Remove old test targets, consistent wording, remove tag

2025-05-29 01:15:45 +02:00 · 2023-03-19 17:29:57 +00:00 · 2023-03-19 17:29:57 +00:00 · adc2e40ccb
commit adc2e40ccb
parent 4428bbf4a7
17 changed files with 70 additions and 113 deletions
--- a/README-Advanced-Examples.md
+++ b/README-Advanced-Examples.md
@ -1,14 +1,16 @@
-# Ansible Role: BorgBackup Client
+# Additional Examples
-The following example installs and configures the Borgmatic client and also initializes the repo on the BackupServer.
+
 ## Use service user and copy SSH key to target server
 Installs and configures the Borgmatic client and also initializes the repo on the remote backup server.
 ## Fullautomated Playbook with service user -> this has sudo power
 ```
 - name: Configure backup
  hosts: test.lab
  pre_tasks:
-  - name: Get home of {{ borgbackup_user }}
+  - name: Get home of {{ borg_user }}
    ansible.builtin.user:
-      name: "{{ borgbackup_user }}"
+      name: "{{ borg_user }}"
      state: present
    register: user_info
    changed_when: false
@ -21,9 +23,8 @@ The following example installs and configures the Borgmatic client and also init
  vars:
    borg_encryption_passphrase: "CHANGEME"
    borg_repository: "USER@TARGET_SERVER:/PATH/TO/BACKUP"
-    borgbackup_user: "srv_backup"
+    borg_user: "srv_backup"
-    borgbackup_group: "srv_backup"
+    borg_group: "srv_backup"
    borg_repository: "{{ vault_borg.backup_user }}@{{ backup_server }}:{{ backup_path }}/{{ ansible_host }}"
    borg_ssh_key_file_path: "{{ backup_user_info.home }}/.ssh/backup"
    borg_ssh_command: "ssh -i {{ borg_ssh_key_file_path }} -o StrictHostKeyChecking=no"
    borgmatic_timer: systemd
@ -77,7 +78,7 @@ The following example installs and configures the Borgmatic client and also init
        - name: Init repository
          ansible.builtin.command:
-            cmd: "su - {{ borgbackup_user }} -c '/usr/local/bin/borgmatic rcreate --encryption keyfile --append-only'"
+            cmd: "su - {{ borg_user }} -c '/usr/local/bin/borgmatic rcreate --encryption keyfile --append-only'"
    - name: Activate systemd service and timer
      when:
@ -99,7 +100,7 @@ The following example installs and configures the Borgmatic client and also init
          when: "item in services"
          with_items:
            - borgmatic.service
-        
+
        # bug: Need own section without masked else the timer are skipped
        - name: Start borgmatic timers
          ansible.builtin.systemd:
@ -109,4 +110,4 @@ The following example installs and configures the Borgmatic client and also init
            daemon_reload: true
          with_items:
            - "borgmatic.timer"
-```
+```
--- a/README.md
+++ b/README.md
@ -8,8 +8,7 @@ Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Ho
 Main features:
 - Set up Borg and Borgmatic
- Add systemd timer random time
+- Schedule regular backups using Cron or Systemd timer.
 - Provision new remote [BorgBase.com](https://www.borgbase.com) repo for storing backups (optional)
 ## Example Playbook with root as backup user and Cron timer
@ -19,7 +18,7 @@ Main features:
  roles:
  - role: m3nu.ansible_role_borgbackup
    borg_encryption_passphrase: CHANGEME
-    borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
+    borg_repository: ssh://m5vz9gp4@m5vz9gp4.repo.borgbase.com/./repo
    borgmatic_timer: cron
    borg_source_directories:
      - /srv/www
@ -49,12 +48,12 @@ If you already use this role and use the user: "root" or the SSH key id_ed25519!
  roles:
  - role: m3nu.ansible_role_borgbackup
    borg_encryption_passphrase: CHANGEME
-    borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
+    borg_repository: ssh://m5vz9gp4@m5vz9gp4.repo.borgbase.com/./repo
    borgmatic_timer: systemd
    borg_ssh_key_file_path: "{{ backup_user_info.home }}/.ssh/backup"
    borg_ssh_command: "ssh -i {{ borg_ssh_key_file_path }} -o StrictHostKeyChecking=no"
-    borgbackup_user: "srv_backup"
+    borg_user: "srv_backup"
-    borgbackup_group: "srv_backup"
+    borg_group: "srv_backup"
    borg_source_directories:
      - /srv/www
      - /var/lib/automysqlbackup
@ -89,26 +88,18 @@ $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansibl
 ## Tags:
-This Role supports the following ansible tags:
+This role supports the following Ansible tags:
- `install_backup`: Tag for only run that part.
+- `backup_install_helper` Install optional helper scripts from `files` folder. Currently only Docker.
 - `backup_install_helper` Tag to additionally install the backup helper skripts. Currently only docker.
 ### Example
 To install the helper scrit.
 ```
 $ ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook test.example.com -t backup_install_helper
 ```
 ## Role Variables
-### Required Arguments
+### Required Variables
- `borg_repository`: Full path to repository. Your own server or [BorgBase.com](https://www.borgbase.com) repo. Not required when using auto creation of repositories. Can be a list if you want to backup to multiple repositories.
+- `borg_repository`: Full path to repository. Your own server or [BorgBase.com](https://www.borgbase.com) repo.
  Can be a list if you want to backup to multiple repositories.
-
+### Optional Variables
 ### Optional Arguments
 - `borg_dep_packages`: Dependancy Packages to install `borg(backup)` and `borgmatic`.
 - `borg_distro_packages`: contains the names of distributions packages for `borg(backup)` and `borgmatic`, only used if `borg_install_method` is set to `package`.
 - `borg_encryption_passcommand`: The standard output of this command is used to unlock the encryption key.
@ -142,8 +133,8 @@ $ ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook test.example.com -t backup_insta
 - `borgmatic_store_ctime`: Store ctime into archive. Defaults to `true`
 - `borgmatic_version`: Force a specific borgmatic version to be installed
- `borgbackup_user`: Name of the User to create Backups (Service Account)
+- `borg_user`: Name of the User to create Backups (service account)
- `borgbackup_group`: Name of the Group to create Backups (Service Account)
+- `borg_group`: Name of the Group to create Backups (service account)
 ## Contributing
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -36,9 +36,9 @@ borgmatic_hooks:
 # See: https://torsion.org/borgmatic/docs/how-to/deal-with-very-large-backups/#check-frequency
 borgmatic_checks:
  - name: repository
-    frequency: "2 Weeks"
+    frequency: "4 weeks"
  - name: archives
-    frequency: "1 month"
+    frequency: "6 weeks"
 borgmatic_check_last: 3
 borgmatic_store_atime: true
 borgmatic_store_ctime: true
@ -46,6 +46,6 @@ borgmatic_relocated_repo_access_is_ok: false
 borgmatic_version: false
 borg_venv_path: "/opt/borgmatic"
-borgbackup_user: "root"
+borg_user: "root"
-borgbackup_group: "root"
+borg_group: "root"
 ...
--- a/meta/arguments_specs.yml
+++ b/meta/arguments_specs.yml
@ -16,7 +16,7 @@ argument_specs:
        type: str
        required: false
        description: |
-          Contains the names of distributions packages for borg(backup) and borgmatic, 
+          Contains the names of distributions packages for borg(backup) and borgmatic,
          only used if `borg_install_method` is set to package
      borg_pip_packages:
        type: str
@ -32,8 +32,8 @@ argument_specs:
        default: pip
        description: |
          By default pip is used to install borgmatic.
-          To install via your distributions package manager set this to package and (if needed) 
+          To install via your distributions package manager set this to package and (if needed)
-          overwrite the borg_distro_packages variable to contain your distributions package names 
+          overwrite the borg_distro_packages variable to contain your distributions package names
          required to install borgmatic.
          Note that many distributions ship outdated versions of borgbackup and borgmatic; use at your own risk.
      borgmatic_config_name:
@ -41,11 +41,11 @@ argument_specs:
        required: false
        default: config.yaml
        description: Name to use for the borgmatic config file.
-      borgbackup_user:
+      borg_user:
        type: str
        default: root
        description: Name of the User to create Backups (Service Account)
-      borgbackup_group:
+      borg_group:
        type: str
        default: root
        description: Name of the Group to create Backups (Service Account)
@ -137,11 +137,11 @@ argument_specs:
          description: Number of weekly archives to keep.
        keep_monthly:
          type: int
-          required: false 
+          required: false
          description: Number of monthly archives to keep.
        keep_yearly:
          type: int
-          required: false 
+          required: false
          description: Number of yearly archives to keep.
      borgmatic_checks:
        type: List
@ -152,8 +152,8 @@ argument_specs:
          Defaults to "repository" and "archives".
          Set to "disabled" to disable all consistency checks.
          "repository" checks the consistency of the repository,
-          "archives" checks all of the archives, "data" verifies 
+          "archives" checks all of the archives, "data" verifies
-          the integrity of the data within the  archives, and 
+          the integrity of the data within the  archives, and
          "extract" does an extraction dry-run of the  most recent archive.
          Note that "data" implies "archives".
      borgmatic_check_last:
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -6,18 +6,12 @@ driver:
 platforms:
  - name: archlinux-latest
    image: archlinux:latest
  - name: centos-7
    image: centos:7
  - name: almalinux-8
    image: almalinux:8
  - name: almalinux-9
    image: almalinux:9
  - name: fedora-latest
    image: fedora:latest
  - name: debian-bullseye
    image: debian:bullseye
  - name: ubuntu-bionic
    image: ubuntu:bionic
  - name: ubuntu-latest
    image: ubuntu:latest
 provisioner:
--- a/tasks/01_install.yml
+++ b/tasks/01_install.yml
@ -1,7 +1,5 @@
 ---
 - name: Install borgbackup
  tags:
    - install_backup
  block:
    - name: Ensure legacy hooks aren't used
      ansible.builtin.assert:
--- a/tasks/02_user_management.yml
+++ b/tasks/02_user_management.yml
@ -3,13 +3,11 @@
 # Since we cannot be sure that this FSH is compatible we will determine it.
 - name: Get home dir
  when:
-    - borgbackup_user == "root"
+    - borg_user == "root"
  tags:
    - install_backup
  block:
-    - name: Get home if borgbackup_user == "root"
+    - name: Get home if borg_user == "root"
      ansible.builtin.user:
-        name: "{{ borgbackup_user }}"
+        name: "{{ borg_user }}"
        state: present
      register: user_info
      changed_when: false
@ -19,11 +17,9 @@
      ansible.builtin.set_fact:
        backup_user_info: "{{ user_info }}"
- name: Create User if borgbackup_user != "root"
+- name: Create user if borg_user != "root"
  when:
-    - borgbackup_user != "root"
+    - borg_user != "root"
  tags:
    - install_backup
  ansible.builtin.include_tasks:
    file: noauto_create_backup_user_and_group.yml
 ...
--- a/tasks/03_create_key.yml
+++ b/tasks/03_create_key.yml
@ -1,28 +1,23 @@
 ---
-# In this Play an ssh key pair is created for login to the backup server and secure data transfer.
+- name: Create SSH key (if neeeded) for {{ borg_user }}
 # We do not want the possibly existing key to be used/distributed,
 # so a backup-specific (backup/backup.pub) one is created.
 - name: Create ssh-key (if neeeded) for {{ borgbackup_user }}
  tags:
    - install_backup
  block:
    - name: Ensure directory exist
      ansible.builtin.file:
        path: "{{ backup_user_info.home }}/.ssh/"
        state: directory
        mode: "0700"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
    - name: Generate an OpenSSH keypair
      community.crypto.openssh_keypair:
        path: "{{ borg_ssh_key_file_path }}"
        mode: "0600"
        type: "{{ borg_ssh_key_type }}"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
-    - name: Read ssh key
+    - name: Read SSH key
      ansible.builtin.slurp:
        src: "{{ borg_ssh_key_file_path }}.pub"
      register: backup_local_ssh_key
--- a/tasks/04_helper_scripts.yml
+++ b/tasks/04_helper_scripts.yml
@ -10,5 +10,5 @@
    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
  with_items:
-    - { src: "docker.sh", dest: "/usr/local/bin/docker.sh", owner: "{{ borgbackup_user }}", group: "{{ borgbackup_group }}", mode: "0770" }
+    - { src: "docker.sh", dest: "/usr/local/bin/docker.sh", owner: "{{ borg_user }}", group: "{{ borg_group }}", mode: "0770" }
 ...
--- a/tasks/05_configure.yml
+++ b/tasks/05_configure.yml
@ -1,21 +1,19 @@
 ---
- name: Configure borgbackup
+- name: Add Borgmatic config file
  tags:
    - install_backup
  block:
    - name: Ensure /etc/borgmatic exists
      ansible.builtin.file:
        path: /etc/borgmatic
        state: directory
        mode: "0700"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
    - name: Add Borgmatic configuration
      ansible.builtin.template:
        src: config.yaml.j2
        dest: "/etc/borgmatic/{{ borgmatic_config_name }}"
        mode: "0600"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
 ...
--- a/tasks/07_install_timer.yml
+++ b/tasks/07_install_timer.yml
@ -2,8 +2,6 @@
 - name: Create borgbackup timer
  when:
    - borgmatic_timer is defined and borgmatic_timer | length > 0
  tags:
    - install_backup
  block:
    - name: Start timer install script
      ansible.builtin.include_tasks:
--- a/tasks/noauto_create_backup_user_and_group.yml
+++ b/tasks/noauto_create_backup_user_and_group.yml
@ -1,21 +1,19 @@
 ---
 - name: Setup backup environment
  tags:
    - install_backup
  when:
    - backup_create_local_user is not defined or backup_create_local_user
-    - borgbackup_user != "root"
+    - borg_user != "root"
  block:
    - name: Add local backup group
      ansible.builtin.group:
-        name: "{{ borgbackup_group }}"
+        name: "{{ borg_group }}"
        state: present
    - name: Add local backup user
      ansible.builtin.user:
-        name: "{{ borgbackup_user }}"
+        name: "{{ borg_user }}"
        shell: "/bin/bash"
-        groups: "{{ borgbackup_group }}"
+        groups: "{{ borg_group }}"
        comment: "Backup User Account"
        append: true
      register: user_info
@ -28,9 +26,9 @@
      community.general.sudoers:
        name: "backup"
        state: present
-        user: "{{ borgbackup_user }}"
+        user: "{{ borg_user }}"
        nopassword: true
-        commands: 
+        commands:
          - "/opt/borgmatic/bin/borg"
          - "/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }}"
 ...
--- a/tasks/noauto_create_timer_cron.yml
+++ b/tasks/noauto_create_timer_cron.yml
@ -4,16 +4,14 @@
    name: "{{ borg_cron_package }}"
    state: present
- name: Add cron-job for borgmatic
+- name: Add Cron job for borgmatic
  tags:
    - install_backup
  block:
    - name: Add cron job for create, check and prune
      cron:
        name: "{{ borgmatic_timer_cron_name }}"
        hour: "{{ borgmatic_timer_hour }}"
        minute: "{{ borgmatic_timer_minute }}"
-        user: "{{ borgbackup_user }}"
+        user: "{{ borg_user }}"
        cron_file: "{{ borgmatic_timer_cron_name }}"
        job: "/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }}"
@ -23,10 +21,8 @@
        state: absent
 - name: Set PATH for borgmatic cron job.
  tags:
    - install_backup
  cron:
-    user: "{{ borgbackup_user }}"
+    user: "{{ borg_user }}"
    cron_file: "{{ borgmatic_timer_cron_name }}"
    name: PATH
    env: yes
--- a/tasks/noauto_create_timer_systemd.yml
+++ b/tasks/noauto_create_timer_systemd.yml
@ -1,7 +1,5 @@
 ---
 - name: Create borgbackup timer
  tags:
    - install_backup
  block:
    - name: Copy systemd files
      ansible.builtin.template:
@ -47,5 +45,5 @@
        - name: Show hints
          when: "'backup_init_repo' not in ansible_run_tags"
          ansible.builtin.debug:
-            msg: "Attention: Since the repo was not initialized automatically, the systemd service (borgmatic.service) and the timer (bborgmatic.timer) are not activated."
+            msg: "Attention: Since the repo was not initialized automatically, the systemd service (borgmatic.service) and the timer (borgmatic.timer) are not activated."
 ...
--- a/tasks/noauto_install_package.yml
+++ b/tasks/noauto_install_package.yml
@ -1,7 +1,5 @@
 ---
 - name: Install borgbackup by distro
  tags:
    - install_backup
  block:
    - name: Check if EPEL repo is enabled, if installation from distro is requested
      when: ansible_os_family == 'RedHat'
--- a/tasks/noauto_install_pip.yml
+++ b/tasks/noauto_install_pip.yml
@ -1,7 +1,5 @@
 ---
 - name: Install Borg and Borgmatic via pip
  tags:
    - install_backup
  block:
    - name: Install build dependencies
      ansible.builtin.package:
@ -32,8 +30,6 @@
      loop: "{{ borg_python_packages }}"
 - name: Create links to Borgmatic and Borg binarys
  tags:
    - install_backup
  block:
    - name: Create borgmatic command in /usr/local/bin
      ansible.builtin.copy:
@ -43,8 +39,8 @@
          borgmatic "$@"
        dest: /usr/local/bin/borgmatic
        mode: "0755"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
    - name: Create borg command in /usr/local/bin
      ansible.builtin.copy:
@ -54,8 +50,8 @@
          borg "$@"
        dest: /usr/local/bin/borg
        mode: "0755"
-        owner: "{{ borgbackup_user }}"
+        owner: "{{ borg_user }}"
-        group: "{{ borgbackup_group }}"
+        group: "{{ borg_group }}"
 ...
--- a/templates/borgmatic.service.j2
+++ b/templates/borgmatic.service.j2
@ -11,7 +11,7 @@ ConditionACPower=true
 [Service]
 Type=oneshot
-User={{ borgbackup_user }}
+User={{ borg_user }}
 ExecStart=/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }}
 # Source: https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.service