data.coop
/
ansible
8
3
Fork 7
Code Issues 44 Pull Requests 7 Projects 1 Releases Wiki Activity

Use Fedder's host for backups

This commit is contained in:
Sam A. 2023-01-24 22:12:35 +01:00
parent ca3a869cd8
commit 3df4301513
Signed by: samsapti
GPG Key ID: CBBBE7371E81C4EA
2 changed files with 34 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
roles/docker/defaults/main.yml
View File

@ -49,9 +49,10 @@ services:
restic:
file: restic_backup.yml
user: "datacoop"
domain: "restic.cannedtuna.org"
repository: "datacoop-hevonen"
user: "dc-user"
domain: "rynkeby.skovgaard.tel"
volume_folder: "{{ volume_root_folder }}/restic"
repository: "/mnt/SpinningRust/data.coop-backup/restic"
ssh_pubkey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1lNLshXytq+mx2LPzm8Neh/nrVqCR3iDXPONzBag9s restic@fedder
version: "1.6.0"
disabled_in_vagrant: true

33
roles/docker/tasks/services/restic_backup.yml
View File

@ -1,5 +1,29 @@
# vim: ft=yaml.ansible
---
- name: Create SSH directory
file:
name: "{{ services.restic.volume_folder }}/ssh"
owner: root
group: root
mode: '0700'
state: directory
- name: Copy private SSH key
copy:
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519"
owner: root
group: root
mode: '0600'
content: "{{ restic_secrets.ssh_privkey }}"
- name: Copy public SSH key
copy:
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519.pub"
owner: root
group: root
mode: '0644'
content: "{{ services.restic.ssh_pubkey }}"
- name: Setup restic backup
docker_compose:
project_name: restic_backup
@ -13,12 +37,12 @@
environment:
RUN_ON_STARTUP: "false"
BACKUP_CRON: "0 30 3 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_REPOSITORY: "sftp:{{ services.restic.user }}@{{ services.restic.domain }}:{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
RESTIC_BACKUP_SOURCES: "/mnt/volumes"
RESTIC_BACKUP_ARGS: >-
--tag datacoop-volumes
--exclude='*.tmp'
--exclude '*.tmp'
--verbose
RESTIC_FORGET_ARGS: >-
--keep-last 10
@ -27,6 +51,7 @@
--keep-monthly 12
TZ: Europe/Copenhagen
volumes:
- "{{ services.restic.volume_folder }}/ssh:/run/secrets/.ssh:ro"
- /docker-volumes:/mnt/volumes:ro
restic-prune:
@ -34,6 +59,8 @@
environment:
RUN_ON_STARTUP: "false"
PRUNE_CRON: "0 0 4 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_REPOSITORY: "sftp:{{ services.restic.user }}@{{ services.restic.domain }}:{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
TZ: Europe/copenhagen
volumes:
- "{{ services.restic.volume_folder }}/ssh:/run/secrets/.ssh:ro"