initial commit
This commit is contained in:
commit
fecacf36d9
20
LICENSE
Normal file
20
LICENSE
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
The MIT License (MIT)
|
||||||
|
|
||||||
|
Copyright (c) 2018 Manuel Riel
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||||
|
this software and associated documentation files (the "Software"), to deal in
|
||||||
|
the Software without restriction, including without limitation the rights to
|
||||||
|
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||||
|
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||||
|
subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all
|
||||||
|
copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||||
|
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||||
|
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||||
|
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||||
|
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
34
README.md
Normal file
34
README.md
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
# Ansible Role: BorgBackup Client
|
||||||
|
|
||||||
|
An Ansible Role that installs that sets up BorgBackup on Debian/Ubuntu.
|
||||||
|
|
||||||
|
## Role Variables
|
||||||
|
|
||||||
|
- `borg_repository` (required): Full path to repository.
|
||||||
|
- `borg_encryption_passphrase` (optional): Password to use for repokey or keyfile. Empty if repo is unencrypted.
|
||||||
|
- `borg_source_directories` (required): List of local folders to back up.
|
||||||
|
- `borg_exclude_patterns` (optional): List of local folders to exclude.
|
||||||
|
|
||||||
|
|
||||||
|
## Example Playbook
|
||||||
|
|
||||||
|
```
|
||||||
|
- hosts: webservers
|
||||||
|
roles:
|
||||||
|
- role: borgbackup
|
||||||
|
borg_encryption_passphrase: CHANGEME
|
||||||
|
borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
|
||||||
|
borg_source_directories:
|
||||||
|
- /srv/www
|
||||||
|
- /var/lib/automysqlbackup
|
||||||
|
borg_exclude_patterns:
|
||||||
|
- /srv/www/upload
|
||||||
|
```
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
MIT/BSD
|
||||||
|
|
||||||
|
## Author
|
||||||
|
|
||||||
|
This role was created by Manuel Riel, founder of [BorgBase.com](https://www.borgbase.com) - Simple and Secure Hosting for your Borg Repositories.
|
3
defaults/main.yml
Executable file
3
defaults/main.yml
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
borg_encryption_passphrase: ''
|
||||||
|
borg_exclude_patterns: []
|
48
tasks/main.yml
Executable file
48
tasks/main.yml
Executable file
@ -0,0 +1,48 @@
|
|||||||
|
---
|
||||||
|
- name: Regenerate apt-cache and update packages
|
||||||
|
apt: update_cache=yes upgrade=dist cache_valid_time=120
|
||||||
|
|
||||||
|
- name: Install required System Packages
|
||||||
|
apt:
|
||||||
|
pkg: "{{ item }}"
|
||||||
|
state: installed
|
||||||
|
with_items: "{{ borg_apt_packages }}"
|
||||||
|
|
||||||
|
- name: Install required Python Packages
|
||||||
|
pip:
|
||||||
|
name: "{{ item }}"
|
||||||
|
executable: pip3
|
||||||
|
with_items: "{{ borg_python_packages }}"
|
||||||
|
|
||||||
|
- name: Ensure root has SSH key.
|
||||||
|
user:
|
||||||
|
name: "root"
|
||||||
|
generate_ssh_key: yes
|
||||||
|
ssh_key_file: .ssh/id_ed25519
|
||||||
|
ssh_key_type: ed25519
|
||||||
|
register: root_user
|
||||||
|
|
||||||
|
- debug:
|
||||||
|
var: root_user['ssh_public_key']
|
||||||
|
|
||||||
|
- name: Ensures /etc/borgmatic exists
|
||||||
|
file:
|
||||||
|
path: /etc/borgmatic
|
||||||
|
state: directory
|
||||||
|
mode: 0700
|
||||||
|
owner: root
|
||||||
|
|
||||||
|
- name: Add Borgmatic Configuration
|
||||||
|
template:
|
||||||
|
src: config.yaml.j2
|
||||||
|
dest: "/etc/borgmatic/config.yaml"
|
||||||
|
mode: 0600
|
||||||
|
|
||||||
|
- name: Add cron-job for borgmatic
|
||||||
|
cron:
|
||||||
|
name: "borgmatic"
|
||||||
|
hour: "{{ 4 |random }}"
|
||||||
|
minute: "{{ 59 |random }}"
|
||||||
|
user: "root"
|
||||||
|
cron_file: borgmatic
|
||||||
|
job: "/usr/local/bin/borgmatic"
|
115
templates/config.yaml.j2
Normal file
115
templates/config.yaml.j2
Normal file
@ -0,0 +1,115 @@
|
|||||||
|
location:
|
||||||
|
source_directories:
|
||||||
|
{% for dir in borg_source_directories %}
|
||||||
|
- {{ dir }}
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
one_file_system: true
|
||||||
|
repositories:
|
||||||
|
- {{ borg_repository }}
|
||||||
|
|
||||||
|
# Any paths matching these patterns are excluded from backups. Globs and tildes
|
||||||
|
# are expanded. See the output of "borg help patterns" for more details.
|
||||||
|
exclude_patterns:
|
||||||
|
{% for dir in borg_exclude_patterns %}
|
||||||
|
- {{ dir }}
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
# Exclude directories that contain a CACHEDIR.TAG file. See
|
||||||
|
# http://www.brynosaurus.com/cachedir/spec.html for details.
|
||||||
|
exclude_caches: true
|
||||||
|
|
||||||
|
# Exclude directories that contain a file with the given filename.
|
||||||
|
exclude_if_present: .nobackup
|
||||||
|
|
||||||
|
# Repository storage options. See
|
||||||
|
# https://borgbackup.readthedocs.io/en/stable/usage.html#borg-create and
|
||||||
|
# https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables for
|
||||||
|
# details.
|
||||||
|
storage:
|
||||||
|
encryption_passphrase: {{ borg_encryption_passphrase }}
|
||||||
|
# Type of compression to use when creating archives. See
|
||||||
|
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-create for details.
|
||||||
|
# Defaults to no compression.
|
||||||
|
compression: auto,zstd
|
||||||
|
|
||||||
|
# Remote network upload rate limit in kiBytes/second.
|
||||||
|
#remote_rate_limit: 5000
|
||||||
|
|
||||||
|
# Command to use instead of just "ssh". This can be used to specify ssh options.
|
||||||
|
# ssh_command: ssh -i ~/.ssh/id_ed25519
|
||||||
|
|
||||||
|
# Umask to be used for borg create.
|
||||||
|
umask: 0077
|
||||||
|
|
||||||
|
# Maximum seconds to wait for acquiring a repository/cache lock.
|
||||||
|
lock_wait: 5
|
||||||
|
|
||||||
|
# Name of the archive. Borg placeholders can be used. See the output of
|
||||||
|
# "borg help placeholders" for details. Default is
|
||||||
|
# "{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}". If you specify this option, you must
|
||||||
|
# also specify a prefix in the retention section to avoid accidental pruning of
|
||||||
|
# archives with a different archive name format. And you should also specify a
|
||||||
|
# prefix in the consistency section as well.
|
||||||
|
archive_name_format: '{hostname}-{now}'
|
||||||
|
|
||||||
|
# Retention policy for how many backups to keep in each category. See
|
||||||
|
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-prune for details.
|
||||||
|
# At least one of the "keep" options is required for pruning to work.
|
||||||
|
retention:
|
||||||
|
# Number of hourly archives to keep.
|
||||||
|
keep_hourly: 3
|
||||||
|
|
||||||
|
# Number of daily archives to keep.
|
||||||
|
keep_daily: 7
|
||||||
|
|
||||||
|
# Number of weekly archives to keep.
|
||||||
|
keep_weekly: 4
|
||||||
|
|
||||||
|
# Number of monthly archives to keep.
|
||||||
|
keep_monthly: 6
|
||||||
|
|
||||||
|
# When pruning, only consider archive names starting with this prefix.
|
||||||
|
# Borg placeholders can be used. See the output of "borg help placeholders" for
|
||||||
|
# details. Default is "{hostname}-".
|
||||||
|
prefix: '{hostname}-'
|
||||||
|
|
||||||
|
# Consistency checks to run after backups. See
|
||||||
|
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-check and
|
||||||
|
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-extract for details.
|
||||||
|
consistency:
|
||||||
|
# List of one or more consistency checks to run: "repository", "archives", and/or
|
||||||
|
# "extract". Defaults to "repository" and "archives". Set to "disabled" to disable
|
||||||
|
# all consistency checks. "repository" checks the consistency of the repository,
|
||||||
|
# "archive" checks all of the archives, and "extract" does an extraction dry-run
|
||||||
|
# of just the most recent archive.
|
||||||
|
checks:
|
||||||
|
- disabled
|
||||||
|
# - repository
|
||||||
|
# - archives
|
||||||
|
|
||||||
|
# Restrict the number of checked archives to the last n. Applies only to the "archives" check.
|
||||||
|
check_last: 3
|
||||||
|
|
||||||
|
# When performing the "archives" check, only consider archive names starting with
|
||||||
|
# this prefix. Borg placeholders can be used. See the output of
|
||||||
|
# "borg help placeholders" for details. Default is "{hostname}-".
|
||||||
|
prefix: '{hostname}-'
|
||||||
|
|
||||||
|
# Shell commands or scripts to execute before and after a backup or if an error has occurred.
|
||||||
|
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
|
||||||
|
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
|
||||||
|
# prevent potential shell injection or privilege escalation.
|
||||||
|
hooks:
|
||||||
|
# List of one or more shell commands or scripts to execute before creating a backup.
|
||||||
|
before_backup:
|
||||||
|
- echo "`date` - Starting backup."
|
||||||
|
|
||||||
|
# List of one or more shell commands or scripts to execute after creating a backup.
|
||||||
|
after_backup:
|
||||||
|
- echo "`date` - Finished backup."
|
||||||
|
|
||||||
|
# List of one or more shell commands or scripts to execute in case an exception has occurred.
|
||||||
|
on_error:
|
||||||
|
- echo "`date` - Error while creating a backup."
|
||||||
|
|
2
tests/inventory
Normal file
2
tests/inventory
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
[gce]
|
||||||
|
debian9 ansible_ssh_host=35.231.187.214 ansible_ssh_user=erlebnishengst_gmail_com
|
12
tests/playbook.yml
Normal file
12
tests/playbook.yml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
become: yes
|
||||||
|
roles:
|
||||||
|
- role: borgbackup
|
||||||
|
borg_encryption_passphrase: CHANGEME
|
||||||
|
borg_repository: m5vz9gp4@m5vz9gp4.repo.borgbase.com:repo
|
||||||
|
borg_source_directories:
|
||||||
|
- /srv/www
|
||||||
|
- /var/lib/automysqlbackup
|
||||||
|
borg_exclude_patterns:
|
||||||
|
- /srv/www/upload
|
14
vars/main.yml
Normal file
14
vars/main.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
---
|
||||||
|
borg_apt_packages:
|
||||||
|
- libssl-dev
|
||||||
|
- libacl1-dev
|
||||||
|
- libacl1
|
||||||
|
- build-essential
|
||||||
|
- python3-dev
|
||||||
|
- python3-pip
|
||||||
|
- python3-msgpack
|
||||||
|
|
||||||
|
borg_python_packages:
|
||||||
|
- borgbackup
|
||||||
|
- borgmatic
|
||||||
|
|
Loading…
Reference in New Issue
Block a user