From aafcb1ad504859896b3d4089afd900dbb533e63a Mon Sep 17 00:00:00 2001 From: erebion Date: Tue, 10 Oct 2023 18:28:50 +0200 Subject: [PATCH] add systemd units --- roles/unhb_backup_scripts/tasks/main.yml | 6 ++++-- .../unhb_backup_scripts/templates/restic-backup_unhb2.sh.j2 | 6 ++++-- roles/unhb_backup_scripts/templates/restic-password-repo.j2 | 1 + roles/unhb_backup_scripts/templates/restic-prune.sh.j2 | 6 ++++++ roles/unhb_backup_scripts/templates/restic.env.j2 | 3 +++ 5 files changed, 18 insertions(+), 4 deletions(-) create mode 100644 roles/unhb_backup_scripts/templates/restic-password-repo.j2 create mode 100755 roles/unhb_backup_scripts/templates/restic-prune.sh.j2 create mode 100755 roles/unhb_backup_scripts/templates/restic.env.j2 diff --git a/roles/unhb_backup_scripts/tasks/main.yml b/roles/unhb_backup_scripts/tasks/main.yml index 028a57d..c1dbaee 100644 --- a/roles/unhb_backup_scripts/tasks/main.yml +++ b/roles/unhb_backup_scripts/tasks/main.yml @@ -77,20 +77,22 @@ - name: "Template systemd units for restic" ansible.builtin.template: - src: "restic-wasabi.service.j2" + src: "restic.service.j2" dest: "/etc/systemd/system/restic@.service" owner: root group: root mode: 'u+rwx' + register: unit when: "ansible_os_family == 'Debian'" - name: "Template systemd timers for restic" ansible.builtin.template: - src: "restic-wasabi.timer.j2" + src: "restic.timer.j2" dest: "/etc/systemd/system/restic@.timer" owner: root group: root mode: 'u+rwx' + register: unit when: "ansible_os_family == 'Debian'" - name: "Reload systemd units" diff --git a/roles/unhb_backup_scripts/templates/restic-backup_unhb2.sh.j2 b/roles/unhb_backup_scripts/templates/restic-backup_unhb2.sh.j2 index 8c90754..0e8466f 100755 --- a/roles/unhb_backup_scripts/templates/restic-backup_unhb2.sh.j2 +++ b/roles/unhb_backup_scripts/templates/restic-backup_unhb2.sh.j2 @@ -1,5 +1,7 @@ #!/bin/bash source /opt/scripts/restic/restic.env +source /opt/scripts/restic/restic_db_passwords.env + #We will have to find out whether or not we need to initialize the repo. A non-zero exit code indicates that it has not yet been initialized. restic snapshots if [ "$?" -eq "0" ] @@ -12,9 +14,9 @@ fi echo "Now dumping databases, this might take a while..." set -x docker exec -t pretix_pg-sql.server2 pg_dumpall -c -U prtxdb > /opt/db_dumps/db-dump-pretix_db.sql -#docker exec docker-partkeepr-database-1 sh -c "exec mariadb-dump --all-databases -u{{ unhb4_mariadb_containers['partkeepr'].user }} --password=$MARIADB_PASSWORD_PARTKEEPR" > /opt/db_dumps/db-dump-partkeepr_db.sql source /opt/scripts/restic/restic_db_passwords.env -docker exec -t engel_sql.server2 sh -c "exec mysqldump --all-databases -u{{ unhb4_mariadb_containers['engelsystem'].user }} --password=$MARIADB_PASSWORD_ENGELSYSTEM" > /opt/db_dumps/db-dump-engelsystem_db.sql +docker exec -t engel_sql.server2 sh -c "exec mysqldump --all-databases -uroot --password=$MARIADB_PASSWORD_ENGELSYSTEM" > /opt/db_dumps/db-dump-engelsystem_db.sql + set +x restic backup --verbose \ diff --git a/roles/unhb_backup_scripts/templates/restic-password-repo.j2 b/roles/unhb_backup_scripts/templates/restic-password-repo.j2 new file mode 100644 index 0000000..b66fd94 --- /dev/null +++ b/roles/unhb_backup_scripts/templates/restic-password-repo.j2 @@ -0,0 +1 @@ +{{ restic_password_repo[inventory_hostname]["password"] }} diff --git a/roles/unhb_backup_scripts/templates/restic-prune.sh.j2 b/roles/unhb_backup_scripts/templates/restic-prune.sh.j2 new file mode 100755 index 0000000..bef5c0e --- /dev/null +++ b/roles/unhb_backup_scripts/templates/restic-prune.sh.j2 @@ -0,0 +1,6 @@ +#!/bin/bash +source /opt/scripts/restic/restic.env + +restic forget --prune --keep-within 1m --host={{ ansible_hostname }} + +echo "done! :)" diff --git a/roles/unhb_backup_scripts/templates/restic.env.j2 b/roles/unhb_backup_scripts/templates/restic.env.j2 new file mode 100755 index 0000000..c648512 --- /dev/null +++ b/roles/unhb_backup_scripts/templates/restic.env.j2 @@ -0,0 +1,3 @@ +#!/bin/bash +export RESTIC_REPOSITORY="{{ restic_repository_location }}{{ inventory_hostname }}" +export RESTIC_PASSWORD_FILE="/opt/scripts/restic/restic-password-repo"