restic: fix backups dirs, secrets and mails
v ff dd dd f ff ff ff ff d ff f f
This commit is contained in:
parent
4c36b9964d
commit
caad4aeb0f
8 changed files with 30 additions and 1 deletions
|
@ -19,6 +19,7 @@ services:
|
|||
/nobody@lldap/ lldap@mgrote.net
|
||||
/mg@pbs.localdomain/ pbs@mgrote.net
|
||||
/root@pbs.localdomain/ pbs@mgrote.net
|
||||
/root@pve5.localdomain/ pve5@mgrote.net
|
||||
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
|
||||
# /.*/ würde alle absender adressen ersetzen
|
||||
networks:
|
||||
|
|
|
@ -83,6 +83,21 @@ ufw_rules:
|
|||
ufw_default_incoming_policy: deny
|
||||
ufw_default_outgoing_policy: allow
|
||||
|
||||
### mgrote_restic
|
||||
restic_exclude: |
|
||||
._*
|
||||
desktop.ini
|
||||
.Trash-*
|
||||
**/**cache***/**
|
||||
**/**Cache***/**
|
||||
**/**AppData***/**
|
||||
restic_folders_to_backup: "/usr/local /etc /root /home"
|
||||
restic_repository: "//fileserver3.mgrote.net/restic"
|
||||
restic_fail_mail: michael.grote@posteo.de
|
||||
restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
|
||||
restic_mount_password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}" #gitleaks:allow
|
||||
restic_mount_user: restic
|
||||
|
||||
### mgrote_apt_manage_packages
|
||||
apt_packages_common:
|
||||
- locales
|
||||
|
|
|
@ -32,6 +32,9 @@ dotfiles:
|
|||
home: /root
|
||||
dotfiles_repo_url: http://192.168.2.42:3000/mg/dotfiles
|
||||
|
||||
### mgrote_restic
|
||||
restic_repository: "//192.168.2.54/restic"
|
||||
|
||||
### mgrote_blocky
|
||||
blocky_version: v0.24
|
||||
blocky_block_type: zeroIp
|
||||
|
|
|
@ -78,6 +78,9 @@ repos_override: # mit docker-repos
|
|||
### mgrote_systemd_resolved
|
||||
systemd_resolved_nameserver: 192.168.2.37
|
||||
|
||||
### mgrote_restic
|
||||
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/docker"
|
||||
|
||||
### mgrote_munin_node
|
||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||
munin_node_plugins:
|
||||
|
|
|
@ -19,6 +19,10 @@ pvresize_to_max: true
|
|||
apt_packages_extra:
|
||||
- fail2ban
|
||||
|
||||
### mgrote_restic
|
||||
restic_folders_to_backup: "/usr/local /etc /root /home {{ gitea_home }}"
|
||||
|
||||
|
||||
### geerlingguy_postgres
|
||||
postgresql_databases:
|
||||
- name: "{{ gitea_db_name }}"
|
||||
|
|
|
@ -5,6 +5,9 @@ netplan_configure: false
|
|||
### mgrote_postfix
|
||||
postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24 192.168.3.0/24"
|
||||
|
||||
### mgrote_restic
|
||||
restic_repository: "//192.168.2.54/restic"
|
||||
|
||||
### mgrote_user
|
||||
users:
|
||||
- username: root
|
||||
|
|
BIN
keepass_db.kdbx
BIN
keepass_db.kdbx
Binary file not shown.
|
@ -5,4 +5,4 @@ Description=Send a Mail in case of an error in restic.service.
|
|||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/bash -c '/bin/systemctl status restic.service | mail -s "[ERROR] restic - %H" {{ my_mail }}'
|
||||
ExecStart=/bin/bash -c '/bin/systemctl status restic.service | mail -aFROM:restic@mgrote.net -s "[ERROR] restic - %H" {{ my_mail }}'
|
||||
|
|
Loading…
Reference in a new issue