mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

restic: enable variable (#226)

Browse source 
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#226
Co-authored-by: mg <michael.grote@posteo.de>
Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2021-10-20 19:59:16 +02:00
parent 43a940dd5e
commit e63aabf5d9
9 changed files with 101 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
group_vars/all.yml
View file

@ -70,6 +70,7 @@
### mgrote.apt_manage_sources ### mgrote.apt_manage_sources
manage_sources_apt_proxy: "acng.grote.lan:9999" manage_sources_apt_proxy: "acng.grote.lan:9999"
### mgrote.restic ### mgrote.restic
restic_enable_role: true
restic_folders_to_backup: "/usr/local /etc /root /home" restic_folders_to_backup: "/usr/local /etc /root /home"
restic_cron_hours: "19" restic_cron_hours: "19"
restic_repository: "//fileserver2.grote.lan/restic" restic_repository: "//fileserver2.grote.lan/restic"

2
group_vars/tor.yml
View file

@ -94,3 +94,5 @@
f2b_findtime: 600 f2b_findtime: 600
f2b_maxretry: 3 f2b_maxretry: 3
f2b_send_email_report: false f2b_send_email_report: false
### mgrote.restic
restic_enable_role: false

2
playbooks/base/restic.yml
View file

@ -1,4 +1,4 @@
--- ---
- hosts: all - hosts: all
roles: roles:
- { role: mgrote.restic, tags: "restic", when: "not 'tor' in group_names" } - { role: mgrote.restic, tags: "restic" }

1
roles/mgrote.restic/defaults/main.yml
View file

@ -15,3 +15,4 @@
**/**cache***/** **/**cache***/**
**/**Cache***/** **/**Cache***/**
**/**AppData***/** **/**AppData***/**
restic_enable_role: true

3
roles/mgrote.restic/meta/main.yml
View file

@ -1,3 +0,0 @@
---
dependencies:
- role: mgrote.postfix

63
roles/mgrote.restic/tasks/config.yml Normal file
View file

@ -0,0 +1,63 @@
---
- name: copy smb_password.txt
become: yes
ansible.builtin.template:
src: "smb_password.txt"
dest: "/etc/restic/smb_password.txt"
owner: root
group: root
mode: 0700
- name: copy restic_backup.sh
become: yes
ansible.builtin.template:
src: "restic_backup.sh"
dest: "/usr/local/bin/restic_backup.sh"
mode: a+x
- name: create exclude.txt
become: yes
ansible.builtin.blockinfile:
path: "/etc/restic/exclude.txt"
create: yes
block: "{{ restic_exclude }}"
mode: 0644
- name: copy password.txt
become: yes
ansible.builtin.template:
src: "password.txt"
dest: "/etc/restic/password.txt"
owner: root
group: root
mode: 0700
- name: create restic cronjob
become: yes
ansible.builtin.cron:
name: restic
state: present
job: "/usr/local/bin/restic_backup.sh"
minute: "{{ 59|random(seed=inventory_hostname) }}"
hour: "{{ restic_cron_hours }}"
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
- name: Create restic log
become: true
ansible.builtin.file:
path: /var/log/restic.log
state: touch
owner: root
group: root
mode: 0640
access_time: preserve
modification_time: preserve
- name: copy logrotate config
become: yes
ansible.builtin.template:
src: logrotate_restic
dest: /etc/logrotate.d/restic
owner: root
group: root
mode: 0644

15
roles/mgrote.restic/tasks/folders.yml Normal file
View file

@ -0,0 +1,15 @@
---
- name: create /etc/restic
become: yes
ansible.builtin.file:
path: /etc/restic
state: directory
- name: create restic mount-directory
become: yes
ansible.builtin.file:
path: "{{ restic_mount }}"
state: directory
owner: root
group: root
mode: 0777

9
roles/mgrote.restic/tasks/install.yml Normal file
View file

@ -0,0 +1,9 @@
---
- name: install restic-packages
become: yes
ansible.builtin.package:
name:
- restic
- logrotate
- cifs-utils
state: present

95
roles/mgrote.restic/tasks/main.yml
View file

@ -1,87 +1,10 @@
--- ---
- name: install restic-packages - name: include install tasks
become: yes include_tasks: install.yml
ansible.builtin.package: when: restic_enable_role
name: - name: include folder tasks
- restic include_tasks: folders.yml
- logrotate when: restic_enable_role
- cifs-utils - name: include config tasks
state: present include_tasks: config.yml
when: restic_enable_role
- name: create /etc/restic
become: yes
ansible.builtin.file:
path: /etc/restic
state: directory
- name: create restic mount-directory
become: yes
ansible.builtin.file:
path: "{{ restic_mount }}"
state: directory
owner: root
group: root
mode: 0777
- name: copy smb_password.txt
become: yes
ansible.builtin.template:
src: "smb_password.txt"
dest: "/etc/restic/smb_password.txt"
owner: root
group: root
mode: 0700
- name: copy restic_backup.sh
become: yes
ansible.builtin.template:
src: "restic_backup.sh"
dest: "/usr/local/bin/restic_backup.sh"
mode: a+x
- name: create exclude.txt
become: yes
ansible.builtin.blockinfile:
path: "/etc/restic/exclude.txt"
create: yes
block: "{{ restic_exclude }}"
mode: 0644
- name: copy password.txt
become: yes
ansible.builtin.template:
src: "password.txt"
dest: "/etc/restic/password.txt"
owner: root
group: root
mode: 0700
- name: create restic cronjob
become: yes
ansible.builtin.cron:
name: restic
state: present
job: "/usr/local/bin/restic_backup.sh"
minute: "{{ 59|random(seed=inventory_hostname) }}"
hour: "{{ restic_cron_hours }}"
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
- name: Create restic log
become: true
ansible.builtin.file:
path: /var/log/restic.log
state: touch
owner: root
group: root
mode: 0640
access_time: preserve
modification_time: preserve
- name: copy logrotate config
become: yes
ansible.builtin.template:
src: logrotate_restic
dest: /etc/logrotate.d/restic
owner: root
group: root
mode: 0644