restic: enable variable (#226)

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#226
Co-authored-by: mg <michael.grote@posteo.de>
Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2021-10-20 19:59:16 +02:00
parent 43a940dd5e
commit e63aabf5d9
9 changed files with 101 additions and 90 deletions

View file

@ -70,6 +70,7 @@
### mgrote.apt_manage_sources
manage_sources_apt_proxy: "acng.grote.lan:9999"
### mgrote.restic
restic_enable_role: true
restic_folders_to_backup: "/usr/local /etc /root /home"
restic_cron_hours: "19"
restic_repository: "//fileserver2.grote.lan/restic"

View file

@ -94,3 +94,5 @@
f2b_findtime: 600
f2b_maxretry: 3
f2b_send_email_report: false
### mgrote.restic
restic_enable_role: false

View file

@ -1,4 +1,4 @@
---
- hosts: all
roles:
- { role: mgrote.restic, tags: "restic", when: "not 'tor' in group_names" }
- { role: mgrote.restic, tags: "restic" }

View file

@ -15,3 +15,4 @@
**/**cache***/**
**/**Cache***/**
**/**AppData***/**
restic_enable_role: true

View file

@ -1,3 +0,0 @@
---
dependencies:
- role: mgrote.postfix

View file

@ -0,0 +1,63 @@
---
- name: copy smb_password.txt
become: yes
ansible.builtin.template:
src: "smb_password.txt"
dest: "/etc/restic/smb_password.txt"
owner: root
group: root
mode: 0700
- name: copy restic_backup.sh
become: yes
ansible.builtin.template:
src: "restic_backup.sh"
dest: "/usr/local/bin/restic_backup.sh"
mode: a+x
- name: create exclude.txt
become: yes
ansible.builtin.blockinfile:
path: "/etc/restic/exclude.txt"
create: yes
block: "{{ restic_exclude }}"
mode: 0644
- name: copy password.txt
become: yes
ansible.builtin.template:
src: "password.txt"
dest: "/etc/restic/password.txt"
owner: root
group: root
mode: 0700
- name: create restic cronjob
become: yes
ansible.builtin.cron:
name: restic
state: present
job: "/usr/local/bin/restic_backup.sh"
minute: "{{ 59|random(seed=inventory_hostname) }}"
hour: "{{ restic_cron_hours }}"
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
- name: Create restic log
become: true
ansible.builtin.file:
path: /var/log/restic.log
state: touch
owner: root
group: root
mode: 0640
access_time: preserve
modification_time: preserve
- name: copy logrotate config
become: yes
ansible.builtin.template:
src: logrotate_restic
dest: /etc/logrotate.d/restic
owner: root
group: root
mode: 0644

View file

@ -0,0 +1,15 @@
---
- name: create /etc/restic
become: yes
ansible.builtin.file:
path: /etc/restic
state: directory
- name: create restic mount-directory
become: yes
ansible.builtin.file:
path: "{{ restic_mount }}"
state: directory
owner: root
group: root
mode: 0777

View file

@ -0,0 +1,9 @@
---
- name: install restic-packages
become: yes
ansible.builtin.package:
name:
- restic
- logrotate
- cifs-utils
state: present

View file

@ -1,87 +1,10 @@
---
- name: install restic-packages
become: yes
ansible.builtin.package:
name:
- restic
- logrotate
- cifs-utils
state: present
- name: create /etc/restic
become: yes
ansible.builtin.file:
path: /etc/restic
state: directory
- name: create restic mount-directory
become: yes
ansible.builtin.file:
path: "{{ restic_mount }}"
state: directory
owner: root
group: root
mode: 0777
- name: copy smb_password.txt
become: yes
ansible.builtin.template:
src: "smb_password.txt"
dest: "/etc/restic/smb_password.txt"
owner: root
group: root
mode: 0700
- name: copy restic_backup.sh
become: yes
ansible.builtin.template:
src: "restic_backup.sh"
dest: "/usr/local/bin/restic_backup.sh"
mode: a+x
- name: create exclude.txt
become: yes
ansible.builtin.blockinfile:
path: "/etc/restic/exclude.txt"
create: yes
block: "{{ restic_exclude }}"
mode: 0644
- name: copy password.txt
become: yes
ansible.builtin.template:
src: "password.txt"
dest: "/etc/restic/password.txt"
owner: root
group: root
mode: 0700
- name: create restic cronjob
become: yes
ansible.builtin.cron:
name: restic
state: present
job: "/usr/local/bin/restic_backup.sh"
minute: "{{ 59|random(seed=inventory_hostname) }}"
hour: "{{ restic_cron_hours }}"
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
- name: Create restic log
become: true
ansible.builtin.file:
path: /var/log/restic.log
state: touch
owner: root
group: root
mode: 0640
access_time: preserve
modification_time: preserve
- name: copy logrotate config
become: yes
ansible.builtin.template:
src: logrotate_restic
dest: /etc/logrotate.d/restic
owner: root
group: root
mode: 0644
- name: include install tasks
include_tasks: install.yml
when: restic_enable_role
- name: include folder tasks
include_tasks: folders.yml
when: restic_enable_role
- name: include config tasks
include_tasks: config.yml
when: restic_enable_role