mirror of
https://github.com/borgbase/ansible-role-borgbackup.git
synced 2024-12-21 19:09:37 +01:00
initial commit
This commit is contained in:
commit
fecacf36d9
20
LICENSE
Normal file
20
LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2018 Manuel Riel
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
34
README.md
Normal file
34
README.md
Normal file
@ -0,0 +1,34 @@
|
||||
# Ansible Role: BorgBackup Client
|
||||
|
||||
An Ansible Role that installs that sets up BorgBackup on Debian/Ubuntu.
|
||||
|
||||
## Role Variables
|
||||
|
||||
- `borg_repository` (required): Full path to repository.
|
||||
- `borg_encryption_passphrase` (optional): Password to use for repokey or keyfile. Empty if repo is unencrypted.
|
||||
- `borg_source_directories` (required): List of local folders to back up.
|
||||
- `borg_exclude_patterns` (optional): List of local folders to exclude.
|
||||
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```
|
||||
- hosts: webservers
|
||||
roles:
|
||||
- role: borgbackup
|
||||
borg_encryption_passphrase: CHANGEME
|
||||
borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
|
||||
borg_source_directories:
|
||||
- /srv/www
|
||||
- /var/lib/automysqlbackup
|
||||
borg_exclude_patterns:
|
||||
- /srv/www/upload
|
||||
```
|
||||
|
||||
## License
|
||||
|
||||
MIT/BSD
|
||||
|
||||
## Author
|
||||
|
||||
This role was created by Manuel Riel, founder of [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories.
|
3
defaults/main.yml
Executable file
3
defaults/main.yml
Executable file
@ -0,0 +1,3 @@
|
||||
---
|
||||
borg_encryption_passphrase: ''
|
||||
borg_exclude_patterns: []
|
48
tasks/main.yml
Executable file
48
tasks/main.yml
Executable file
@ -0,0 +1,48 @@
|
||||
---
|
||||
- name: Regenerate apt-cache and update packages
|
||||
apt: update_cache=yes upgrade=dist cache_valid_time=120
|
||||
|
||||
- name: Install required System Packages
|
||||
apt:
|
||||
pkg: "{{ item }}"
|
||||
state: installed
|
||||
with_items: "{{ borg_apt_packages }}"
|
||||
|
||||
- name: Install required Python Packages
|
||||
pip:
|
||||
name: "{{ item }}"
|
||||
executable: pip3
|
||||
with_items: "{{ borg_python_packages }}"
|
||||
|
||||
- name: Ensure root has SSH key.
|
||||
user:
|
||||
name: "root"
|
||||
generate_ssh_key: yes
|
||||
ssh_key_file: .ssh/id_ed25519
|
||||
ssh_key_type: ed25519
|
||||
register: root_user
|
||||
|
||||
- debug:
|
||||
var: root_user['ssh_public_key']
|
||||
|
||||
- name: Ensures /etc/borgmatic exists
|
||||
file:
|
||||
path: /etc/borgmatic
|
||||
state: directory
|
||||
mode: 0700
|
||||
owner: root
|
||||
|
||||
- name: Add Borgmatic Configuration
|
||||
template:
|
||||
src: config.yaml.j2
|
||||
dest: "/etc/borgmatic/config.yaml"
|
||||
mode: 0600
|
||||
|
||||
- name: Add cron-job for borgmatic
|
||||
cron:
|
||||
name: "borgmatic"
|
||||
hour: "{{ 4 |random }}"
|
||||
minute: "{{ 59 |random }}"
|
||||
user: "root"
|
||||
cron_file: borgmatic
|
||||
job: "/usr/local/bin/borgmatic"
|
115
templates/config.yaml.j2
Normal file
115
templates/config.yaml.j2
Normal file
@ -0,0 +1,115 @@
|
||||
location:
|
||||
source_directories:
|
||||
{% for dir in borg_source_directories %}
|
||||
- {{ dir }}
|
||||
{% endfor %}
|
||||
|
||||
one_file_system: true
|
||||
repositories:
|
||||
- {{ borg_repository }}
|
||||
|
||||
# Any paths matching these patterns are excluded from backups. Globs and tildes
|
||||
# are expanded. See the output of "borg help patterns" for more details.
|
||||
exclude_patterns:
|
||||
{% for dir in borg_exclude_patterns %}
|
||||
- {{ dir }}
|
||||
{% endfor %}
|
||||
|
||||
# Exclude directories that contain a CACHEDIR.TAG file. See
|
||||
# http://www.brynosaurus.com/cachedir/spec.html for details.
|
||||
exclude_caches: true
|
||||
|
||||
# Exclude directories that contain a file with the given filename.
|
||||
exclude_if_present: .nobackup
|
||||
|
||||
# Repository storage options. See
|
||||
# https://borgbackup.readthedocs.io/en/stable/usage.html#borg-create and
|
||||
# https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables for
|
||||
# details.
|
||||
storage:
|
||||
encryption_passphrase: {{ borg_encryption_passphrase }}
|
||||
# Type of compression to use when creating archives. See
|
||||
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-create for details.
|
||||
# Defaults to no compression.
|
||||
compression: auto,zstd
|
||||
|
||||
# Remote network upload rate limit in kiBytes/second.
|
||||
#remote_rate_limit: 5000
|
||||
|
||||
# Command to use instead of just "ssh". This can be used to specify ssh options.
|
||||
# ssh_command: ssh -i ~/.ssh/id_ed25519
|
||||
|
||||
# Umask to be used for borg create.
|
||||
umask: 0077
|
||||
|
||||
# Maximum seconds to wait for acquiring a repository/cache lock.
|
||||
lock_wait: 5
|
||||
|
||||
# Name of the archive. Borg placeholders can be used. See the output of
|
||||
# "borg help placeholders" for details. Default is
|
||||
# "{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}". If you specify this option, you must
|
||||
# also specify a prefix in the retention section to avoid accidental pruning of
|
||||
# archives with a different archive name format. And you should also specify a
|
||||
# prefix in the consistency section as well.
|
||||
archive_name_format: '{hostname}-{now}'
|
||||
|
||||
# Retention policy for how many backups to keep in each category. See
|
||||
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-prune for details.
|
||||
# At least one of the "keep" options is required for pruning to work.
|
||||
retention:
|
||||
# Number of hourly archives to keep.
|
||||
keep_hourly: 3
|
||||
|
||||
# Number of daily archives to keep.
|
||||
keep_daily: 7
|
||||
|
||||
# Number of weekly archives to keep.
|
||||
keep_weekly: 4
|
||||
|
||||
# Number of monthly archives to keep.
|
||||
keep_monthly: 6
|
||||
|
||||
# When pruning, only consider archive names starting with this prefix.
|
||||
# Borg placeholders can be used. See the output of "borg help placeholders" for
|
||||
# details. Default is "{hostname}-".
|
||||
prefix: '{hostname}-'
|
||||
|
||||
# Consistency checks to run after backups. See
|
||||
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-check and
|
||||
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-extract for details.
|
||||
consistency:
|
||||
# List of one or more consistency checks to run: "repository", "archives", and/or
|
||||
# "extract". Defaults to "repository" and "archives". Set to "disabled" to disable
|
||||
# all consistency checks. "repository" checks the consistency of the repository,
|
||||
# "archive" checks all of the archives, and "extract" does an extraction dry-run
|
||||
# of just the most recent archive.
|
||||
checks:
|
||||
- disabled
|
||||
# - repository
|
||||
# - archives
|
||||
|
||||
# Restrict the number of checked archives to the last n. Applies only to the "archives" check.
|
||||
check_last: 3
|
||||
|
||||
# When performing the "archives" check, only consider archive names starting with
|
||||
# this prefix. Borg placeholders can be used. See the output of
|
||||
# "borg help placeholders" for details. Default is "{hostname}-".
|
||||
prefix: '{hostname}-'
|
||||
|
||||
# Shell commands or scripts to execute before and after a backup or if an error has occurred.
|
||||
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
|
||||
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
|
||||
# prevent potential shell injection or privilege escalation.
|
||||
hooks:
|
||||
# List of one or more shell commands or scripts to execute before creating a backup.
|
||||
before_backup:
|
||||
- echo "`date` - Starting backup."
|
||||
|
||||
# List of one or more shell commands or scripts to execute after creating a backup.
|
||||
after_backup:
|
||||
- echo "`date` - Finished backup."
|
||||
|
||||
# List of one or more shell commands or scripts to execute in case an exception has occurred.
|
||||
on_error:
|
||||
- echo "`date` - Error while creating a backup."
|
||||
|
2
tests/inventory
Normal file
2
tests/inventory
Normal file
@ -0,0 +1,2 @@
|
||||
[gce]
|
||||
debian9 ansible_ssh_host=35.231.187.214 ansible_ssh_user=erlebnishengst_gmail_com
|
12
tests/playbook.yml
Normal file
12
tests/playbook.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
- hosts: all
|
||||
become: yes
|
||||
roles:
|
||||
- role: borgbackup
|
||||
borg_encryption_passphrase: CHANGEME
|
||||
borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
|
||||
borg_source_directories:
|
||||
- /srv/www
|
||||
- /var/lib/automysqlbackup
|
||||
borg_exclude_patterns:
|
||||
- /srv/www/upload
|
14
vars/main.yml
Normal file
14
vars/main.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
borg_apt_packages:
|
||||
- libssl-dev
|
||||
- libacl1-dev
|
||||
- libacl1
|
||||
- build-essential
|
||||
- python3-dev
|
||||
- python3-pip
|
||||
- python3-msgpack
|
||||
|
||||
borg_python_packages:
|
||||
- borgbackup
|
||||
- borgmatic
|
||||
|
Loading…
Reference in New Issue
Block a user