---
# pbs_*
pbs_datastores:
- name: zfs_backup
path: /backup/pbs_data
gc_schedule: "sat 19:00"
pbs_prune_jobs:
- name: standard
schedule: "sat 18:15"
store: zfs_backup
keep_last: 1
keep_hourly: 3
keep_daily: 3
pbs_permissions:
- user: user_pve5@pbs
datastore: zfs_backup
role: DatastoreBackup
pbs_users:
- name: user_pve5
password: "{{ lookup('viczem.keepass.keepass', 'pbs_pve_user', 'password') }}"
realm: pbs
# rpool ist unverschlüsselt als Boot-Medium
# entschlüsseln nach Boot mit: sudo zpool import -d /dev/disk/by-id/ -a && sudo zfs mount -a -l
## backup
### sudo zpool create -o ashift=12 -o feature@encryption=enabled -O encryption=on -O keylocation=prompt -O keyformat=passphrase backup /dev/disk/by-id/ata-TOSHIBA_MG09ACA18TE_Z1B0A28LFJDH
# mgrote.zfs_manage_datasets
### mgrote_zfs_extra
# Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
zfs_datasets: # DatenPools werden hier nicht verwaltet
# rpool - System-Datasets
- dataset: rpool
state: present
compression: zstd
sync: disabled
xattr: sa
dnodesize: auto
atime: on # noqa yaml[truthy]
snapdir: hidden
reservation: 1G
refreservation: 10G
acltype: posix
- dataset: rpool/ROOT
state: present
refreservation: 10G
- dataset: rpool/ROOT/pbs-1
state: present
refreservation: 10G
acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
# backup-pool
- dataset: backup/pbs_data
state: present
quota: 1TB
- dataset: backup/pve5
state: present
canmount: off # noqa yaml[truthy]
compression: zstd
sync: disabled
xattr: sa
dnodesize: auto
atime: on # noqa yaml[truthy]
snapdir: hidden
reservation: 1G
acltype: posix # https:///docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
- dataset: backup/pve5/pve_backup
state: present
recordsize: 1M
- dataset: backup/pve5/videos
state: present
recordsize: 1M
- dataset: backup/pve5/music
state: present
recordsize: 1M
- dataset: backup/pve5/tmp
state: present
- dataset: backup/pve5/archiv
state: present
- dataset: backup/pve5/bilder
state: present
recordsize: 1M
- dataset: backup/pve5/scans
state: present
- dataset: backup/pve5/restic
state: present
- dataset: backup/pve5/backup
state: present
- dataset: backup/pve5/buecher
state: present
- dataset: backup/pve5/programme
state: present
- dataset: backup/pve5/vm
state: absent # todo
# Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
zfs_extra_arc_max_size: "4294967296" # 4GB in Bytes
zfs_extra_zfs_pools:
- name: "rpool"
systemd_timer_schedule: "*-01,04,07,10-01 23:00" # jeden ersten eines jeden Quartals
- name: "backup"
systemd_timer_schedule: "*-01,04,07,10-01 23:00"
### mgrote_zfs_sanoid
sanoid_snaps_enable: true
sanoid_datasets:
### rpool
- path: rpool
recursive: 'no'
snapshots: true
template: 'pve3tage'
- path: rpool/ROOT
recursive: 'no'
snapshots: true
template: 'pve3tage'
- path: rpool/ROOT/pbs-1
recursive: 'no'
snapshots: true
template: 'pve3tage'
### backup
- path: backup/pbs_data
recursive: 'no'
snapshots: true
template: '7tage'
- path: 'backup/pve5/videos'
template: '14tage'
recursive: 'yes'
snapshots: true
- path: 'backup/pve5/music'
template: '14tage'
recursive: 'yes'
snapshots: true
- path: 'backup/pve5/tmp'
template: '14tage'
recursive: 'yes'
snapshots: true
- path: 'backup/pve5/pve_backup'
template: '14tage'
recursive: 'yes'
snapshots: true
- path: 'backup/pve5/archiv'
template: '14tage'
recursive: 'yes'
snapshots: true
- path: backup/pve5/bilder
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
- path: backup/pve5/scans
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
- path: backup/pve5/backup
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
- path: backup/pve5/restic
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
- path: backup/pve5/programme
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
- path: backup/pve5/buecher
recursive: 'no' # noqa yaml[truthy]
snapshots: true
template: '14tage'
### mgrote_rsync
rsync_host_role: destination