add borg backup test
This commit is contained in:
parent
ace3a9ac83
commit
ecfb6b92f4
12 changed files with 107 additions and 0 deletions
3
Makefile
3
Makefile
|
|
@ -28,4 +28,7 @@ traefik:
|
||||||
kms:
|
kms:
|
||||||
ansible-playbook playbooks/kms.yml -i inventory/hosts.yml
|
ansible-playbook playbooks/kms.yml -i inventory/hosts.yml
|
||||||
|
|
||||||
|
borg:
|
||||||
|
ansible-playbook playbooks/borg.yml -i inventory/hosts.yml --ask-vault-pass
|
||||||
|
|
||||||
.PHONY: run
|
.PHONY: run
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
hosts: homeservers
|
hosts: homeservers
|
||||||
roles:
|
roles:
|
||||||
- ssh
|
- ssh
|
||||||
|
- borg
|
||||||
- nsd
|
- nsd
|
||||||
- syncthing
|
- syncthing
|
||||||
- kms
|
- kms
|
||||||
|
|
|
||||||
4
playbooks/borg.yml
Normal file
4
playbooks/borg.yml
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
- name: Install borg
|
||||||
|
hosts: homeservers
|
||||||
|
roles:
|
||||||
|
- borg
|
||||||
6
roles/borg/files/backup.service
Normal file
6
roles/borg/files/backup.service
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Backup data using borgmatic
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/usr/bin/borgmatic --config /srv/borg/backup.yml
|
||||||
|
Type=oneshot
|
||||||
10
roles/borg/files/backup.timer
Normal file
10
roles/borg/files/backup.timer
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Backup data daily
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=*-*-* 3:00:00
|
||||||
|
Persistent=true
|
||||||
|
RandomizedDelaySec=1h
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
||||||
12
roles/borg/files/backup.yml
Normal file
12
roles/borg/files/backup.yml
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
location:
|
||||||
|
source_directories:
|
||||||
|
- /srv/borg # TEMP to test
|
||||||
|
repositories:
|
||||||
|
- ssh://root@lewis.lan/root/maxtest
|
||||||
|
retention:
|
||||||
|
keep_daily: 7
|
||||||
|
keep_weekly: 4
|
||||||
|
keep_monthly: 6
|
||||||
|
storage:
|
||||||
|
ssh_command: ssh -i /srv/borg/id_ed25519
|
||||||
|
unknown_unencrypted_repo_access_is_ok: true
|
||||||
25
roles/borg/files/id_ed25519
Normal file
25
roles/borg/files/id_ed25519
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
39646436383433653539316135323332303832633864366363313031636534353531386638323037
|
||||||
|
6364366663313964633239613261373733333736316534390a306262373634303536353365396138
|
||||||
|
35626433353935633534353636613232623531303765636139363139646265653361353164656363
|
||||||
|
3465316438373734330a636563346263633332353962353033336565356435353739646263343339
|
||||||
|
38633832343230393631633434323231313438336537383930646562356264346534663235323035
|
||||||
|
31643861306134663662353938643861393861333838633338613131363136333766353131313666
|
||||||
|
30393437616539643263386331343166636434323435666636386562353239373330336462653636
|
||||||
|
38306161393634356636613334323038366365626138326365303063313564653365313063643432
|
||||||
|
66306664356662326638363736366462343636393466303432323661323431393337306132386531
|
||||||
|
65663736643565363634373461666631356439373935353734636535636538626630666462653636
|
||||||
|
33363730626662313336633132393437666533363136643464653462646561393861376464366238
|
||||||
|
35383136333939653265366336356234613166353162366365346462633639396335653432353964
|
||||||
|
35303964633339356531343437393231303936623465383265666134316335666531636337383563
|
||||||
|
30326530396439363438396439313264643765366663343439646333326664633231626662666463
|
||||||
|
38616235353730346239396265306230623135626332636330666461333864306664346637396233
|
||||||
|
61343535396230363938306162313938363063353934323764656538666337656431363634333739
|
||||||
|
62373234356131373931333736373136343166636465643065643337386539376361383965343762
|
||||||
|
33633837626637393832366332343332303361306230626131346539323538383365316535666532
|
||||||
|
30666439643263653835666430393439396239333464336133316264323234643361336434343763
|
||||||
|
61306133373335353563646331303562326139613133356139366632363738316461633739333161
|
||||||
|
33666531653239626362363364346566373430656538356166346363333531656433393034333232
|
||||||
|
65353139623435383330353864336132313031656362386538626464313264333231653831373834
|
||||||
|
33363632616430303763616366356131323265313337323836396264623539316436616333383933
|
||||||
|
62653865623831626330
|
||||||
1
roles/borg/files/id_ed25519.pub
Normal file
1
roles/borg/files/id_ed25519.pub
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTag7YToG5W+H2kEUz40kOH+7cs0Lp3owFFKkmHBiWM root@max
|
||||||
2
roles/borg/meta/main.yml
Normal file
2
roles/borg/meta/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
dependencies:
|
||||||
|
- role: common
|
||||||
39
roles/borg/tasks/main.yml
Normal file
39
roles/borg/tasks/main.yml
Normal file
|
|
@ -0,0 +1,39 @@
|
||||||
|
- name: Install borg
|
||||||
|
apt:
|
||||||
|
pkg:
|
||||||
|
- borgbackup
|
||||||
|
- borgmatic
|
||||||
|
- name: Create borg service directory
|
||||||
|
file:
|
||||||
|
path: "{{ service_dir }}"
|
||||||
|
state: directory
|
||||||
|
- name: Copy borg backup configuration
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/backup.yml"
|
||||||
|
dest: "{{ service_dir }}/backup.yml"
|
||||||
|
- name: Copy public key
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/id_ed25519.pub"
|
||||||
|
dest: "{{ service_dir }}/id_ed25519.pub"
|
||||||
|
mode: 0644
|
||||||
|
- name: Copy private key
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/id_ed25519"
|
||||||
|
dest: "{{ service_dir }}/id_ed25519"
|
||||||
|
mode: 0600
|
||||||
|
- name: Copy systemd timer backup service
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/backup.service"
|
||||||
|
dest: "/etc/systemd/system/backup.service"
|
||||||
|
register: service
|
||||||
|
- name: Copy systemd timer backup timer
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/backup.timer"
|
||||||
|
dest: "/etc/systemd/system/backup.timer"
|
||||||
|
register: timer
|
||||||
|
- name: Enable systemd timer
|
||||||
|
systemd:
|
||||||
|
name: backup.timer
|
||||||
|
enabled: true
|
||||||
|
state: started
|
||||||
|
daemon_reload: "{{ 'yes' if service.changed or timer.changed else 'no' }}"
|
||||||
2
roles/borg/vars/main.yml
Normal file
2
roles/borg/vars/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
service_name: borg
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
2
roles/nsd/meta/main.yml
Normal file
2
roles/nsd/meta/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
dependencies:
|
||||||
|
- role: common
|
||||||
Reference in a new issue