WIP: backups with borg and borgmatic #39

Manually merged
jeltz merged 45 commits from backups into master 2024-07-01 01:55:28 +02:00
5 changed files with 33 additions and 11 deletions
Showing only changes of commit c99b611b8f - Show all commits

View file

@ -3,7 +3,7 @@
roles: roles:
- borgbackup_server - borgbackup_server
- host: all, !unifi - hosts: all,!unifi
roles: roles:
- borgbackup_client - borgbackup_client
... ...

View file

@ -103,3 +103,5 @@ borg_backup_directories:
- "/etc/" - "/etc/"
- "/var/" - "/var/"
borg_encryption_passphrase: "{{ vault_borg_encryption_passphrase }}" borg_encryption_passphrase: "{{ vault_borg_encryption_passphrase }}"
borg_server_host: 10.128.0.4

View file

@ -1,18 +1,19 @@
--- ---
- name: Pin borgmatic - name: Pin borgmatic
template: template:
src: "apt/{{ item }}.j2" src: "{{ item.src }}"
dest: "/etc/apt/{{ item }}" dest: "{{ item.dest }}"
owner: root owner: root
group: root group: root
mode: u=rw,g=r,o= mode: u=rw,g=r,o=
loop: loop:
- sources.list.d/bullseye.list - src: apt/list.j2
- preferences.d/borgmatic-bullseye dest: /etc/apt/sources.list.d/bullseye.list
- src: apt/preferences.j2
dest: /etc/apt/preferences.d/borgmatic-bullseye
when: when:
- ansible_distribution == "Debian" - ansible_distribution == "Debian"
- ansible_distribution_major_version | int <= 10 - ansible_distribution_major_version | int <= 10
- ansible_distribution_release != "bullseye"
- name: Don't pin borgmatic if we are on bullseye - name: Don't pin borgmatic if we are on bullseye
file: file:
@ -32,10 +33,18 @@
retries: 3 retries: 3
until: apt_result is succeeded until: apt_result is succeeded
- name: Create /etc/borgbackup
file:
path: /etc/borgbackup
state: directory
owner: root
group: root
mode: u=rwx,g=rx,o=
- name: Create SSH key - name: Create SSH key
openssh_keypair: openssh_keypair:
path: /etc/borgbackup/id_remote path: "/etc/borgbackup/id_remote"
type: ed25519 type: rsa
owner: root owner: root
group: root group: root
mode: u=r,g=r,o= mode: u=r,g=r,o=
@ -79,8 +88,6 @@
- borgmatic.service - borgmatic.service
notify: notify:
- Run systemd daemon-reload - Run systemd daemon-reload
- Start and enable borgmatic timer
- Start and enable borgmatic service
- name: Start and enable borgmatic timer - name: Start and enable borgmatic timer
systemd: systemd:
@ -94,7 +101,8 @@
state: started state: started
enabled: true enabled: true
- include_role: update_motd - include_role:
name: update_motd
vars: vars:
key: 10-borgmatic key: 10-borgmatic
message: Borgmatic (client) est installé dans /etc/borgmatic/config.yaml. message: Borgmatic (client) est installé dans /etc/borgmatic/config.yaml.

View file

@ -0,0 +1,3 @@
{{ ansible_managed | comment }}
deb https://deb.debian.org/debian/ bullseye main

View file

@ -0,0 +1,9 @@
{{ ansible_managed | comment }}
Package: *
Pin: release n=bullseye
Pin-Priority: 1
Package: borgmatic
Pin: release n=bullseye
Pin-Priority: 900