add borg backup automation
This commit is contained in:
parent
ff53f82608
commit
c3a9327ecf
52
ansible/automate_backup.yml
Normal file
52
ansible/automate_backup.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
---
|
||||||
|
- name: Automate borg backup
|
||||||
|
hosts: all
|
||||||
|
become: yes
|
||||||
|
tasks:
|
||||||
|
- name: Check if Borg backup script exist
|
||||||
|
stat:
|
||||||
|
path: /usr/local/sbin/backup.bash
|
||||||
|
register: backup_status
|
||||||
|
- name: Check if Borg check script exists
|
||||||
|
stat:
|
||||||
|
path: /usr/local/sbin/check_backup.bash
|
||||||
|
register: check_status
|
||||||
|
- name: Synchronize Borg scripts
|
||||||
|
when: backup_status.stat.exists == False or check_status.stat.exists == False
|
||||||
|
synchronize:
|
||||||
|
src: ./borg_scripts/
|
||||||
|
dest: /usr/local/sbin/
|
||||||
|
rsync_opts:
|
||||||
|
- "--chown=root:root"
|
||||||
|
- "--chmod=0700"
|
||||||
|
- name: Create borg backup systemd service
|
||||||
|
copy:
|
||||||
|
content: |
|
||||||
|
[Unit]
|
||||||
|
Description=Borg backup
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/local/sbin/borg_backup.sh
|
||||||
|
User=root
|
||||||
|
Group=root
|
||||||
|
dest: /etc/systemd/system/borg_backup.service
|
||||||
|
- name: Create borg backup systemd timer
|
||||||
|
copy:
|
||||||
|
content: |
|
||||||
|
[Unit]
|
||||||
|
Description=Borg backup timer
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=*-*-* 05:00:00
|
||||||
|
Persistent=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
||||||
|
dest: /etc/systemd/system/borg_backup.timer
|
||||||
|
- name: Start and enable borg backup timer
|
||||||
|
systemd:
|
||||||
|
name: borg_backup.timer
|
||||||
|
enabled: yes
|
||||||
|
state: started
|
||||||
36
ansible/borg_scripts/backup.bash
Normal file
36
ansible/borg_scripts/backup.bash
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Configuration
|
||||||
|
BACKUP_USER="your_remote_user" # Remote SSH username
|
||||||
|
BACKUP_HOST="your_remote_host" # Remote SSH server
|
||||||
|
BACKUP_PATH="/path/to/remote/backup/folder" # Remote backup folder
|
||||||
|
BORG_PASSPHRASE="your_encryption_password" # Encryption password (in plain text)
|
||||||
|
BACKUP_NAME="backup-$(date +'%Y-%m-%d')" # Name of the backup archive
|
||||||
|
BACKUP_REPO="ssh://$BACKUP_USER@$BACKUP_HOST/$BACKUP_PATH" # Borg repository location
|
||||||
|
|
||||||
|
# Environment variable for Borg encryption
|
||||||
|
export BORG_PASSPHRASE
|
||||||
|
|
||||||
|
# Run Borg backup
|
||||||
|
echo "Starting Borg backup..."
|
||||||
|
borg create --verbose --filter AME --list --stats --compression lz4 \
|
||||||
|
$BACKUP_REPO::$BACKUP_NAME \
|
||||||
|
/etc \
|
||||||
|
/var/vol
|
||||||
|
|
||||||
|
# Capture Borg exit status
|
||||||
|
BORG_EXIT=$?
|
||||||
|
|
||||||
|
# Check if the backup succeeded or was partially successful (exit code 0 or 1)
|
||||||
|
if [ $BORG_EXIT -eq 0 ] || [ $BORG_EXIT -eq 1 ]; then
|
||||||
|
echo "Backup succeeded (with return code $BORG_EXIT)!"
|
||||||
|
else
|
||||||
|
echo "Backup failed (with return code $BORG_EXIT)!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Prune old backups (keep last 7 daily, 4 weekly, and 6 monthly backups)
|
||||||
|
borg prune --list $BACKUP_REPO --keep-daily=7 --keep-weekly=4 --keep-monthly=6
|
||||||
|
|
||||||
|
# Unset the encryption password for security
|
||||||
|
unset BORG_PASSPHRASE
|
||||||
35
ansible/borg_scripts/check_backup.bash
Normal file
35
ansible/borg_scripts/check_backup.bash
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Configuration
|
||||||
|
BACKUP_USER="your_remote_user" # Remote SSH username
|
||||||
|
BACKUP_HOST="your_remote_host" # Remote SSH server
|
||||||
|
BACKUP_PATH="/path/ro/remote/backup/folder" # Remote backup folder
|
||||||
|
BORG_PASSPHRASE="your_encryption_password" # Encryption password (in plain text)
|
||||||
|
BACKUP_NAME="backup-$(date +'%Y-%m-%d')" # Name of the backup archive
|
||||||
|
BACKUP_REPO="ssh://$BACKUP_USER@$BACKUP_HOST/$BACKUP_PATH" # Borg repository location
|
||||||
|
|
||||||
|
# Environment variable for Borg encryption
|
||||||
|
export BORG_PASSPHRASE
|
||||||
|
|
||||||
|
# Run Borg check
|
||||||
|
if [ "$1" == "--verify-data" ]; then
|
||||||
|
echo "Starting Borg check with data verification..."
|
||||||
|
borg check --verify-data $BACKUP_REPO
|
||||||
|
else
|
||||||
|
echo "Starting Borg check..."
|
||||||
|
borg check $BACKUP_REPO
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Capture Borg exit status
|
||||||
|
BORG_EXIT=$?
|
||||||
|
|
||||||
|
# Check if the backup succeeded or was partially successful (exit code 0 or 1)
|
||||||
|
if [ $BORG_EXIT -eq 0 ] || [ $BORG_EXIT -eq 1 ]; then
|
||||||
|
echo "Check succeeded (with return code $BORG_EXIT)!"
|
||||||
|
else
|
||||||
|
echo "Check failed (with return code $BORG_EXIT)!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Unset the encryption password for security
|
||||||
|
unset BORG_PASSPHRASE
|
||||||
@ -8,4 +8,6 @@
|
|||||||
- name: deploy services
|
- name: deploy services
|
||||||
import_playbook: deploy_services.yml
|
import_playbook: deploy_services.yml
|
||||||
- name: deploy traefik configuration
|
- name: deploy traefik configuration
|
||||||
import_playbook: deploy_traefik_config.yml
|
import_playbook: deploy_traefik_config.yml
|
||||||
|
- name: automate backup
|
||||||
|
import_playbook: automate_backup.yml
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user