homeserver/roles/mgrote.restic/tasks/main.yml
mg 59cf488259 Permissions für logs; restic & cv4pve (#78)
Permissions für logs; restic & cv4pve

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#78
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
2021-05-02 14:20:16 +02:00

87 lines
2 KiB
YAML

---
- name: install restic-packages
become: yes
ansible.builtin.package:
name:
- restic
- logrotate
- cifs-utils
state: present
- name: create /etc/restic
become: yes
ansible.builtin.file:
path: /etc/restic
state: directory
- name: create restic mount-directory
become: yes
ansible.builtin.file:
path: "{{ restic_mount }}"
state: directory
owner: root
group: root
mode: 0777
- name: copy smb_password.txt
become: yes
ansible.builtin.template:
src: "smb_password.txt"
dest: "/etc/restic/smb_password.txt"
owner: root
group: root
mode: 0700
- name: copy restic_backup.sh
become: yes
ansible.builtin.template:
src: "restic_backup.sh"
dest: "/usr/local/bin/restic_backup.sh"
mode: a+x
- name: create exclude.txt
become: yes
ansible.builtin.blockinfile:
path: "/etc/restic/exclude.txt"
create: yes
block: "{{ restic_exclude }}"
mode: 0644
- name: copy password.txt
become: yes
ansible.builtin.template:
src: "password.txt"
dest: "/etc/restic/password.txt"
owner: root
group: root
mode: 0700
- name: create restic cronjob
become: yes
ansible.builtin.cron:
name: restic
state: present
job: "/usr/local/bin/restic_backup.sh"
minute: "{{ 59|random(seed=inventory_hostname) }}"
hour: "{{ restic_cron_hours }}"
# siehe: https://stackoverflow.com/questions/33379378/idempotence-and-random-variables-in-ansible
- name: Create restic log
become: true
ansible.builtin.file:
path: /var/log/restic.log
state: touch
owner: root
group: root
mode: 0640
access_time: preserve
modification_time: preserve
- name: copy logrotate config
become: yes
ansible.builtin.template:
src: logrotate_restic
dest: /etc/logrotate.d/restic
owner: root
group: root
mode: 0644