restic: fix backups dirs, secrets and mails
v ff dd dd f ff ff ff ff d ff f f
This commit is contained in:
parent
4c36b9964d
commit
caad4aeb0f
8 changed files with 30 additions and 1 deletions
|
@ -19,6 +19,7 @@ services:
|
||||||
/nobody@lldap/ lldap@mgrote.net
|
/nobody@lldap/ lldap@mgrote.net
|
||||||
/mg@pbs.localdomain/ pbs@mgrote.net
|
/mg@pbs.localdomain/ pbs@mgrote.net
|
||||||
/root@pbs.localdomain/ pbs@mgrote.net
|
/root@pbs.localdomain/ pbs@mgrote.net
|
||||||
|
/root@pve5.localdomain/ pve5@mgrote.net
|
||||||
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
|
# rewrite FROM "nobody@lldap" to "lldap@mgrote.net"
|
||||||
# /.*/ würde alle absender adressen ersetzen
|
# /.*/ würde alle absender adressen ersetzen
|
||||||
networks:
|
networks:
|
||||||
|
|
|
@ -83,6 +83,21 @@ ufw_rules:
|
||||||
ufw_default_incoming_policy: deny
|
ufw_default_incoming_policy: deny
|
||||||
ufw_default_outgoing_policy: allow
|
ufw_default_outgoing_policy: allow
|
||||||
|
|
||||||
|
### mgrote_restic
|
||||||
|
restic_exclude: |
|
||||||
|
._*
|
||||||
|
desktop.ini
|
||||||
|
.Trash-*
|
||||||
|
**/**cache***/**
|
||||||
|
**/**Cache***/**
|
||||||
|
**/**AppData***/**
|
||||||
|
restic_folders_to_backup: "/usr/local /etc /root /home"
|
||||||
|
restic_repository: "//fileserver3.mgrote.net/restic"
|
||||||
|
restic_fail_mail: michael.grote@posteo.de
|
||||||
|
restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
|
||||||
|
restic_mount_password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}" #gitleaks:allow
|
||||||
|
restic_mount_user: restic
|
||||||
|
|
||||||
### mgrote_apt_manage_packages
|
### mgrote_apt_manage_packages
|
||||||
apt_packages_common:
|
apt_packages_common:
|
||||||
- locales
|
- locales
|
||||||
|
|
|
@ -32,6 +32,9 @@ dotfiles:
|
||||||
home: /root
|
home: /root
|
||||||
dotfiles_repo_url: http://192.168.2.42:3000/mg/dotfiles
|
dotfiles_repo_url: http://192.168.2.42:3000/mg/dotfiles
|
||||||
|
|
||||||
|
### mgrote_restic
|
||||||
|
restic_repository: "//192.168.2.54/restic"
|
||||||
|
|
||||||
### mgrote_blocky
|
### mgrote_blocky
|
||||||
blocky_version: v0.24
|
blocky_version: v0.24
|
||||||
blocky_block_type: zeroIp
|
blocky_block_type: zeroIp
|
||||||
|
|
|
@ -78,6 +78,9 @@ repos_override: # mit docker-repos
|
||||||
### mgrote_systemd_resolved
|
### mgrote_systemd_resolved
|
||||||
systemd_resolved_nameserver: 192.168.2.37
|
systemd_resolved_nameserver: 192.168.2.37
|
||||||
|
|
||||||
|
### mgrote_restic
|
||||||
|
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/docker"
|
||||||
|
|
||||||
### mgrote_munin_node
|
### mgrote_munin_node
|
||||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||||
munin_node_plugins:
|
munin_node_plugins:
|
||||||
|
|
|
@ -19,6 +19,10 @@ pvresize_to_max: true
|
||||||
apt_packages_extra:
|
apt_packages_extra:
|
||||||
- fail2ban
|
- fail2ban
|
||||||
|
|
||||||
|
### mgrote_restic
|
||||||
|
restic_folders_to_backup: "/usr/local /etc /root /home {{ gitea_home }}"
|
||||||
|
|
||||||
|
|
||||||
### geerlingguy_postgres
|
### geerlingguy_postgres
|
||||||
postgresql_databases:
|
postgresql_databases:
|
||||||
- name: "{{ gitea_db_name }}"
|
- name: "{{ gitea_db_name }}"
|
||||||
|
|
|
@ -5,6 +5,9 @@ netplan_configure: false
|
||||||
### mgrote_postfix
|
### mgrote_postfix
|
||||||
postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24 192.168.3.0/24"
|
postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24 192.168.3.0/24"
|
||||||
|
|
||||||
|
### mgrote_restic
|
||||||
|
restic_repository: "//192.168.2.54/restic"
|
||||||
|
|
||||||
### mgrote_user
|
### mgrote_user
|
||||||
users:
|
users:
|
||||||
- username: root
|
- username: root
|
||||||
|
|
BIN
keepass_db.kdbx
BIN
keepass_db.kdbx
Binary file not shown.
|
@ -5,4 +5,4 @@ Description=Send a Mail in case of an error in restic.service.
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStart=/bin/bash -c '/bin/systemctl status restic.service | mail -s "[ERROR] restic - %H" {{ my_mail }}'
|
ExecStart=/bin/bash -c '/bin/systemctl status restic.service | mail -aFROM:restic@mgrote.net -s "[ERROR] restic - %H" {{ my_mail }}'
|
||||||
|
|
Loading…
Reference in a new issue