Compare commits
2 commits
3988a26d93
...
da13d96bf7
Author | SHA1 | Date | |
---|---|---|---|
da13d96bf7 | |||
73921cdd57 |
13 changed files with 0 additions and 122 deletions
|
@ -20,7 +20,6 @@ All services below are running under Docker, except NSD and Borg.
|
||||||
- Inbucket disposable webmail, Mailinator alternative (https://inbucket.org)
|
- Inbucket disposable webmail, Mailinator alternative (https://inbucket.org)
|
||||||
- Cyberchef (https://cyberchef.geokunis2.nl)
|
- Cyberchef (https://cyberchef.geokunis2.nl)
|
||||||
- Jitsi Meet (https://meet.jit.si)
|
- Jitsi Meet (https://meet.jit.si)
|
||||||
- Backups using [Borg](https://www.borgbackup.org/) and [Borgmatic](https://torsion.org/borgmatic/)
|
|
||||||
- RSS feed reader using [FreshRSS](https://miniflux.app/)
|
- RSS feed reader using [FreshRSS](https://miniflux.app/)
|
||||||
- Metrics using [Prometheus](https://prometheus.io/)
|
- Metrics using [Prometheus](https://prometheus.io/)
|
||||||
|
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
borg_public_key: "AAAAC3NzaC1lZDI1NTE5AAAAIBTag7YToG5W+H2kEUz40kOH+7cs0Lp3owFFKkmHBiWM"
|
|
||||||
dataserver_public_key: "AAAAC3NzaC1lZDI1NTE5AAAAIJsLVptkoOwmxs6DnenN8u7Q1Tm/Psh0QdI6vjrTgb6D"
|
|
||||||
kingston1tb_mount_point: "/mnt/kingston1TB"
|
|
||||||
backup_location: "{{ kingston1tb_mount_point }}/homeserver_backup"
|
|
||||||
|
|
||||||
admin_public_keys:
|
|
||||||
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUZp4BCxf7uLa1QWonx/Crf8tYZ5MKIZ+EuaBa82LrV user@user-laptop"
|
|
||||||
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOodpLr+FDRyKyHjucHizNLVFHZ5AQmE9GmxMnOsSoaw pimkunis@thinkpadpim"
|
|
|
@ -3,7 +3,6 @@
|
||||||
roles:
|
roles:
|
||||||
- {role: 'ssh', tags: 'ssh'}
|
- {role: 'ssh', tags: 'ssh'}
|
||||||
- {role: 'watchtower', tags: 'watchtower'}
|
- {role: 'watchtower', tags: 'watchtower'}
|
||||||
- {role: 'borg', tags: 'borg'}
|
|
||||||
- {role: 'forgejo', tags: 'forgejo'}
|
- {role: 'forgejo', tags: 'forgejo'}
|
||||||
- {role: 'syncthing', tags: 'syncthing'}
|
- {role: 'syncthing', tags: 'syncthing'}
|
||||||
- {role: 'kms', tags: 'kms'}
|
- {role: 'kms', tags: 'kms'}
|
|
@ -1,7 +0,0 @@
|
||||||
- name: Create backup
|
|
||||||
hosts: homeserver
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
- name: Create backup
|
|
||||||
command:
|
|
||||||
cmd: systemctl start backup.service
|
|
|
@ -1,10 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Backup data daily
|
|
||||||
|
|
||||||
[Timer]
|
|
||||||
OnCalendar=*-*-* 3:00:00
|
|
||||||
Persistent=true
|
|
||||||
RandomizedDelaySec=1h
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=timers.target
|
|
|
@ -1,25 +0,0 @@
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
39646436383433653539316135323332303832633864366363313031636534353531386638323037
|
|
||||||
6364366663313964633239613261373733333736316534390a306262373634303536353365396138
|
|
||||||
35626433353935633534353636613232623531303765636139363139646265653361353164656363
|
|
||||||
3465316438373734330a636563346263633332353962353033336565356435353739646263343339
|
|
||||||
38633832343230393631633434323231313438336537383930646562356264346534663235323035
|
|
||||||
31643861306134663662353938643861393861333838633338613131363136333766353131313666
|
|
||||||
30393437616539643263386331343166636434323435666636386562353239373330336462653636
|
|
||||||
38306161393634356636613334323038366365626138326365303063313564653365313063643432
|
|
||||||
66306664356662326638363736366462343636393466303432323661323431393337306132386531
|
|
||||||
65663736643565363634373461666631356439373935353734636535636538626630666462653636
|
|
||||||
33363730626662313336633132393437666533363136643464653462646561393861376464366238
|
|
||||||
35383136333939653265366336356234613166353162366365346462633639396335653432353964
|
|
||||||
35303964633339356531343437393231303936623465383265666134316335666531636337383563
|
|
||||||
30326530396439363438396439313264643765366663343439646333326664633231626662666463
|
|
||||||
38616235353730346239396265306230623135626332636330666461333864306664346637396233
|
|
||||||
61343535396230363938306162313938363063353934323764656538666337656431363634333739
|
|
||||||
62373234356131373931333736373136343166636465643065643337386539376361383965343762
|
|
||||||
33633837626637393832366332343332303361306230626131346539323538383365316535666532
|
|
||||||
30666439643263653835666430393439396239333464336133316264323234643361336434343763
|
|
||||||
61306133373335353563646331303562326139613133356139366632363738316461633739333161
|
|
||||||
33666531653239626362363364346566373430656538356166346363333531656433393034333232
|
|
||||||
65353139623435383330353864336132313031656362386538626464313264333231653831373834
|
|
||||||
33363632616430303763616366356131323265313337323836396264623539316436616333383933
|
|
||||||
62653865623831626330
|
|
|
@ -1,2 +0,0 @@
|
||||||
dependencies:
|
|
||||||
- role: common
|
|
|
@ -1,38 +0,0 @@
|
||||||
- name: Install borg
|
|
||||||
apt:
|
|
||||||
pkg:
|
|
||||||
- borgbackup
|
|
||||||
- borgmatic
|
|
||||||
- name: Create borg service directory
|
|
||||||
file:
|
|
||||||
path: "{{ service_dir }}"
|
|
||||||
state: directory
|
|
||||||
- name: Copy borg backup configuration
|
|
||||||
template:
|
|
||||||
src: "{{ role_path }}/templates/backup.yml.j2"
|
|
||||||
dest: "{{ service_dir }}/backup.yml"
|
|
||||||
- name: Copy private key
|
|
||||||
copy:
|
|
||||||
src: "{{ role_path }}/files/id_ed25519"
|
|
||||||
dest: "{{ service_dir }}/id_ed25519"
|
|
||||||
mode: 0600
|
|
||||||
- name: Copy systemd timer backup service
|
|
||||||
template:
|
|
||||||
src: "{{ role_path }}/templates/backup.service.j2"
|
|
||||||
dest: "/etc/systemd/system/backup.service"
|
|
||||||
register: service
|
|
||||||
- name: Copy systemd timer backup timer
|
|
||||||
copy:
|
|
||||||
src: "{{ role_path }}/files/backup.timer"
|
|
||||||
dest: "/etc/systemd/system/backup.timer"
|
|
||||||
register: timer
|
|
||||||
- name: Enable systemd timer
|
|
||||||
systemd:
|
|
||||||
name: backup.timer
|
|
||||||
enabled: true
|
|
||||||
state: started
|
|
||||||
daemon_reload: "{{ 'yes' if service.changed or timer.changed else 'no' }}"
|
|
||||||
- name: Restore backup
|
|
||||||
command:
|
|
||||||
cmd: "borgmatic extract --archive latest --destination / --config {{ service_dir }}/backup.yml"
|
|
||||||
creates: /data
|
|
|
@ -1,6 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=Backup data using borgmatic
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/usr/bin/borgmatic --config {{ service_dir }}/backup.yml
|
|
||||||
Type=oneshot
|
|
|
@ -1,17 +0,0 @@
|
||||||
location:
|
|
||||||
source_directories:
|
|
||||||
- {{ base_data_dir }}
|
|
||||||
repositories:
|
|
||||||
- ssh://root@lewis.dmz/{{ backup_location }}
|
|
||||||
retention:
|
|
||||||
keep_daily: 7
|
|
||||||
keep_weekly: 4
|
|
||||||
keep_monthly: 6
|
|
||||||
storage:
|
|
||||||
ssh_command: ssh -i {{ service_dir }}/id_ed25519
|
|
||||||
unknown_unencrypted_repo_access_is_ok: true
|
|
||||||
hooks:
|
|
||||||
before_everything:
|
|
||||||
- systemctl stop docker docker.socket
|
|
||||||
after_everything:
|
|
||||||
- systemctl start docker
|
|
|
@ -1,2 +0,0 @@
|
||||||
service_name: borg
|
|
||||||
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
|
|
@ -19,8 +19,3 @@
|
||||||
src: "{{ role_path }}/files/resolv.conf"
|
src: "{{ role_path }}/files/resolv.conf"
|
||||||
dest: /etc/resolv.conf
|
dest: /etc/resolv.conf
|
||||||
follow: true
|
follow: true
|
||||||
- name: Add dataserver to known hosts
|
|
||||||
known_hosts:
|
|
||||||
name: "lewis.dmz"
|
|
||||||
key: "lewis.dmz ssh-ed25519 {{ dataserver_public_key }}"
|
|
||||||
state: present
|
|
||||||
|
|
Reference in a new issue