mg
0c016ea2b7
Merge branch 'master' into logrotate cv4 rasdaemon musterrolle rechte restic sanoid Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#39 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net>
86 lines
2 KiB
YAML
86 lines
2 KiB
YAML
- name: install restic-packages
|
|
become: yes
|
|
ansible.builtin.package:
|
|
name:
|
|
- restic
|
|
- logrotate
|
|
- cifs-utils
|
|
state: present
|
|
|
|
- name: create /etc/restic
|
|
become: yes
|
|
ansible.builtin.file:
|
|
path: /etc/restic
|
|
state: directory
|
|
|
|
- name: create restic mount-directory
|
|
become: yes
|
|
ansible.builtin.file:
|
|
path: "{{ restic_mount }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: 0777
|
|
|
|
- name: copy smb_password.txt
|
|
become: yes
|
|
ansible.builtin.template:
|
|
src: "smb_password.txt"
|
|
dest: "/etc/restic/smb_password.txt"
|
|
owner: root
|
|
group: root
|
|
mode: 0700
|
|
|
|
- name: copy restic_backup.sh
|
|
become: yes
|
|
ansible.builtin.template:
|
|
src: "restic_backup.sh"
|
|
dest: "/usr/local/bin/restic_backup.sh"
|
|
mode: a+x
|
|
|
|
- name: create exclude.txt
|
|
become: yes
|
|
ansible.builtin.blockinfile:
|
|
path: "/etc/restic/exclude.txt"
|
|
create: yes
|
|
block: "{{ restic_exclude }}"
|
|
mode: 0644
|
|
|
|
- name: copy password.txt
|
|
become: yes
|
|
ansible.builtin.template:
|
|
src: "password.txt"
|
|
dest: "/etc/restic/password.txt"
|
|
owner: root
|
|
group: root
|
|
mode: 0700
|
|
|
|
- name: create restic cronjob
|
|
become: yes
|
|
ansible.builtin.cron:
|
|
name: restic
|
|
state: present
|
|
job: "/usr/local/bin/restic_backup.sh"
|
|
minute: "{{ 59|random(seed=inventory_hostname) }}"
|
|
hour: "{{ restic_cron_hours }}"
|
|
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
|
|
|
|
- name: Create restic log
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /var/log/restic.log
|
|
state: touch
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
access_time: preserve
|
|
modification_time: preserve
|
|
|
|
- name: copy logrotate config
|
|
become: yes
|
|
ansible.builtin.template:
|
|
src: logrotate_restic
|
|
dest: /etc/logrotate.d/restic
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|