101 lines
2.3 KiB
YAML
101 lines
2.3 KiB
YAML
---
|
|
- name: Borg und borgmatic installieren
|
|
apt:
|
|
name:
|
|
- borgbackup
|
|
- borgmatic
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: SSH Private Key deployen
|
|
copy:
|
|
src: id_rsa
|
|
dest: "{{ borg_ssh_key }}"
|
|
mode: '0600'
|
|
|
|
- name: SSH Public Key deployen
|
|
copy:
|
|
src: id_rsa.pub
|
|
dest: "{{ borg_ssh_key }}.pub"
|
|
mode: '0644'
|
|
|
|
- name: SSH Config für Storage Box
|
|
blockinfile:
|
|
path: /root/.ssh/config
|
|
create: yes
|
|
mode: '0600'
|
|
marker: "# {mark} BORG STORAGEBOX"
|
|
block: |
|
|
Host storagebox
|
|
Hostname {{ hetzner_storage_host }}
|
|
User {{ hetzner_storage_user }}
|
|
Port {{ hetzner_storage_port }}
|
|
IdentityFile {{ borg_ssh_key }}
|
|
IdentitiesOnly yes
|
|
StrictHostKeyChecking accept-new
|
|
|
|
- name: Backup-Verzeichnis auf Storage Box anlegen
|
|
command: ssh storagebox mkdir -p home/{{ inventory_hostname }}
|
|
changed_when: false
|
|
|
|
- name: Borg Repo initialisieren
|
|
environment:
|
|
BORG_PASSPHRASE: "{{ borg_passphrase }}"
|
|
command: borg init --encryption=repokey {{ borg_repo }}
|
|
register: borg_init
|
|
failed_when: borg_init.rc != 0 and 'already exists' not in borg_init.stderr
|
|
changed_when: borg_init.rc == 0
|
|
|
|
- name: borgmatic Config-Verzeichnis
|
|
file:
|
|
path: /etc/borgmatic
|
|
state: directory
|
|
mode: '0700'
|
|
|
|
- name: borgmatic Config deployen
|
|
template:
|
|
src: borgmatic.yml.j2
|
|
dest: /etc/borgmatic/config.yaml
|
|
mode: '0600'
|
|
|
|
- name: Altes Backup-Script entfernen
|
|
file:
|
|
path: /usr/local/bin/borg-backup.sh
|
|
state: absent
|
|
|
|
- name: Systemd Timer Unit
|
|
copy:
|
|
dest: /etc/systemd/system/borg-backup.timer
|
|
content: |
|
|
[Unit]
|
|
Description=Borgmatic Backup Timer
|
|
|
|
[Timer]
|
|
OnCalendar=*-*-* 03:00:00
|
|
RandomizedDelaySec=1800
|
|
Persistent=true
|
|
|
|
[Install]
|
|
WantedBy=timers.target
|
|
|
|
- name: Systemd Service Unit
|
|
copy:
|
|
dest: /etc/systemd/system/borg-backup.service
|
|
content: |
|
|
[Unit]
|
|
Description=Borgmatic Backup
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/bin/borgmatic --verbosity 1
|
|
Nice=19
|
|
IOSchedulingClass=idle
|
|
|
|
- name: Timer aktivieren und starten
|
|
systemd:
|
|
name: borg-backup.timer
|
|
enabled: true
|
|
state: started
|
|
daemon_reload: true
|