111 lines
3.2 KiB
YAML
111 lines
3.2 KiB
YAML
---
|
|
|
|
- name: "Install restic"
|
|
ansible.builtin.apt:
|
|
name:
|
|
- restic
|
|
state: latest
|
|
update_cache: true
|
|
become: true
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: "Ensure /opt/scripts/ exists"
|
|
ansible.builtin.file:
|
|
path: /opt/scripts
|
|
state: directory
|
|
mode: '0755'
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Ensure /opt/db_dumps/ exists"
|
|
ansible.builtin.file:
|
|
path: /opt/db_dumps/
|
|
state: directory
|
|
owner: postgres
|
|
group: postgres
|
|
mode: '0774'
|
|
ignore_errors: true #to do: auf mautrix-signal kein User "postgres" weil in Docker, muss gelöst werden
|
|
when: "ansible_os_family == 'Debian' and 'desktops' not in group_names and 'mautrix-signal' not in inventory_hostname"
|
|
|
|
- name: "Copy restic backup scripts"
|
|
ansible.builtin.copy:
|
|
src: "restic-backup-scripts/"
|
|
dest: /opt/scripts/restic/.
|
|
owner: root
|
|
group: root
|
|
mode: u+rwx
|
|
force: true
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Template restic backup script restic-backup_{{ inventory_hostname }}.sh"
|
|
ansible.builtin.template:
|
|
src: ../templates/restic-backup_{{ inventory_hostname }}.sh.j2
|
|
dest: /opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh
|
|
owner: root
|
|
group: root
|
|
mode: 'u+rwx'
|
|
force: true
|
|
when: "ansible_os_family == 'Debian' and 'desktops' not in group_names"
|
|
|
|
#- name: "Template restic backup script ENTWURF"
|
|
# ansible.builtin.template:
|
|
# src: ../templates/restic-backup_ENTWURF.sh.j2
|
|
# dest: /opt/scripts/restic/restic-backup_ENTWURF.sh
|
|
# owner: root
|
|
# group: root
|
|
# mode: 'u+rwx'
|
|
|
|
- name: "Template restic backup script restic-backup_desktops.sh"
|
|
ansible.builtin.template:
|
|
src: ../templates/restic-backup_desktops.sh.j2
|
|
dest: /opt/scripts/restic/restic-backup_desktops.sh
|
|
owner: root
|
|
group: root
|
|
mode: 'u+rwx'
|
|
force: true
|
|
when: "ansible_os_family == 'Debian' and 'desktops' in group_names"
|
|
|
|
- name: "Template restic prune script restic-prune.sh"
|
|
ansible.builtin.template:
|
|
src: ../templates/restic-prune.sh.j2
|
|
dest: /opt/scripts/restic/restic-prune.sh
|
|
owner: root
|
|
group: root
|
|
mode: 'u+rwx'
|
|
force: true
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Template environment variable file restic.env"
|
|
ansible.builtin.template:
|
|
src: ../templates/restic.env.j2
|
|
dest: /opt/scripts/restic/restic.env
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
force: true
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Template restic password file restic-password-repo"
|
|
ansible.builtin.template:
|
|
src: ../templates/restic-password-repo.j2
|
|
dest: /opt/scripts/restic/restic-password-repo
|
|
owner: root
|
|
group: root
|
|
mode: '0440'
|
|
force: true
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
- name: "Cronjob for Backups"
|
|
ansible.builtin.cron:
|
|
name: "Restic Backup"
|
|
minute: "0"
|
|
hour: "3"
|
|
job: "/opt/scripts/restic/restic-backup_{{ inventory_hostname }}.sh"
|
|
when: "ansible_os_family == 'Debian' and 'desktops' not in group_names"
|
|
|
|
- name: "Cronjob for Backups"
|
|
ansible.builtin.cron:
|
|
name: "Restic Backup"
|
|
minute: "0"
|
|
hour: "3"
|
|
job: "/opt/scripts/restic/restic-backup_desktops.sh"
|
|
when: "ansible_os_family == 'Debian' and 'desktops' in group_names"
|