diff --git a/backup_playbook.yml b/backup_playbook.yml deleted file mode 100644 index 9d79c12..0000000 --- a/backup_playbook.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Backup bfportal vps - hosts: bfportal - become: true - roles: - - role: gametools.setup.backup diff --git a/collections/ansible_collections/gametools/setup/roles/backup/tasks/docker_backup.yml b/collections/ansible_collections/gametools/setup/roles/backup/tasks/docker_backup.yml new file mode 100644 index 0000000..ea72c44 --- /dev/null +++ b/collections/ansible_collections/gametools/setup/roles/backup/tasks/docker_backup.yml @@ -0,0 +1,15 @@ +--- +- name: Include the secret file + ansible.builtin.include_vars: + file: secret.yml + +- name: Register docker volume backup jobs + ansible.builtin.cron: + name: "Backup job {{ item.id }}" + hour: "{{ item.hour }}" + minute: "{{ 59 |random(seed=item.id) }}" + job: ". /etc/environment; restic backup /var/lib/docker/volumes/{{ item.volume }}/_data/ --tag {{ item.tags | join(' --tag ')}}" + disabled: "{{ item.disabled | default(false) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ restic_backup_sets }}" + when: item.type == "docker-volume" diff --git a/collections/ansible_collections/gametools/setup/roles/backup/tasks/file_backup.yml b/collections/ansible_collections/gametools/setup/roles/backup/tasks/file_backup.yml new file mode 100644 index 0000000..37e99f4 --- /dev/null +++ b/collections/ansible_collections/gametools/setup/roles/backup/tasks/file_backup.yml @@ -0,0 +1,21 @@ +--- +- name: Include the secret file + ansible.builtin.include_vars: + file: secret.yml + +- name: Verify file path exists + ansible.builtin.command: ls {{ item.path }} + changed_when: false + loop: "{{ restic_backup_sets }}" + when: item.type == "file" + +- name: Register file backup jobs + ansible.builtin.cron: + name: "Backup job {{ item.id }}" + hour: "{{ item.hour }}" + minute: "{{ 59 |random(seed=item.id) }}" + job: ". /etc/environment; restic backup {{ item.path }} --tag {{ item.tags | join(' --tag ') }}" + disabled: "{{ item.disabled | default(false) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ restic_backup_sets }}" + when: item.type == "file" diff --git a/collections/ansible_collections/gametools/setup/roles/backup/tasks/main.yml b/collections/ansible_collections/gametools/setup/roles/backup/tasks/main.yml index 84486a0..9e2abc9 100644 --- a/collections/ansible_collections/gametools/setup/roles/backup/tasks/main.yml +++ b/collections/ansible_collections/gametools/setup/roles/backup/tasks/main.yml @@ -1,4 +1,12 @@ --- - name: Run main task if action is set - ansible.builtin.include_tasks: backup.yml + ansible.builtin.include_tasks: restic.yml + when: restic_backup_sets is defined and restic_backup_rotation is defined + +- name: Run docker task + ansible.builtin.include_tasks: docker_backup.yml + when: restic_backup_sets is defined and restic_backup_rotation is defined + +- name: Run file task + ansible.builtin.include_tasks: file_backup.yml when: restic_backup_sets is defined and restic_backup_rotation is defined diff --git a/collections/ansible_collections/gametools/setup/roles/backup/tasks/backup.yml b/collections/ansible_collections/gametools/setup/roles/backup/tasks/restic.yml similarity index 76% rename from collections/ansible_collections/gametools/setup/roles/backup/tasks/backup.yml rename to collections/ansible_collections/gametools/setup/roles/backup/tasks/restic.yml index 93dfbfc..f13fa5c 100644 --- a/collections/ansible_collections/gametools/setup/roles/backup/tasks/backup.yml +++ b/collections/ansible_collections/gametools/setup/roles/backup/tasks/restic.yml @@ -12,23 +12,23 @@ update_cache: true - name: Check if repo is initialized - shell: restic snapshots + ansible.builtin.shell: restic snapshots environment: RESTIC_PASSWORD: "{{ restic_repo_password }}" RESTIC_REPOSITORY: "rest:http://{{ restic_client_user }}:{{ restic_client_password }}@{{ restic_repo }}" - ignore_errors: yes + ignore_errors: true changed_when: false register: repo_initalized - name: Init restic repository - shell: restic init + ansible.builtin.shell: restic init environment: RESTIC_PASSWORD: "{{ restic_repo_password }}" RESTIC_REPOSITORY: "rest:http://{{ restic_client_user }}:{{ restic_client_password }}@{{ restic_repo }}" when: repo_initalized.failed - name: Ensure restic environment vars exists - lineinfile: + ansible.builtin.lineinfile: dest: "/etc/environment" state: present regexp: "^{{ item.key }}=" @@ -39,18 +39,9 @@ - key: RESTIC_REPOSITORY value: "rest:http://{{ restic_client_user }}:{{ restic_client_password }}@{{ restic_repo }}" -- name: Register docker volume backup jobs - cron: - name: "Backup job {{ item.id }}" - hour: "{{ item.hour }}" - minute: "{{ item.minute }}" - job: ". /etc/environment; restic backup /var/lib/docker/volumes/{{ item.volume }}/_data/ --tag {{ item.tags | join(' --tag ')}}" - loop: "{{ restic_backup_sets }}" - when: item.type == "docker-volume" - - name: Register backup rotation job - cron: + ansible.builtin.cron: name: "Backup rotation job" hour: "23" minute: "0" - job: ". /etc/environment; restic forget --keep-daily {{ restic_backup_rotation.daily }} --keep-weekly {{ restic_backup_rotation.weekly }} --keep-monthly {{ restic_backup_rotation.monthly }} --prune" \ No newline at end of file + job: ". /etc/environment; restic forget --keep-daily {{ restic_backup_rotation.daily }} --keep-weekly {{ restic_backup_rotation.weekly }} --keep-monthly {{ restic_backup_rotation.monthly }} --prune" diff --git a/collections/ansible_collections/gametools/setup/roles/backup/vars/secret.yml b/collections/ansible_collections/gametools/setup/roles/backup/vars/secret.yml index f555a61..e7fd6b5 100644 --- a/collections/ansible_collections/gametools/setup/roles/backup/vars/secret.yml +++ b/collections/ansible_collections/gametools/setup/roles/backup/vars/secret.yml @@ -1,18 +1,18 @@ $ANSIBLE_VAULT;1.1;AES256 -33333264326466376437643031306433353165323835373131343738613537636334386464626139 -6133303234663332393331313239623166616463323838660a663732306336363833383934343635 -39646338616434646236303532323633666230326266623063353761626632323536633532633265 -3837336234363864350a653164663131383232343833353835373637663734613339333936393737 -63373130323137373836613639333832373831613061336163666161643436393365323366326233 -35353439633033643435353565663266323638653463643138316364393965663838666332633232 -64326264636132383865613663386537653833626330613138393733616262633838393662373337 -31653533346137333335346565303431616466646364623236376661646330323335376230656238 -34623532383562323262616330663832323333356339663233313561343030613637393938353561 -33323839333232366365376635336164346565636538666333643833633935616130613834613634 -35323835346166636531333437346664396637343033323362336234373964353539336236363137 -62383838386166393939383532376361613732303731336635333166353065376666323838316461 -65353639343239636133363365356565396437373635623830666661343030303261363038633366 -35306135636662333833663762626332353230376464623232346336643362636237323032326132 -36383433346132656131643631616466366563306562373662376632373039393437643066363338 -65656662323264353730383133333739623738323563303732653732663339333934303730346663 -33353235343933306130323337666461623061373630373532333233366635623964 +37306433666536653266333566656466393061363761303165393336656166633561356337323765 +6232366336373039613264386237613630316364373365300a643564613437383963666138323666 +62616633353065623538666336366464633561633531653930643962636139333831393462613132 +3639383733393961320a656536346566383939343863366161636465313137356265336334393638 +36313961623832386263626233663965326266653431663566326362356536393866356532313936 +30333034616336663137613931363935613439666230643837656234633937313731653466333736 +62336561393736393833343539636631613438666163636530366630323034353462323963386164 +36633966343137313334663036326663636261663766376433353965373635303064643531626166 +37663036643138323931396332616231653534633662326631643635633262643332366334366561 +33663862626366363433656665633838316239646136663630363032353036666139666263326363 +64623662393736376339643736326265333632633136356562356366326638383937313137316630 +66303535313562616136333435326239353166343964333362396435643035616433373763313061 +37356465626234386464363736343438326238643434656563623966366264306537613563336638 +65643063393063306231336565316639343962646335626232303935313064356538323062663938 +36383530386166646463653965393337643661356433653462643833613763376631363266653061 +66643431396331353735333938306231623939316138366435613633666563656461396632616530 +3130 diff --git a/inventory/host_vars/bfportal.yml b/inventory/host_vars/bfportal.yml index ae4c824..06ec7ed 100644 --- a/inventory/host_vars/bfportal.yml +++ b/inventory/host_vars/bfportal.yml @@ -14,14 +14,12 @@ restic_backup_sets: tags: - grafana_config hour: "1" - minute: "0" - id: "grafana storage" type: docker-volume volume: grafana_storage tags: - grafana_storage hour: "1" - minute: "0" restic_backup_rotation: daily: 7 weekly: 4 diff --git a/inventory/host_vars/gametools_1.yaml b/inventory/host_vars/gametools_1.yaml new file mode 100644 index 0000000..e457013 --- /dev/null +++ b/inventory/host_vars/gametools_1.yaml @@ -0,0 +1,12 @@ +--- +restic_backup_sets: + - id: "backup influxdb" + type: file + path: /var/lib/influxdb/engine/data + tags: + - influxdb + hour: "1" +restic_backup_rotation: + daily: 7 + weekly: 4 + monthly: 1 \ No newline at end of file diff --git a/server_config_playbook.yml b/server_config_playbook.yml index 571e9e8..3187a8a 100644 --- a/server_config_playbook.yml +++ b/server_config_playbook.yml @@ -4,6 +4,7 @@ become: true roles: - role: gametools.setup.main + - role: gametools.setup.backup - name: Setup loadbalancer hosts: loadbalancer diff --git a/update_playbook.yml b/update_playbook.yml index 0b28f97..6306b74 100644 --- a/update_playbook.yml +++ b/update_playbook.yml @@ -2,7 +2,6 @@ - name: Update main servers hosts: servers become: true - tasks: - name: Update Hetzner mirrors for arm64 linux servers ansible.builtin.replace: