https://askubuntu.com/questions/662190/write-the-output-of-multiple-sequential-commands-to-a-text-file
+    echo "--------------------------------------------------" # Trenner logfile
+    echo $(date) # Datum für logfile
+    restic -r {{ restic_mount }} --password-file /etc/restic/password.txt backup --exclude-file /etc/restic/exclude.txt /home/mg/rt # execute Backup
+    restic_return_value=$? # schreib Exit Code in Variable
+    if ( [[ "$restic_return_value" -eq 0 ]] ); # Prüfung ob restic erfolgreich war(setze Abbruchbedingung), wenn nicht warte 1min und zähle die Abbruchbedingung hoch
+    then
+        abbruch_restic=99
+    else
+        sleep {{ restic_wartezeit }}
+        abbruch_restic=$(("$abbruch_restic" + 1))
+    fi
+  } >> /var/log/restic.log 2>&1; # leite die komplette Ausgabe in logfile um
+done
+
+umount {{ restic_mount }} >> /var/log/restic.log 2>&1;   # unmount
+
+
+if ( [[ "$restic_return_value" -ne 0 ]] ); then # sende eMail wenn Restic Fehler ungleich 0, also Fehler; #https://stackoverflow.com/a/45817972
+    tail --lines=50 "/var/log/restic.log" | mail -s "Backup-Error - restic - $HOSTNAME" {{ empfaenger_mail }} # schreibe die letzten 50 Zeilen aus dem Logfile in den Body der Mail
+fi
+
+unlock # entferne lock