ansible/ansible_role_restic_archiver
1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_restic_archiver.git synced 2024-08-16 10:09:49 +02:00
Code Issues Releases Activity

add README and complete template

Browse source
This commit is contained in:
L3D 2020-12-14 11:19:18 +01:00 committed by Lilian Roller
parent 2e0a88aa8b
commit fd0598667d
No known key found for this signature in database
GPG key ID: 5215C3441797AB2B
9 changed files with 153 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
.github/workflows/ansible-debian-buster.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Ansible check debian:buster
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ansible check with debian:buster
uses: roles-ansible/check-ansible-debian-buster-action@master
with:
targets: "./"

16
.github/workflows/ansible-debian-latest.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Ansible check debian:latest
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ansible check with debian:latest
uses: roles-ansible/check-ansible-debian-latest-action@master
with:
targets: "./"

16
.github/workflows/ansible-debian-sid.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Ansible check debian:sid
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ansible check with debian:sid
uses: roles-ansible/check-ansible-debian-sid-action@master
with:
targets: "./"

16
.github/workflows/ansible-debian-stable.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Ansible check debian:stable
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ansible check with debian:stable
uses: roles-ansible/check-ansible-debian-stable-action@master
with:
targets: "./"

16
.github/workflows/ansible-debian-stretch.yml vendored Normal file
View file

@ -0,0 +1,16 @@
name: Ansible check debian:stretch
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: ansible check with debian:stretch
uses: roles-ansible/check-ansible-debian-stretch-action@master
with:
targets: "./"

58
README.md
View file

@ -1,14 +1,58 @@
ansible_role_restic_archiver ansible_role_restic_archiver
====================== ======================
## **ATTENTION** This role is under developement ansible role to "archive" restic backups.
<!--
![🎭 Tests](https://github.com/arillso/ansible.restic/workflows/%F0%9F%8E%AD%20Tests/badge.svg) The scenario for this role is:
[![license](https://img.shields.io/github/license/mashape/apistatus.svg?style=popout-square)](https://sbaerlo.ch/licence) - You have the restic rest server running in write-only mode
[![Ansible Galaxy](https://img.shields.io/badge/ansible- -galaxy-restic-blue.svg?style=popout-square)](https://galaxy.ansible.com/arillso/restic) - you send backups from other servers to your restic backup server
[![Ansible Role](https://img.shields.io/ansible/role/d/42773.svg?style=popout-square)](https://galaxy.ansible.com/arillso/restic)
--> Now you don't want to store all backups indefinitely, but only for the last days a daily backup and otherwise weekly, monthly, yearly a few... just like you do it.
Of course you don't want to give access to others, so you solve the whole thing with a local cronjob. And this cronjob is built with this Ansible role.
As a bonus feature, you can optionally transfer the backups to another disk (even with a different password). Which is also a very charming backup concept from a security point of view.
Variables:
---------
```ini
# which repos should we 'cleanup' by default
restic_archiver__repos: {}
# - name: example_server:
# location: /srv/restic/example_server_repo
# password: securepassword4eXaMpleSserver
# - name: other_server
# location: /srv/restic/other_server_repo
# password: xtrasecuredifferentpassword4other
# archive: true
# archive_location: /mnt/archive/other_server_repo
# archive_password: archive4other_server_password
# archive_cleanup: true
# keep_last: 5
# keep_hourly: 4
# keep_daily: 1
# keep_weekly: 1
# keep_monthly: 1
# keep_yearly: 1
# keep_within: 1
# how long should we store all backups by default
restic_archiver__keep: 9
restic_archiver__keep_hourly: 28
restic_archiver__keep_daily: 26
restic_archiver__keep_weekly: 8
restic_archiver__keep_monthly: 13
restic_archiver__keep_yearly: 12
# owner and user of all restic stuff
restic_archiver__owner: 'root'
restic_archiver__group: 'root'
# shedule restic cronjob
restic_archiver__hour: '3'
restic_archiver__minute: '32'
# version check for this playbook (true is recomended)
submodules_versioncheck: false
```

18
defaults/main.yml
View file

@ -27,17 +27,13 @@ restic_archiver__keep_weekly: 8
restic_archiver__keep_monthly: 13 restic_archiver__keep_monthly: 13
restic_archiver__keep_yearly: 12 restic_archiver__keep_yearly: 12
# owner and user of all restic stuff
restic_archiver__owner: 'root'
restic_archiver__group: 'root'
# shedule restic cronjob
restic_archiver__hour: '3'
restic_archiver__minute: '32'
# defaults file for skeleton # version check for this playbook (true is recomended)
restic_install_path: '/usr/bin'
restic_script_dir: '~/restic'
restic_repos: {}
restic_archiver__backups: []
restic_create_cron: false
restic_archiver__dir_owner: '{{ ansible_user | default(ansible_user_id) }}'
restic_archiver__dir_group: '{{ ansible_user | default(ansible_user_id) }}'
# version check for this playbook
submodules_versioncheck: false submodules_versioncheck: false

52
tasks/main.yml
View file

@ -2,45 +2,21 @@
- include_tasks: versioncheck.yml - include_tasks: versioncheck.yml
when: submodules_versioncheck|bool when: submodules_versioncheck|bool
- name: use template - name: deploy restic template
template: template:
src: templates/restic_forget_snapshots.j2 src: templates/restic_forget_snapshots.j2
dest: /tmp/test dest: /opt/restic-backup.sh
group: "{{ restic_archiver__dir_owner }}" group: "{{ restic_archiver__owner }}"
owner: "{{ restic_archiver__dir_group }}" owner: "{{ restic_archiver__group }}"
mode: 0700 mode: 0700
# no_log: true become: true
- name: setup cronjob for restic
#- include_tasks: template.yml become: true
cron:
#- name: add OS specific variables name: "archive restic backup with ansible_role_restic_archiver"
# include_vars: '{{ loop_vars }}' job: /opt/restic-backup.sh
# with_first_found: cron_file: /tec/crontab
# - files: hour: "{{ restic_archiver__hour }}"
# - '{{ distribution }}-{{ distribution_version }}.yml' minute: "{{ restic_archiver__minute }}"
# - '{{ distribution }}-{{ distribution_major_version }}.yml' user: "{{ restic_archiver__user }}"
# - '{{ distribution }}.yml'
# - '{{ ansible_os_family }}.yml'
# - '{{ ansible_system }}.yml'
# - 'defaults.yml'
# paths:
## - 'vars'
# loop_control:
# loop_var: loop_vars
# vars:
# distribution: '{{ ansible_distribution }}'
# distribution_version: '{{ ansible_distribution_version }}'
# distribution_major_version: '{{ ansible_distribution_major_version }}'
# tags:
# - configuration
# - packages
#- name: Ensure restic directories exist
# file:
# state: 'directory'
# path: '{{ item }}'
# mode: '0755'
# owner: '{{ restic_dir_owner }}'
# group: '{{ restic_dir_group }}'
# with_items: '{{ restic_create_paths }}'

2
vars/main.yml
View file

@ -1,3 +1,3 @@
--- ---
playbook_version_number: 20 # should be over ninethousand playbook_version_number: 23 # should be over ninethousand
playbook_version_path: 'role-restic_archiver_roles-ansible_github.com.version' playbook_version_path: 'role-restic_archiver_roles-ansible_github.com.version'