From f3a383877602158230fdc1cb1f94e4d0b3654ff7 Mon Sep 17 00:00:00 2001
From: Frank Dornheim <524257+conloos@users.noreply.github.com>
Date: Tue, 14 Mar 2023 06:39:07 +0100
Subject: [PATCH] Removed: borgmatic_initialization_repo

---
 README.md                                    |  2 -
 templates/backup_large_repo.service.j2       | 60 --------------------
 templates/backup_large_repo.timer.j2         | 13 -----
 templates/backup_large_repo_check.service.j2 | 60 --------------------
 templates/backup_large_repo_check.timer.j2   | 13 -----
 templates/backup_normal_repo.service.j2      | 60 --------------------
 templates/backup_normal_repo.timer.j2        | 13 -----
 7 files changed, 221 deletions(-)
 delete mode 100644 templates/backup_large_repo.service.j2
 delete mode 100644 templates/backup_large_repo.timer.j2
 delete mode 100644 templates/backup_large_repo_check.service.j2
 delete mode 100644 templates/backup_large_repo_check.timer.j2
 delete mode 100644 templates/backup_normal_repo.service.j2
 delete mode 100644 templates/backup_normal_repo.timer.j2

diff --git a/README.md b/README.md
index c14dabd..f999b6e 100644
--- a/README.md
+++ b/README.md
@@ -53,7 +53,6 @@ Main features:
     borgmatic_timer: systemd
     borgbackup_user: "srv_backup"
     borgbackup_group: "srv_backup"
-    borgmatic_initialization_repo: false
     borg_source_directories:
       - /srv/www
       - /var/lib/automysqlbackup
@@ -119,7 +118,6 @@ $ git clone https://github.com/borgbase/ansible-role-borgbackup.git roles/ansibl
 - `borgmatic_timer_hour`: Hour when regular create and prune cron/systemd-timer job will run. Defaults to `{{ 6 | random }}`
 - `borgmatic_timer_minute`: Minute when regular create and prune cron/systemd-timer job will run. Defaults to  `{{ 59 | random }}`
 - `borgmatic_hooks`: Hooks to monitor your backups e.g. with [Healthchecks](https://healthchecks.io/). See [official documentation](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/) for more.
-- `borgmatic_initialization_repo`: Auto initialization of the repo on the backup server. Defaults to `false`
 - `borgmatic_timer`: If the variable is set, a timer is installed. A choice must be made between `cron` and `systemd`.
 - `borgmatic_relocated_repo_access_is_ok`: Bypass Borg error about a repository that has been moved. Defaults to `false`
 - `borgmatic_store_atime`: Store atime into archive. Defaults to `true`
diff --git a/templates/backup_large_repo.service.j2 b/templates/backup_large_repo.service.j2
deleted file mode 100644
index 85adb5d..0000000
--- a/templates/backup_large_repo.service.j2
+++ /dev/null
@@ -1,60 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=borgmatic backup only - because large repo
-Wants=backup_normal_repo.timer
-Wants=network-online.target
-After=network-online.target
-# Prevent borgmatic from running unless the machine is plugged into power. Remove this line if you
-# want to allow borgmatic to run anytime.
-ConditionACPower=true
-
-[Service]
-Type=oneshot
-User={{ borgbackup_user }}
-ExecStart=/usr/local/bin/borgmatic -C -p -c /etc/borgmatic/{{ borgmatic_config_name }}
-
-# Source: https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.service
-# Security settings for systemd running as root, optional but recommended to improve security. You
-# can disable individual settings if they cause problems for your use case. For more details, see
-# the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
-LockPersonality=true
-# Certain borgmatic features like Healthchecks integration need MemoryDenyWriteExecute to be off.
-# But you can try setting it to "yes" for improved security if you don't use those features.
-MemoryDenyWriteExecute=no
-NoNewPrivileges=yes
-PrivateDevices=yes
-PrivateTmp=yes
-ProtectClock=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectKernelLogs=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=yes
-RestrictRealtime=yes
-RestrictSUIDSGID=yes
-SystemCallArchitectures=native
-SystemCallFilter=@system-service
-SystemCallErrorNumber=EPERM
-# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
-# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
-# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
-# leaves most of the filesystem read-only to borgmatic.
-ProtectSystem=full
-# ReadWritePaths=-/mnt/my_backup_drive
-# ReadOnlyPaths=-/var/lib/my_backup_source
-# This will mount a tmpfs on top of /root and pass through needed paths
-# ProtectHome=tmpfs
-# BindPaths=-/root/.cache/borg -/root/.config/borg -/root/.borgmatic
-
-# May interfere with running external programs within borgmatic hooks.
-# CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_RAW
-
-# Lower CPU and I/O priority.
-Nice=19
-CPUSchedulingPolicy=batch
-IOSchedulingClass=best-effort
-IOSchedulingPriority=7
-IOWeight=100
\ No newline at end of file
diff --git a/templates/backup_large_repo.timer.j2 b/templates/backup_large_repo.timer.j2
deleted file mode 100644
index 2ff402c..0000000
--- a/templates/backup_large_repo.timer.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=Start creating of Backups - see: https://www.freedesktop.org/software/systemd/man/systemd.time.html#
-
-[Timer]
-# Day-of-the-Week Year-Month-Day Hour:Minutes:Seconds
-# Persistent -> resume backup after shutdown
-OnCalendar= *-*-* {{ borgmatic_timer_hour }}:{{ borgmatic_timer_minute }}:00
-Persistent=true
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file
diff --git a/templates/backup_large_repo_check.service.j2 b/templates/backup_large_repo_check.service.j2
deleted file mode 100644
index 8d8ce91..0000000
--- a/templates/backup_large_repo_check.service.j2
+++ /dev/null
@@ -1,60 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=borgmatic check consistently only - because large repo
-Wants=backup_normal_repo.timer
-Wants=network-online.target
-After=network-online.target
-# Prevent borgmatic from running unless the machine is plugged into power. Remove this line if you
-# want to allow borgmatic to run anytime.
-ConditionACPower=true
-
-[Service]
-Type=oneshot
-User={{ borgbackup_user }}
-ExecStart=/usr/local/bin/borgmatic -k -c /etc/borgmatic/{{ borgmatic_config_name }}
-
-# Source: https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.service
-# Security settings for systemd running as root, optional but recommended to improve security. You
-# can disable individual settings if they cause problems for your use case. For more details, see
-# the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
-LockPersonality=true
-# Certain borgmatic features like Healthchecks integration need MemoryDenyWriteExecute to be off.
-# But you can try setting it to "yes" for improved security if you don't use those features.
-MemoryDenyWriteExecute=no
-NoNewPrivileges=yes
-PrivateDevices=yes
-PrivateTmp=yes
-ProtectClock=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectKernelLogs=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=yes
-RestrictRealtime=yes
-RestrictSUIDSGID=yes
-SystemCallArchitectures=native
-SystemCallFilter=@system-service
-SystemCallErrorNumber=EPERM
-# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
-# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
-# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
-# leaves most of the filesystem read-only to borgmatic.
-ProtectSystem=full
-# ReadWritePaths=-/mnt/my_backup_drive
-# ReadOnlyPaths=-/var/lib/my_backup_source
-# This will mount a tmpfs on top of /root and pass through needed paths
-# ProtectHome=tmpfs
-# BindPaths=-/root/.cache/borg -/root/.config/borg -/root/.borgmatic
-
-# May interfere with running external programs within borgmatic hooks.
-# CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_RAW
-
-# Lower CPU and I/O priority.
-Nice=19
-CPUSchedulingPolicy=batch
-IOSchedulingClass=best-effort
-IOSchedulingPriority=7
-IOWeight=100
\ No newline at end of file
diff --git a/templates/backup_large_repo_check.timer.j2 b/templates/backup_large_repo_check.timer.j2
deleted file mode 100644
index b652d1c..0000000
--- a/templates/backup_large_repo_check.timer.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=Start creating of Backups - see: https://www.freedesktop.org/software/systemd/man/systemd.time.html#
-
-[Timer]
-# Day-of-the-Week Year-Month-Day Hour:Minutes:Seconds
-# Persistent -> resume backup after shutdown
-OnCalendar= {% if borgmatic_timer_day_of_the_week is defined and borgmatic_timer_day_of_the_week | length > 0 %} {{ borgmatic_timer_day_of_the_week }} {% endif %} *-*-{{ borgmatic_timer_checks_day }} {{ borgmatic_timer_checks_hour }}:{{ borgmatic_timer_checks_minute }}:00
-Persistent=true
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file
diff --git a/templates/backup_normal_repo.service.j2 b/templates/backup_normal_repo.service.j2
deleted file mode 100644
index ebd9186..0000000
--- a/templates/backup_normal_repo.service.j2
+++ /dev/null
@@ -1,60 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=borgmatic backup
-Wants=backup_normal_repo.timer
-Wants=network-online.target
-After=network-online.target
-# Prevent borgmatic from running unless the machine is plugged into power. Remove this line if you
-# want to allow borgmatic to run anytime.
-ConditionACPower=true
-
-[Service]
-Type=oneshot
-User={{ borgbackup_user }}
-ExecStart=/usr/local/bin/borgmatic -c /etc/borgmatic/{{ borgmatic_config_name }}
-
-# Source: https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.service
-# Security settings for systemd running as root, optional but recommended to improve security. You
-# can disable individual settings if they cause problems for your use case. For more details, see
-# the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
-LockPersonality=true
-# Certain borgmatic features like Healthchecks integration need MemoryDenyWriteExecute to be off.
-# But you can try setting it to "yes" for improved security if you don't use those features.
-MemoryDenyWriteExecute=no
-NoNewPrivileges=yes
-PrivateDevices=yes
-PrivateTmp=yes
-ProtectClock=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectKernelLogs=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=yes
-RestrictRealtime=yes
-RestrictSUIDSGID=yes
-SystemCallArchitectures=native
-SystemCallFilter=@system-service
-SystemCallErrorNumber=EPERM
-# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
-# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
-# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
-# leaves most of the filesystem read-only to borgmatic.
-ProtectSystem=full
-# ReadWritePaths=-/mnt/my_backup_drive
-# ReadOnlyPaths=-/var/lib/my_backup_source
-# This will mount a tmpfs on top of /root and pass through needed paths
-# ProtectHome=tmpfs
-# BindPaths=-/root/.cache/borg -/root/.config/borg -/root/.borgmatic
-
-# May interfere with running external programs within borgmatic hooks.
-# CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_RAW
-
-# Lower CPU and I/O priority.
-Nice=19
-CPUSchedulingPolicy=batch
-IOSchedulingClass=best-effort
-IOSchedulingPriority=7
-IOWeight=100
diff --git a/templates/backup_normal_repo.timer.j2 b/templates/backup_normal_repo.timer.j2
deleted file mode 100644
index 2ff402c..0000000
--- a/templates/backup_normal_repo.timer.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-# Managed by Ansible, please don't edit manually
-
-[Unit]
-Description=Start creating of Backups - see: https://www.freedesktop.org/software/systemd/man/systemd.time.html#
-
-[Timer]
-# Day-of-the-Week Year-Month-Day Hour:Minutes:Seconds
-# Persistent -> resume backup after shutdown
-OnCalendar= *-*-* {{ borgmatic_timer_hour }}:{{ borgmatic_timer_minute }}:00
-Persistent=true
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file