Add borg backup role
This commit is contained in:
Daniel A. Maierhofer
191
roles/borg_client/tasks/borgbackup_client.yml
Normal file
191
roles/borg_client/tasks/borgbackup_client.yml
Normal file
@@ -0,0 +1,191 @@
|
||||
---
|
||||
- name: check available SSH key types
|
||||
shell: ssh -Q key 2>/dev/null || echo "ssh-rsa"
|
||||
register: borgbackup_register_key_types
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
|
||||
- name: generate backup ssh-key
|
||||
user:
|
||||
name: root
|
||||
ssh_key_file: "{{ borgbackup_client_ssh_key_file }}"
|
||||
ssh_key_type: "{{ borgbackup_client_ssh_key_type }}"
|
||||
ssh_key_comment: "{{ borgbackup_client_ssh_key_comment }}"
|
||||
ssh_key_bits: 4096
|
||||
generate_ssh_key: yes
|
||||
|
||||
- name: fetch backup ssh-pubkey
|
||||
command: "cat {{ borgbackup_client_ssh_key_file }}.pub"
|
||||
check_mode: no
|
||||
register: borgbackup_client_ssh_pubkey_file
|
||||
changed_when: False
|
||||
|
||||
- name: add ssh-pubkey to backup server
|
||||
delegate_to: "{{ borgbackup_client_backup_server }}"
|
||||
# Start the delegate from the ansible master to avoid distributing more keys
|
||||
connection: local
|
||||
authorized_key:
|
||||
user: "{{ borgbackup_server_user }}"
|
||||
key: "{{ borgbackup_client_ssh_pubkey_file.stdout }}"
|
||||
key_options: 'command="cd {{ borgbackup_server_pool }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgbackup_server_pool }}/{{ inventory_hostname }}",restrict'
|
||||
|
||||
- name: create repo path for host
|
||||
delegate_to: "{{ borgbackup_client_backup_server }}"
|
||||
# Start the delegate from the ansible master to avoid distributing more keys
|
||||
connection: local
|
||||
file:
|
||||
path: "{{ borgbackup_server_pool }}/{{ inventory_hostname }}"
|
||||
owner: "{{ borgbackup_server_user }}"
|
||||
group: "{{ borgbackup_server_group }}"
|
||||
mode: 0700
|
||||
state: directory
|
||||
|
||||
- name: backup scripts dir
|
||||
file:
|
||||
path: "{{ borgbackup_client_scripts_dir }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0750
|
||||
state: directory
|
||||
|
||||
- name: backup supervision lastlog dir
|
||||
file:
|
||||
path: "{{ borgbackup_client_lastlog_dir }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
state: directory
|
||||
|
||||
- name: check if the repositories already exist
|
||||
command: "{{ borgbackup_binary }} list {{ borgbackup_server_user }}@{{ borgbackup_client_backup_server_lanfreebackup | default(borgbackup_client_backup_server) }}:{{ item.name }}"
|
||||
environment:
|
||||
- BORG_RSH: "ssh -o StrictHostKeyChecking=no -i {{ borgbackup_client_ssh_key_file }}"
|
||||
- BORG_PASSPHRASE: "{{ borgbackup_passphrase }}"
|
||||
with_items: "{{ borgbackup_create_jobs }}"
|
||||
register: list_repos
|
||||
failed_when: False
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
|
||||
- name: initialize empty list of initialized repositories
|
||||
set_fact:
|
||||
initialized_repos: []
|
||||
|
||||
- name: store only initialized repositories in the list
|
||||
set_fact:
|
||||
initialized_repos: "{{ initialized_repos }} + [ '{{ item.item.name }}' ]"
|
||||
with_items: "{{ list_repos.results }}"
|
||||
when: item.rc == 0
|
||||
|
||||
- name: initialize repositories
|
||||
command: "{{ borgbackup_binary }} init --encryption {{ borgbackup_encryption_mode }} {{ borgbackup_server_user }}@{{ borgbackup_client_backup_server_lanfreebackup | default(borgbackup_client_backup_server) }}:{{ item.name }}"
|
||||
environment:
|
||||
- BORG_RSH: "ssh -o StrictHostKeyChecking=no -i {{ borgbackup_client_ssh_key_file }}"
|
||||
- BORG_PASSPHRASE: "{{ borgbackup_passphrase }}"
|
||||
with_items: "{{ borgbackup_create_jobs }}"
|
||||
register: borgbackup_initialize_result
|
||||
failed_when: (borgbackup_initialize_result.rc != 0) and (borgbackup_initialize_result.stderr != "") and ('already exists' not in borgbackup_initialize_result.stderr)
|
||||
when: item.name not in initialized_repos
|
||||
|
||||
- name: generate filename for create / prune / check scripts
|
||||
set_fact:
|
||||
create_suffix_script_filename: "create_{{ borgbackup_client_backup_server.split('.')[0] }}"
|
||||
prune_suffix_script_filename: "prune_{{ borgbackup_client_backup_server.split('.')[0] }}"
|
||||
check_suffix_script_filename: "check_{{ borgbackup_client_backup_server.split('.')[0] }}"
|
||||
|
||||
#
|
||||
# borg create scripts
|
||||
#
|
||||
- name: deploy borg create scripts
|
||||
template:
|
||||
dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.sh"
|
||||
src: create_job.sh.j2
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
with_items: "{{ borgbackup_create_jobs }}"
|
||||
|
||||
- name: schedule borg create scripts on cron
|
||||
cron:
|
||||
name: "borg backup {{ item.name }}"
|
||||
user: root
|
||||
job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup"
|
||||
day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default('*') }}"
|
||||
hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + create_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(1) }}"
|
||||
minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + create_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}"
|
||||
state: present
|
||||
cron_file: "borgbackup_{{ item.name }}_{{ create_suffix_script_filename }}"
|
||||
with_items: "{{ borgbackup_create_jobs }}"
|
||||
|
||||
- name: deploy borg create fake logs, when no log yet
|
||||
shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.lastlog"
|
||||
args:
|
||||
chdir: "{{ borgbackup_client_lastlog_dir }}"
|
||||
creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ create_suffix_script_filename }}.lastlog"
|
||||
with_items: "{{ borgbackup_create_jobs }}"
|
||||
|
||||
#
|
||||
# borg prune scripts
|
||||
#
|
||||
- name: deploy borg prune scripts
|
||||
template:
|
||||
dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.sh"
|
||||
src: prune_job.sh.j2
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
with_items: "{{ borgbackup_prune_jobs }}"
|
||||
when: borgbackup_prune_enabled
|
||||
|
||||
- name: schedule borg prune scripts on cron
|
||||
cron:
|
||||
name: "borg prune {{ item.name }}"
|
||||
user: root
|
||||
job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup"
|
||||
day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default('*') }}"
|
||||
hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + prune_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(2) }}"
|
||||
minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + prune_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}"
|
||||
state: present
|
||||
cron_file: "borgbackup_{{ item.name }}_{{ prune_suffix_script_filename }}"
|
||||
with_items: "{{ borgbackup_prune_jobs }}"
|
||||
when: borgbackup_prune_enabled
|
||||
|
||||
- name: deploy borg prune fake logs, when no log yet
|
||||
shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.lastlog"
|
||||
args:
|
||||
chdir: "{{ borgbackup_client_lastlog_dir }}"
|
||||
creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ prune_suffix_script_filename }}.lastlog"
|
||||
with_items: "{{ borgbackup_prune_jobs }}"
|
||||
|
||||
#
|
||||
# borg check scripts
|
||||
#
|
||||
- name: deploy borg check scripts
|
||||
template:
|
||||
dest: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.sh"
|
||||
src: check_job.sh.j2
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
with_items: "{{ borgbackup_check_jobs }}"
|
||||
when: borgbackup_check_enabled
|
||||
|
||||
- name: schedule borg check scripts on cron
|
||||
cron:
|
||||
name: "borg check {{ item.name }}"
|
||||
user: root
|
||||
job: "{{ borgbackup_client_scripts_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.sh 2>&1 | /usr/bin/logger -t borgbackup"
|
||||
day: "{{ (item.day | default(1)) + (item.random_day | random(seed=item.name + check_suffix_script_filename + ansible_host))%28 if item.random_day is defined else item.day | default(1) }}"
|
||||
hour: "{{ (item.hour | default(1)) + (item.random_hour | random(seed=item.name + check_suffix_script_filename + ansible_host))%24 if item.random_hour is defined else item.hour | default(3) }}"
|
||||
minute: "{{ (item.minute | default(0)) + (item.random_minute | random(seed=ansible_host + item.name + check_suffix_script_filename))%60 if item.random_minute is defined else item.minute | default(0) }}"
|
||||
state: present
|
||||
cron_file: "borgbackup_{{ item.name }}_{{ check_suffix_script_filename }}"
|
||||
with_items: "{{ borgbackup_check_jobs }}"
|
||||
when: borgbackup_check_enabled
|
||||
|
||||
- name: deploy borg check fake logs, when no log yet
|
||||
shell: echo -ne "FAKE LOG\nterminating with success status, rc 0\n" | tee "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.lastlog"
|
||||
args:
|
||||
chdir: "{{ borgbackup_client_lastlog_dir }}"
|
||||
creates: "{{ borgbackup_client_lastlog_dir }}/{{ item.name }}_{{ check_suffix_script_filename }}.lastlog"
|
||||
with_items: "{{ borgbackup_check_jobs }}"
|
||||
Reference in New Issue
Block a user