From 1204730924436ef9e1c7c49c9557837f9a5ed0e8 Mon Sep 17 00:00:00 2001 From: clarkzjw Date: Wed, 8 Feb 2023 00:40:09 -0800 Subject: fork https://github.com/mattsta/mailweb --- ansible/roles/backup/tasks/main.yml | 40 +++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 ansible/roles/backup/tasks/main.yml (limited to 'ansible/roles/backup/tasks') diff --git a/ansible/roles/backup/tasks/main.yml b/ansible/roles/backup/tasks/main.yml new file mode 100644 index 0000000..fedc68b --- /dev/null +++ b/ansible/roles/backup/tasks/main.yml @@ -0,0 +1,40 @@ +--- +- name: install borgbackup + apt: + pkg: borgbackup + state: latest + +- name: install borgmatic + pip: + name: borgmatic + state: latest + +- name: create backup config dir + file: + path: /etc/borgmatic.d + owner: "{{ backup.runAs }}" + mode: 0700 + state: directory + +# Create backup config for entire server +# Ideally we only have one type of data to backup per server and the rest +# can be re-constructed as necessary through auto-deploy processes +- name: populate borgmatic config with details for hosts + template: + src: borgmatic.yml.j2 + dest: /etc/borgmatic.d/system.backup.yml + owner: "{{ backup.runAs }}" + mode: 0600 + +# Note: right now we aren't populating an 'excludes' file +# If we need 'excludes' in the future, append '--excludes [excludesDirsFile]' +# ALSO NOTE: your backup.runAs user MUST MANUALLY ACCEPT THE BACKUP HOST SSH KEY +# Backup will stall if unattended ssh sees new host fingerprint needing approval +- name: install backup crontab + cron: + name: "Backup Offsite" + minute: 32 + hour: 3 + job: "borgmatic --verbosity 1 -c /etc/borgmatic.d/system.backup.yml" + user: "{{ backup.runAs }}" + cron_file: backup_offsite -- cgit v1.2.3