hooks removed in favor of commands, databases minimal support added

This commit is contained in:
Alik Kurdyukov 2025-06-16 22:02:51 +04:00
parent d26654f341
commit e334994e19
8 changed files with 78 additions and 40 deletions

View File

@ -55,9 +55,11 @@ remote backup server. (not tested)
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
borgmatic_hooks:
before_backup:
- echo "`date` - Starting backup."
borgmatic_commands:
- before: action
when: [create]
run:
- echo "`date` - Before backup"
tasks:
- name: Configure Borg Backup and Backupmatic
tags:

View File

@ -19,6 +19,11 @@ Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Ho
Systemd timers, be sure to remove the Cron job in `/etc/cron.d/borgmatic` first.
The role will also alert you when trying to use both timers.
## TODO
- [ ] Support database backup (https://torsion.org/borgmatic/docs/how-to/backup-your-databases/)
- [ ] Support healthchecks (https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
## Example playbook with root as backup user, using the distro package and Cron timer
```
@ -31,13 +36,16 @@ Works great with [BorgBase.com](https://www.borgbase.com) - Simple and Secure Ho
- ssh://xxxxxx@xxxxxx.repo.borgbase.com/./repo
borg_source_directories:
- /var/www
borgmatic_hooks:
before_backup:
- echo "`date` - Starting backup."
postgresql_databases:
- name: users
hostname: database1.example.org
port: 5433
borgmatic_commands:
- before: action
when: [create]
run:
- echo "Before create!"
borgmatic_databases:
postgresql:
- name: users
hostname: database1.example.org
port: 5433
```
## Example playbook with service user and Systemd timer
@ -111,7 +119,7 @@ $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansibl
- `borgmatic_timer_hour`: Hour when regular create and prune cron/systemd-timer job will run. Defaults to `{{ 6 | random }}`
- `borgmatic_timer_minute`: Minute when regular create and prune cron/systemd-timer job will run. Defaults to `{{ 59 | random }}`
- `borgmatic_timer_flags`: Flags to pass to borgmatic cron/systemd-timer job, like "--log-file /path/to/file.log --log-file-verbosity 2"
- `borgmatic_hooks`: Hooks to monitor your backups e.g. with [Healthchecks](https://healthchecks.io/). See [official documentation](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/) for more.
- `borgmatic_commands`: Invoke script before/after actions. See [How to add preparation and cleanup steps to backups](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/) for more.
- `borgmatic_timer`: If the variable is set, a timer is installed. A choice must be made between `cron` and `systemd`.
- `borgmatic_relocated_repo_access_is_ok`: Bypass Borg error about a repository that has been moved. Defaults to `false`
- `borgmatic_store_atime`: Store atime into archive. Defaults to `true`

View File

@ -27,13 +27,21 @@ borg_install_method: "pip"
borg_require_epel: "{{ ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora' }}"
borgmatic_config_name: config.yaml
borgmatic_hooks:
on_error:
- echo "`date` - Error while creating a backup."
before_backup:
- echo "`date` - Starting backup."
after_backup:
- echo "`date` - Finished backup."
borgmatic_commands:
- before: action
when: [create]
run:
- echo "Before create!"
- after: action
when:
- create
- prune
run:
- echo "After create or prune!"
- after: error
run:
- echo "Something went wrong!"
borgmatic_checks:
- name: repository
frequency: "4 weeks"

View File

@ -163,10 +163,11 @@ argument_specs:
type: int
required: false
description: Restrict the number of checked archives to the last n. Applies only to the "archives" check.
borgmatic_hooks:
type: dict
borgmatic_commands:
type: list
elements: dict
required: false
description: Shell commands or scripts to execute before and after a backup or if an error has occurred.
description: Shell commands or scripts to execute before and after a backup or if an error has occurred. See https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/
borgmatic_timer_cron_name:
type: str
required: false
@ -203,3 +204,8 @@ argument_specs:
type: str
required: false
description: Comment added to the SSH public key.
borgmatic_databases:
type: dict
required: false
description: Database server name to list of databases to backup, see EXAMPLES.md

View File

@ -46,10 +46,13 @@
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
borgmatic_hooks:
before_backup:
- echo "`date` - Starting backup."
postgresql_databases:
- name: users
hostname: database1.example.org
port: 5433
borgmatic_commands:
- before: action
when: [create]
run:
- echo "Before create!"
borgmatic_databases:
postgresql:
- name: users
hostname: database1.example.org
port: 5433

View File

@ -46,10 +46,13 @@
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
borgmatic_hooks:
before_backup:
- echo "`date` - Starting backup."
postgresql_databases:
- name: users
hostname: database1.example.org
port: 5433
borgmatic_commands:
- before: action
when: [create]
run:
- echo "Before create!"
borgmatic_databases:
postgresql:
- name: users
hostname: database1.example.org
port: 5433

View File

@ -5,5 +5,5 @@
- borgmatic_failure_command is undefined
- borgmatic_before_backup_command is undefined
- borgmatic_after_backup_command is undefined
msg: Please use the new borgmatic_hooks variable instead of individual before/after/failure hooks.
msg: Please use the new borgmatic_commands variable instead of individual before/after/failure hooks.
...

View File

@ -19,9 +19,11 @@ repositories:
{% if borg_repository is iterable and (borg_repository is not string and borg_repository is not mapping) %}
{% for repo in borg_repository %}
- path: {{ repo }}
encryption: repokey
{% endfor %}
{% elif borg_repository is defined and borg_repository is string %}
- path: {{ borg_repository }}
encryption: repokey
{% endif %}
# Store atime into archive.
@ -173,7 +175,13 @@ check_last: {{ borgmatic_check_last }}
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
# prevent potential shell injection or privilege escalation.
{% for hook in borgmatic_hooks %}
{{ hook }}:
{{ borgmatic_hooks[hook] | to_nice_yaml(indent=4) | indent(4, first=true) }}
{% endfor %}
{% if borgmatic_commands is defined %}
commands:
{{ borgmatic_commands | to_nice_yaml(indent=4) | indent(4, first=true) }}
{% endif %}
# Databases specific backup
{% for database in borgmatic_databases %}
{{ database }}_databases:
{{ borgmatic_databases[database] | to_nice_yaml(indent=4) | indent(4, first=true) }}
{% endfor %}