adyxax/ansible-role-borg
Archived
1
0
Fork 0
Code Issues Activity

Revitalized the borg role

Browse source
This commit is contained in:
Julien Dessaux 2021-02-11 19:10:38 +01:00
parent 0087b1fc16
commit 6e49d2b6c7
11 changed files with 85 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
README Normal file
View file

@ -0,0 +1,16 @@
There are several variables you can define to configure a machines response to the borg role :
- is_borg_server: a boolean that indicates if a machine will act as a borg server
- borg_server: a string that contains a borg servers hostname
- borg_jobs: a list of dict, one item per job with the following keys:
- name: the name of the borg job
- path: an optional path containing the files to backup
- command_to_pipe: an optional command to pipe the backup data from
- pre_command: an optional command to run before a job
- post_command: an optional command to run after a job
To be valid, a borg job entry needs to have exactly one of the path or command_to_pipe keys.
Here are some job examples :
- { name: etc, path: "/etc" }
- { name: mysqldump, command_to_pipe: "/usr/bin/mysqldump -h {{ mysql_server }} -u{{ ansible_hostname }} -p{{ ansible_local.mysql_client.password }} --single-transaction --add-drop-database -B {{ ansible_hostname }}" }
- { name: gitea, path: "/tmp/gitea.zip", pre_command: "echo '/usr/local/sbin/gitea -C /etc/gitea -c /etc/gitea/app.ini dump -f /tmp/gitea.zip' | su -l _gitea", post_command: "rm -f /tmp/gitea.zip" }

26
files/borg.fact
View file

@ -4,19 +4,21 @@
# ~~~~ ~~~~ # # ~~~~ ~~~~ #
############################################################################### ###############################################################################
echo '{' printf "{\n"
if [ -e '/root/.ssh/borg.pub' ]; then if [ -e '/root/.ssh/borg.pub' ]; then
pubkey=`cat /root/.ssh/borg.pub | tr -d "\n"` pubkey=`cat /root/.ssh/borg.pub | tr -d "\n"`
echo -ne ' "pubkey": "'$pubkey'"' printf " \"pubkey\": \"$pubkey\""
pubkey_prefix=",\n" pubkey_prefix=",\n"
fi fi
if [ -e '/srv/borg/repos/' ]; then if [ -e '/srv/borg/repos/' ]; then
echo -ne "${pubkey_prefix:-}"' "repos": {'"\n" printf "${pubkey_prefix:-} \"repos\": {\n"
for repo in `ls /srv/borg/repos/`; do for repo in `ls /srv/borg/repos/`; do
id=`awk '/^id =/ {print $3}' /srv/borg/repos/${repo}/config` if [ -e "/srv/borg/repos/${repo}/config" ]; then
echo -ne ${repo_prefix:-}' "'$repo'": "'$id'"' id=`awk '/^id =/ {print $3}' /srv/borg/repos/${repo}/config`
repo_prefix=",\n" printf "${repo_prefix:-} \"$repo\": \"$id\""
done repo_prefix=",\n"
echo -ne "\n }" fi
done
printf "\n }"
fi fi
echo -ne "\n}" printf "\n}"

35
tasks/client.yml
View file

@ -27,10 +27,7 @@
delegate_to: "{{ borg_server }}" delegate_to: "{{ borg_server }}"
- name: create borg client repo on server - name: create borg client repo on server
command: "borg init --encryption=none /srv/borg/repos/{{ ansible_hostname }}" shell: "echo \"borg init --encryption=none /srv/borg/repos/{{ ansible_hostname }}\" | su -l borg"
become: yes
become_method: su
become_user: borg
delegate_to: "{{ borg_server }}" delegate_to: "{{ borg_server }}"
args: args:
creates: "/srv/borg/repos/{{ ansible_hostname }}/config" creates: "/srv/borg/repos/{{ ansible_hostname }}/config"
@ -56,10 +53,15 @@
- name: make the repo known to the client - name: make the repo known to the client
copy: copy:
dest: "/root/.config/borg/security/{{ hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] }}/key-type" dest: "/root/.config/borg/security/{{ hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] }}/{{ item.dest }}"
content: "2" content: "{{ item.content }}"
owner: root owner: root
mode: 0600 mode: 0600
loop:
- { dest: key-type, content: "2" }
- { dest: location, content: "ssh://borg@{{ borg_server }}/srv/borg/repos/{{ ansible_hostname }}" }
- { dest: manifest-timestamp, content: "{{ ansible_date_time['iso8601_micro'] }}" }
changed_when: false
- name: deploy borg backup script - name: deploy borg backup script
template: template:
@ -68,23 +70,6 @@
owner: root owner: root
mode: 0500 mode: 0500
- name: activate borg cron on alpine - name: Run OS specific tasks
lineinfile: include_tasks: "roles/borg/tasks/client_{{ ansible_distribution }}.yml"
line: '0 23 * * * /usr/local/bin/adyxax_backup.sh'
path: /etc/crontabs/root
when: ansible_os_family == 'Alpine'
- name: activate borg cron on gentoo or redhat
file:
state: link
src: /usr/local/bin/adyxax_backup.sh
dest: /etc/cron.daily/backup
when: ansible_os_family == 'Gentoo' or ansible_os_family == 'RedHat'
- name: activate borg cron on openbsd
lineinfile:
line: '0 23 * * * /usr/local/bin/adyxax_backup.sh'
path: /var/cron/tabs/root
when: ansible_os_family == 'OpenBSD'
notify: restart openbsd cron
... ...

6
tasks/client_Alpine.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: activate borg cron
lineinfile:
line: '0 23 * * * /usr/local/bin/adyxax_backup.sh'
path: /etc/crontabs/root
...

7
tasks/client_Gentoo.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: activate borg cron
file:
state: link
src: /usr/local/bin/adyxax_backup.sh
dest: /etc/cron.daily/backup
...

7
tasks/client_OpenBSD.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: activate borg cron
lineinfile:
line: '0 23 * * * /usr/local/bin/adyxax_backup.sh'
path: /var/cron/tabs/root
notify: restart openbsd cron
...

7
tasks/client_RedHat.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: activate borg cron
file:
state: link
src: /usr/local/bin/adyxax_backup.sh
dest: /etc/cron.daily/backup
...

7
tasks/client_Ubuntu.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: activate borg cron
file:
state: link
src: /usr/local/bin/adyxax_backup.sh
dest: /etc/cron.daily/backup
...

1
tasks/server.yml
View file

@ -7,6 +7,7 @@
- name: Create borg user on server - name: Create borg user on server
user: user:
name: borg name: borg
group: borg
shell: /bin/sh shell: /bin/sh
home: /srv/borg home: /srv/borg
createhome: yes createhome: yes

6
templates/backup.sh.j2
View file

@ -9,11 +9,17 @@ export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export BORG_RSH="ssh -i /root/.ssh/borg" export BORG_RSH="ssh -i /root/.ssh/borg"
{% for job in borg_jobs %} {% for job in borg_jobs %}
{% if job.pre_command is defined %}
{{ job.pre_command }}
{% endif %}
{% if job.command_to_pipe is defined %} {% if job.command_to_pipe is defined %}
{{ job.command_to_pipe }} | borg create borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }}::{{ job.name }}-{now} {{ job.path | default('-') }} {{ job.command_to_pipe }} | borg create borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }}::{{ job.name }}-{now} {{ job.path | default('-') }}
{% else %} {% else %}
borg create borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }}::{{ job.name }}-{now} {{ job.path }} borg create borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }}::{{ job.name }}-{now} {{ job.path }}
{% endif %} {% endif %}
{% if job.post_command is defined %}
{{ job.post_command }}
{% endif %}
{% endfor %} {% endfor %}
borg prune borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }} {{ borg_prune_arguments }} borg prune borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }} {{ borg_prune_arguments }}

4
vars/Debian.yml Normal file
View file

@ -0,0 +1,4 @@
---
borg_packages:
- borgbackup
...