Aucune description
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

backup.yml 2.4KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788
  1. - name: Install Borg-Backup, NFS Tools and their dependencies
  2. apt:
  3. name: "{{ packages }}"
  4. state: present
  5. vars:
  6. packages:
  7. - borgbackup
  8. - nfs-common
  9. - python-pexpect
  10. tags:
  11. - dependencies
  12. - name: Remove static route over VPN on shutdown
  13. lineinfile:
  14. path: /etc/network/interfaces.d/50-cloud-init.cfg
  15. insertafter: "iface eth0 inet dhcp"
  16. line: "pre-down ip route del {{ backup_vpn_net }} via {{ backup_vpn_bridge }} || true"
  17. - name: Add static route over VPN on boot
  18. lineinfile:
  19. path: /etc/network/interfaces.d/50-cloud-init.cfg
  20. insertafter: "iface eth0 inet dhcp"
  21. line: "post-up ip route add {{ backup_vpn_net }} via {{ backup_vpn_bridge }} || true"
  22. - name: Apply static route for current session
  23. command: "ip route add {{ backup_vpn_net }} via {{ backup_vpn_bridge }}"
  24. ignore_errors: yes
  25. - name: Creates directory for NFS mount
  26. file:
  27. path: "{{ backup_repo_dir }}"
  28. state: directory
  29. owner: root
  30. group: root
  31. ignore_errors: yes
  32. - name: Add NFS mount to /etc/fstab
  33. lineinfile:
  34. path: /etc/fstab
  35. line: "{{ backup_host }}:{{ backup_share }} {{ backup_repo_dir }} nfs rw,async,hard,intr,noexec 0 0"
  36. - name: Mount NFS share
  37. mount:
  38. path: "{{ backup_repo_dir }}"
  39. src: "{{ backup_host }}:{{ backup_share }}"
  40. fstype: "nfs"
  41. state: mounted
  42. - name: Create Borg Repo
  43. expect:
  44. chdir: "{{ backup_repo_dir }}"
  45. creates: "{{ backup_destination }}"
  46. command: "borg init --encryption=repokey {{ backup_repo_name }}"
  47. responses:
  48. "Enter new passphrase": "{{ backup_borg_passphrase }}"
  49. "Enter same passphrase again": "{{ backup_borg_passphrase }}"
  50. "Do you want your passphrase to be displayed for verification": "y"
  51. - name: Dump Borg Repo Key
  52. command: borg key export {{ backup_destination }} /home/deploy/borg_repo_key
  53. - name: Dump Borg Repo Key
  54. fetch:
  55. src: /home/deploy/borg_repo_key
  56. dest: "{{ secret }}/borg_repo_key"
  57. fail_on_missing: yes
  58. - name: Remove Borg Repo Key dump
  59. command: rm -rf /home/deploy/borg_repo_key
  60. - name: Unmount NFS share
  61. command: "umount -l {{ backup_repo_dir }}"
  62. - name: Copy backup script
  63. template:
  64. src: home_deploy_backup-root_sh.j2
  65. dest: /home/deploy/backup-root.sh
  66. owner: root
  67. group: root
  68. mode: 0500
  69. - name: Configure daily backup cronjob
  70. cron:
  71. hour: "1"
  72. minute: "0"
  73. job: /home/deploy/backup-root.sh
  74. name: "nas-backup"