slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove borg

Browse Source
This commit is contained in:
VC
2024-07-05 11:53:39 +02:00
parent befa7f4169
commit 88a52e2134
14 changed files with 22 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
debian_version.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: Check Debian version - name: Check Debian version
hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa!frederica.dmz.mateu.be
tasks: tasks:
- name: Print Debian version - name: Print Debian version
ansible.builtin.debug: ansible.builtin.debug:

17
host_vars/frederica.dmz.mateu.be.yml
View File

@@ -1,12 +1,15 @@
--- ---
restic_aws_access_key_id: "SCWPE8TZQF1DYZD9H28N" ansible_python_interpreter: /usr/local/bin/python3
restic_aws_access_key_id: "SCW0VAFXE5MN9N8KVHTQ"
restic_aws_secret_access_key: !vault | restic_aws_secret_access_key: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
38323833363833313664333032643631373963623434373266353065323634633139343032323336 33656263333731333833613461336230626332666534376235643735373862663530393433396130
3963623030373063616463333338646132326666623931630a643739346139353032303132373962 6161343663633037663033613135333232393364643533320a383630363938313435356261396662
36303038383732623864366634643961323833333935313034643663343864656139316439326333 36303063616264383530643638366332323061333835376131323666633234313833353662626438
3036666630326331310a623465326465326536303130303237643863643563353339386236633165 3235353961303739390a323332376235363734373838613632376232383861613761616437316564
32373736623230373735393066333463646439663465366139343466623563653839333131316233 61333532656135333731313561663062323133613662373061666266383031343964623838336264
6131656565643663333738333234393363386231383131313132 3936393838396163626438303962313931333165386363666139
restic_s3_url: "https://s3.fr-par.scw.cloud/backup-libertus" restic_s3_url: "https://s3.fr-par.scw.cloud/backup-libertus"
restic_exe_group: "wheel"

5
production.yml
View File

@@ -65,6 +65,11 @@ resticservers:
restic_backup_path: restic_backup_path:
- /etc - /etc
- /var/lib/private/garage - /var/lib/private/garage
frederica.dmz.mateu.be:
restic_backup_path:
- /mnt/tank
restic_backup_hour: 6
restic_backup_minute: 45
20b4f083-4ef3-4a82-b15c-edbc31aa1731.pub.instances.scw.cloud: 20b4f083-4ef3-4a82-b15c-edbc31aa1731.pub.instances.scw.cloud:
restic_backup_path: restic_backup_path:
- /srv - /srv

2
roles/bittorrent/tasks/subliminal.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: Install subliminal - name: Install subliminal
package: ansible.builtin.package:
name: subliminal name: subliminal
state: present state: present

13
roles/borg_client/defaults/main.yml
View File

@@ -1,13 +0,0 @@
---
borg_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333166623737363731663766353330633335306532306366356536376232396664376430613434
3966376539303238376461386262663066376338386537660a376365643761653463393539316232
30653130383761653432306136333733653062356635643662616133366663646132383136313530
3866343664393330610a623930316330626166343934623230313232626131386132393866373661
6336
borg_backup_path: ["/srv", "/home", "/etc"]
borg_backup_excluded_path: ["/srv/NOBACKUP"]
borg_backup_hour: 6
borg_backup_minute: 0

30
roles/borg_client/tasks/main.yml
View File

@@ -1,30 +0,0 @@
---
- name: Create SSH key
community.crypto.openssh_keypair:
path: ~/.ssh/id_rsa
- name: Get SSH pub key
ansible.builtin.command:
cmd: cat ~/.ssh/id_rsa.pub
changed_when: true
register: ssh_keys
- name: Put backup script
ansible.builtin.template:
src: borgbackup.sh.j2
dest: /usr/local/bin/borgbackup.sh
owner: root
group: root
mode: '0750'
- name: Cron the backup script
ansible.builtin.cron:
name: "borg backup script"
hour: "{{ borg_backup_hour }}"
minute: "{{ borg_backup_minute }}"
job: /usr/local/bin/borgbackup.sh
- name: Warns about borg init
ansible.builtin.debug:
msg: "Borg has been installed. Dont forget to init with: \nborg init --encryption=repokey-blake2 backup@{{ hostvars[groups['borg_server'][0]]['ansible_fqdn'] }}:home"

12
roles/borg_client/templates/borgbackup.sh.j2
View File

@@ -1,12 +0,0 @@
#!/bin/sh
## Variable
export BORG_PASSPHRASE="{{ borg_pass }}"
## lancement de la sauvegarde
borg create --exclude-caches {% for f in borg_backup_excluded_path %}-e {{ f }} {% endfor %} -s backup@{{ hostvars[groups['borg_server'][0]]['ansible_fqdn'] }}:home::{now:%Y-%m-%d} {% for f in borg_backup_path %}{{ f }} {% endfor %}
## récupération de l'espace
borg prune -d 7 -w 4 -m 3 backup@{{ hostvars[groups['borg_server'][0]]['ansible_fqdn'] }}:home

36
roles/borg_server/tasks/main.yml
View File

@@ -1,36 +0,0 @@
---
- name: Mount backup disk
ansible.posix.mount:
path: /backup
src: LABEL=BACKUP
fstype: xfs
opts: noatime,nofail
state: mounted
- name: Create backup user
ansible.builtin.user:
name: backup
comment: Backup
create_home: true
home: /backup
shell: /bin/bash
system: true
state: present
- name: Create directory for borg clients
ansible.builtin.file:
path: "/backup/repos/{{ hostvars[item]['ansible_fqdn'] }}"
state: directory
mode: '0750'
owner: backup
group: backup
loop: "{{ groups['borg_client'] }}"
- name: Set authorized_keys for borg clients
ansible.posix.authorized_key:
user: backup
key: "{{ hostvars[item]['ssh_keys']['stdout'] }}"
key_options: "command=\"cd /backup/repos/{{ hostvars[item]['ansible_fqdn'] }}; borg serve --restrict-to-path /backup/repos/{{ hostvars[item]['ansible_fqdn'] }}\""
state: present
loop: "{{ groups['borg_client'] }}"

16
roles/borgbackup/tasks/main.yml
View File

@@ -1,16 +0,0 @@
---
- name: Set borg fact
ansible.builtin.set_fact:
borgbackup: borg
when: ansible_facts['distribution'] == "Archlinux"
- name: Set borgbackup fact
ansible.builtin.set_fact:
borgbackup: borgbackup
when: ansible_facts['distribution'] == "Debian"
- name: Install borg package
ansible.builtin.package:
name: "{{ borgbackup }}"
state: present

1
roles/restic/defaults/main.yml
View File

@@ -11,3 +11,4 @@ restic_backup_path: ["/srv", "/home", "/etc"]
restic_backup_excluded_path: ["/srv/NOBACKUP"] restic_backup_excluded_path: ["/srv/NOBACKUP"]
restic_backup_hour: 6 restic_backup_hour: 6
restic_backup_minute: 0 restic_backup_minute: 0
restic_exe_group: "root"

2
roles/restic/tasks/install.yml
View File

@@ -16,4 +16,4 @@
path: "{{ restic_path }}" path: "{{ restic_path }}"
mode: 0755 mode: 0755
owner: root owner: root
group: root group: "{{ restic_exe_group }}"

2
roles/restic/tasks/main.yml
View File

@@ -12,7 +12,7 @@
src: resticbackup.sh.j2 src: resticbackup.sh.j2
dest: "{{ restic_script_path }}" dest: "{{ restic_script_path }}"
owner: root owner: root
group: root group: "{{ restic_exe_group }}"
mode: '0750' mode: '0750'
- name: Cron backup script - name: Cron backup script

2
smtprelay.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: Deploy smtp relay - name: Deploy smtp relay
hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!mail.dmz.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!mail.dmz.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa:!frederica.dmz.mateu.be
diff: true diff: true
roles: roles:
- smtprelay - smtprelay

2
system.yml
View File

@@ -1,7 +1,7 @@
--- ---
- name: Deploy system tools - name: Deploy system tools
hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-HP-EliteBook-820-G2.home.arpa!frederica.dmz.mateu.be
diff: true diff: true
roles: roles:
- system - system