Mirrors
/
ansible-role-borg-backup
mirror of https://github.com/borgbase/ansible-role-borgbackup.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove borgbase module, now separate (#100)

Browse Source
pull/84/head
Manuel Riel 2 years ago committed by GitHub
parent 740e9fe758
commit 1def545c86
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 8 additions and 305 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      .ansible-lint
  2. 1
      .gitignore
  3. 50
      README.md
  4. 8
      defaults/main.yml
  5. 215
      library/borgbase.py
  6. 6
      module_utils/README
  7. 2
      molecule/default/Dockerfile.j2
  8. 28
      tasks/main.yml

3
.ansible-lint
Unescape View File

@ -0,0 +1,3 @@
---
skip_list:
- fqcn-builtins

1
.gitignore vendored
Unescape View File

@ -0,0 +1 @@
.cache

50
README.md
Unescape View File

@ -2,9 +2,9 @@
[![Test](https://github.com/borgbase/ansible-role-borgbackup/actions/workflows/main.yml/badge.svg)](https://github.com/borgbase/ansible-role-borgbackup/actions/workflows/main.yml) [![Ansible Galaxy](https://img.shields.io/ansible/role/48519)](https://galaxy.ansible.com/m3nu/ansible_role_borgbackup)
Set up encrypted, compressed and deduplicated backups using [BorgBackup](https://borgbackup.readthedocs.io/en/stable/) and [Borgmatic](https://github.com/witten/borgmatic). Currently supports Debian/Ubuntu and CentOS/Red Hat.
Set up encrypted, compressed and deduplicated backups using [BorgBackup](https://borgbackup.readthedocs.io/en/stable/) and [Borgmatic](https://github.com/witten/borgmatic). Currently supports Debian/Ubuntu, CentOS/Red Hat/Fedora, Archlinux and Manjaro.
Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories.
Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories. To manage BorgBase repos via Ansible, also see Andy Hawkins' [BorgBase Collection](https://galaxy.ansible.com/adhawkins/borgbase).
Main features:
- Set up Borg and Borgmatic
@ -44,13 +44,11 @@ Main features:
## Installation
Download from Ansible Galaxy
```
$ ansible-galaxy install m3nu.ansible_role_borgbackup
```
Clone to local folder
Clone latest version from Github
```
$ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansible_role_borgbackup
```
@ -89,48 +87,6 @@ $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansibl
- `ssh_key_file`: Path to a private ssh key file (default is `.ssh/id_ed25519`). It generates a ed25519 key if the file doesn't exist yet.
### Optional Arguments for [BorgBase.com](https://www.borgbase.com) repository auto creation
This role can also set up a new repository on BorgBase, using the arguments below. Thanks to [Philipp Rintz](https://github.com/p-rintz) for contribution of this feature.
- `create_repo`: Whether to let the role create the repository for the server. Default: False
- `bb_token`: Your [BorgBase.com](https://www.borgbase.com) API-Token. Should be Create Only for security reasons.
- `bb_region`: Which region the backups should be saved in. Choice: "eu" or "us".
- `bb_new_sshkey`: Whether to use the automatically created SSH_key. Default: True
- `bb_sshkey`: If there is a key already available on [BorgBase.com](https://www.borgbase.com) that should be used, it can be set with this variable. The key needs to be exactly the same, including key-comment.
- `bb_append`: Should the permission of the newly created repository be append only? Default: True
- `bb_quota`: To use a quota for the Server. Default: False
- `bb_quota_size`: Will need to be set if `bb_quota` is set to True. In Gigabyte.
- `bb_alertdays`: After how many days of no backup activity should alerts be sent out? Defaults to off.
- `bb_repo_name`: What name the created repository should have. Defaults to the inventory_hostname.
### Use BorgBase Module Standalone
You can also use the BorgBase-Ansible module directly if needed:
```
- name: Create new repository for server in EU with new SSH_key and quota
borgbase:
repository_name: "{{ inventory_hostname }}"
token: "Your Borgbase API Token"
new_ssh_key: True
ssh_key: "{{ some_variable }}"
append_only: True
quota_enable: True
quota: 1000 #in GB
region: eu
alertdays: 2
delegate_to: localhost
```
## Planned features
- [x] Testing
- [ ] Multiple repos in one role-call instead of callng this role multiple times.
- [ ] Support more OSs, like Red Hat/Fedora/CentOS, SuSE, Gentoo, Slackware, Arch, BSD
## Contributing
Pull requests (PR) are welcome, as long as they add features that are relevant for a meaningful number of users. All PRs are tested for style and functionality. To run tests locally (needs Docker):

8
defaults/main.yml
Unescape View File

@ -28,15 +28,7 @@ borg_retention_policy:
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
create_repo: False
ssh_key_file: .ssh/id_ed25519
bb_new_sshkey: True
bb_append: True
bb_quota: False
bb_quota_size: 0
bb_alertdays: 0
bb_repo_name: "{{ inventory_hostname }}"
bb_sshkey: "{{ root_user['ssh_public_key'] }}"
borgmatic_cron_name: borgmatic
borgmatic_cron_hour: "{{ 6 | random(seed=inventory_hostname) }}"
borgmatic_cron_minute: "{{ 59 | random(seed=inventory_hostname) }}"

215
library/borgbase.py
Unescape View File

@ -1,215 +0,0 @@
#!/usr/bin/python
DOCUMENTATION = '''
---
module: borgbase
author: "Philipp Rintz (https://github.com/p-rintz)"
short_description: Ansible module for creating new repositories with borgbase.com
description:
- Ansible Module for creating new repositories with borgbase.com including adding new ssh keys
version_added: "2.6"
'''
EXAMPLES = '''
- name: Create new repository for server in EU with new SSH_key and quota
borgbase:
repository_name: "{{ inventory_hostname }}"
token: "Your Borgbase API Token"
new_ssh_key: True
ssh_key: "{{ some_variable }}"
append_only: True
quota_enable: True
quota: 1000 #in GB
region: eu
alertdays: 2
delegate_to: localhost
- name: Create new repository without new key and no quota/alerting in US region
borgbase:
repository_name: "{{ inventory_hostname }}"
token: "Your Borgbase API Token"
new_ssh_key: False
ssh_key: "ssh-ed25519 AAAAC3Nz......aLqRJw+dl/E+2BJ xxx@yyy"
region: us
delegate_to: localhost
'''
from ansible.module_utils.basic import *
from ansible.module_utils.borgbase_api_client.client import GraphQLClient
from ansible.module_utils.borgbase_api_client.mutations import *
from ansible.module_utils.borgbase_api_client.queries import *
def get_key_id(ssh_key):
res = client.execute(KEY_DETAILS)
for i in res['data']['sshList']:
if i['keyData'] == ssh_key:
key_id = i['id']
return key_id
def add_ssh_key():
key_name = 'Key for %s' % (module.params['repository_name'],)
new_key_vars = {
'name': key_name,
'keyData': module.params['ssh_key']
}
res = client.execute(SSH_ADD, new_key_vars)
new_key_id = res['data']['sshAdd']['keyAdded']['id']
return new_key_id
def add_repo(key_id):
if module.params['append_only']:
access_level = 'appendOnlyKeys'
else:
access_level = 'fullAccessKeys'
if not module.params['quota_enable']:
new_repo_vars = {
'name': module.params['repository_name'],
'quotaEnabled': module.params['quota_enable'],
access_level: [key_id],
'alertDays': module.params['alertdays'],
'region': module.params['region']
}
else:
new_repo_vars = {
'name': module.params['repository_name'],
'quotaEnabled': module.params['quota_enable'],
'quota': 1000*module.params['quota'],
access_level: [key_id],
'alertDays': module.params['alertdays'],
'region': module.params['region']
}
res = client.execute(REPO_ADD, new_repo_vars)
return res
def get_repo_id(name):
res = client.execute(REPO_DETAILS)
for repo in res['data']['repoList']:
if repo['name'] == name:
repo_id = repo['id']
return repo_id
return None
def edit_repo(repo_id, key_id):
if module.params['append_only']:
access_level = 'appendOnlyKeys'
else:
access_level = 'fullAccessKeys'
if not module.params['quota_enable']:
repo_vars = {
'id': repo_id,
'name': module.params['repository_name'],
access_level: [key_id],
'alertDays': module.params['alertdays'],
'region': module.params['region']
}
else:
repo_vars = {
'id': repo_id,
'name': module.params['repository_name'],
'quotaEnabled': module.params['quota_enable'],
'quota': 1000*module.params['quota'],
access_level: [key_id],
'alertDays': module.params['alertdays'],
'region': module.params['region']
}
res = client.execute(REPO_EDIT, repo_vars)
return res
def main():
global module
module = AnsibleModule(
argument_spec = dict(
repository_name = dict(
type='str',
required=True,
),
token = dict(
required=True,
type='str',
no_log=True
),
new_ssh_key = dict(
required=False,
default='True',
type='bool'
),
ssh_key = dict(
required=True,
type='str'
),
append_only = dict(
required=False,
default='True',
type='bool'
),
quota_enable = dict(
required=False,
default='False',
type='bool'
),
quota = dict(
required=False,
type='int'
),
region = dict(
required=True,
type='str',
choice=["eu", "us"]
),
alertdays = dict(
required=False,
default=0,
type='int'
)
)
)
global client
client = GraphQLClient(module.params['token'])
# Add new SSH key or get ID of old key
if module.params['new_ssh_key']:
key_id = add_ssh_key()
else:
key_id = get_key_id(module.params['ssh_key'])
# Check if repo with given name exists
repo_id = get_repo_id(module.params['repository_name'])
if repo_id is None:
# Add new repo using the key
res = add_repo(key_id)
repo_exist = False
else:
# Edit the repo
res = edit_repo(repo_id, key_id)
repo_exist = True
# Setup information for Ansible
result = dict(
changed = False,
data = '',
type = '',
key_id = ''
)
# Test for success and change info
if type(res) == dict:
result['changed'] = True
if repo_exist:
result['data'] = res["data"]["repoEdit"]["repoEdited"]
else:
result['data'] = res['data']['repoAdd']['repoAdded']
result['key_id'] = key_id
module.exit_json(**result)
else:
result['data'] = res
result['type'] = type(res)
result['key_id'] = key_id
module.fail_json(msg="Failed creating new respository.", **result)
if __name__ == '__main__':
main()

6
module_utils/README
Unescape View File

@ -1,6 +0,0 @@
The "borgbase_api_client" folder of the API client repository will need to be put into this folder.
Folder structure:
ansible-role-borgbackup/
|---------------------+ module_utils/
|-------- borgbase_api_client/

2
molecule/default/Dockerfile.j2
Unescape View File

@ -14,7 +14,7 @@ ENV {{ var }} {{ value }}
{% endfor %}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates iproute2 python3-apt aptitude && apt-get clean; \
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python3 sudo bash ca-certificates iproute2 python3-apt aptitude && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install /usr/bin/python3 /usr/bin/python3-config /usr/bin/dnf-3 sudo bash iproute && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y /usr/bin/python /usr/bin/python2-config sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \

28
tasks/main.yml
Unescape View File

@ -71,34 +71,6 @@
debug:
var: root_user['ssh_public_key']
- name: Create new repository for server
borgbase:
repository_name: "{{ bb_repo_name }}"
token: "{{ bb_token }}"
new_ssh_key: "{{ bb_new_sshkey }}"
ssh_key: "{{ bb_sshkey }}"
append_only: "{{ bb_append }}"
quota_enable: "{{ bb_quota }}"
quota: "{{ bb_quota_size }}"
region: "{{ bb_region }}"
alertdays: "{{ bb_alertdays }}"
delegate_to: localhost
become: no
register: repo_creation
when: create_repo
- name: Set Repository Fact
set_fact:
borg_repository: |-
{% if borg_repository is defined and borg_repository is string %}
{{ [borg_repository] + [ repo_creation['data']['repoPath'] ] }}
{% elif borg_repository is defined %}
{{ borg_repository + [ repo_creation['data']['repoPath'] ] }}
{% else %}
{{ repo_creation['data']['repoPath'] }}
{% endif %}
when: create_repo
- name: Ensure /etc/borgmatic exists
file:
path: /etc/borgmatic

Write Preview
Loading…
Cancel
Save