data.coop/ansible
8
3
Fork 7
Code Issues 49 Pull requests 9 Projects 1 Releases Wiki Activity

Use Fedder's host for backups

Browse source
This commit is contained in:
Sam A. 2023-01-24 22:12:35 +01:00
parent ca3a869cd8
commit 3df4301513
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
2 changed files with 34 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
roles/docker/defaults/main.yml
View file

@ -49,9 +49,10 @@ services:
restic: restic:
file: restic_backup.yml file: restic_backup.yml
user: "datacoop" user: "dc-user"
domain: "restic.cannedtuna.org" domain: "rynkeby.skovgaard.tel"
repository: "datacoop-hevonen" volume_folder: "{{ volume_root_folder }}/restic"
repository: "/mnt/SpinningRust/data.coop-backup/restic"
ssh_pubkey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1lNLshXytq+mx2LPzm8Neh/nrVqCR3iDXPONzBag9s restic@fedder ssh_pubkey: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1lNLshXytq+mx2LPzm8Neh/nrVqCR3iDXPONzBag9s restic@fedder
version: "1.6.0" version: "1.6.0"
disabled_in_vagrant: true disabled_in_vagrant: true

33
roles/docker/tasks/services/restic_backup.yml
View file

@ -1,5 +1,29 @@
# vim: ft=yaml.ansible # vim: ft=yaml.ansible
--- ---
- name: Create SSH directory
file:
name: "{{ services.restic.volume_folder }}/ssh"
owner: root
group: root
mode: '0700'
state: directory
- name: Copy private SSH key
copy:
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519"
owner: root
group: root
mode: '0600'
content: "{{ restic_secrets.ssh_privkey }}"
- name: Copy public SSH key
copy:
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519.pub"
owner: root
group: root
mode: '0644'
content: "{{ services.restic.ssh_pubkey }}"
- name: Setup restic backup - name: Setup restic backup
docker_compose: docker_compose:
project_name: restic_backup project_name: restic_backup
@ -13,12 +37,12 @@
environment: environment:
RUN_ON_STARTUP: "false" RUN_ON_STARTUP: "false"
BACKUP_CRON: "0 30 3 * * *" BACKUP_CRON: "0 30 3 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}" RESTIC_REPOSITORY: "sftp:{{ services.restic.user }}@{{ services.restic.domain }}:{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}" RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
RESTIC_BACKUP_SOURCES: "/mnt/volumes" RESTIC_BACKUP_SOURCES: "/mnt/volumes"
RESTIC_BACKUP_ARGS: >- RESTIC_BACKUP_ARGS: >-
--tag datacoop-volumes --tag datacoop-volumes
--exclude='*.tmp' --exclude '*.tmp'
--verbose --verbose
RESTIC_FORGET_ARGS: >- RESTIC_FORGET_ARGS: >-
--keep-last 10 --keep-last 10
@ -27,6 +51,7 @@
--keep-monthly 12 --keep-monthly 12
TZ: Europe/Copenhagen TZ: Europe/Copenhagen
volumes: volumes:
- "{{ services.restic.volume_folder }}/ssh:/run/secrets/.ssh:ro"
- /docker-volumes:/mnt/volumes:ro - /docker-volumes:/mnt/volumes:ro
restic-prune: restic-prune:
@ -34,6 +59,8 @@
environment: environment:
RUN_ON_STARTUP: "false" RUN_ON_STARTUP: "false"
PRUNE_CRON: "0 0 4 * * *" PRUNE_CRON: "0 0 4 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}" RESTIC_REPOSITORY: "sftp:{{ services.restic.user }}@{{ services.restic.domain }}:{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}" RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
TZ: Europe/copenhagen TZ: Europe/copenhagen
volumes:
- "{{ services.restic.volume_folder }}/ssh:/run/secrets/.ssh:ro"