Skip to content
Snippets Groups Projects
Commit 0cc9e82b authored by jurgenhaas's avatar jurgenhaas
Browse files

Switch to per-application backup and append-only mode

parent 67849341
No related branches found
No related tags found
No related merge requests found
......@@ -2,4 +2,4 @@
# file: roles/borgbackup/handlers/main.yml
- name: Init Borgs
command: borgmatic init --encryption repokey
command: borgmatic init --encryption repokey --append-only
......@@ -9,6 +9,18 @@
notify:
- Init Borgs
- name: Add Borgmatic Configuration for Drupal
include_tasks: config_drupal.yml
with_items: '{{ drupal_settings|default([]) }}'
loop_control:
loop_var: drupal
- name: Add Borgmatic Configuration for NextCloud
include_tasks: config_nextcloud.yml
with_items: '{{ nextcloud_settings|default([]) }}'
loop_control:
loop_var: nextcloud
- name: Add cron job for create, check and prune
cron:
name: borgmatic
......@@ -16,7 +28,7 @@
minute: 0
cron_file: borgmatic
user: root
job: /usr/local/bin/borgmatic
job: /usr/local/bin/borgmatic -v 1 >> /var/log/borg.log 2>&1
- name: Set PATH for borgmatic cron job.
cron:
......
---
# file: roles/borgbackup/tasks/config_drupal.yml
- name: Set facts
set_fact:
application: 'drupal'
application_id: '{{ drupal.id }}'
application_remote_repo: '{{ drupal.borg_repo|default(false) }}'
- name: Set facts without jails
set_fact:
application_dir: '/var/www{{ drupal.webRoot|default("") }}/files'
when: drupal.jail is not defined
- name: Set facts with jails
set_fact:
application_dir: '{{ jailroot|default("/jails") }}/{{ drupal.jail.name }}/var/www{{ drupal.webRoot|default("") }}/files'
when: drupal.jail is defined
- name: Set facts with overwrite
set_fact:
application_dir: '{{ drupal.backup_root }}'
when: drupal.backup_root is defined
- name: Configure Drupal Backup
template:
src: application.yaml
dest: /etc/borgmatic.d/{{ application }}_{{ application_id }}.yaml
mode: 0600
notify:
- Init Borgs
when: drupal.mountpoints is not defined
---
# file: roles/borgbackup/tasks/config_nextcloud.yml
- name: Set facts
set_fact:
application: 'nextcloud'
application_id: '{{ nextcloud.id }}'
application_remote_repo: '{{ nextcloud.borg_repo|default(false) }}'
- name: Set facts without jails
set_fact:
application_dir: '{{ nextcloud_data_dir|default("/var/www/nextcloud/_data") }}/{{ nextcloud.id }}'
when: nextcloud.jail is not defined
- name: Set facts with jails
set_fact:
application_dir: '{{ jailroot }}/{{ nextcloud.id }}/var/www/datanextcloud'
when: nextcloud.jail is defined
- name: Configure NextCloud Backup
template:
src: application.yaml
dest: /etc/borgmatic.d/{{ application }}_{{ application_id }}.yaml
mode: 0600
notify:
- Init Borgs
......@@ -41,5 +41,6 @@
state: directory
mode: 0700
with_items:
- /var/backups/borg
- /etc/borgmatic
- /etc/borgmatic.d
location:
source_directories:
- {{ application_dir }}
repositories:
- /var/backups/borg/{{ application }}_{{ application_id }}
{% if application_remote_repo %}
- {{ application_remote_repo }}
{% endif %}
exclude_patterns:
- '*.pyc'
- '*/.git'
- '*/.svn'
- '*/vendor/*'
- '*/node_modules/*'
storage:
encryption_passphrase: '{{ borgbackup.passphrase }}'
retention:
keep_daily: 7
keep_weekly: 8
keep_monthly: 12
keep_yearly: 30
consistency:
checks:
- repository
- archives
hooks:
on_error:
- /usr/local/bin/alertalerta.py{% if netdata_alerta_project_id is defined %} --pid={{ netdata_alerta_project_id }}{% endif %} {{ inventory_hostname }} {{ netdata_alerta_environment|default("production") }} {{ netdata_alerta_webhook }} {{ netdata_alerta_apikey }} '{"resource":"{{ inventory_hostname }}","event":"Borg Backup Exception {{ application }} {{ application_id }}"}'
......@@ -3,16 +3,14 @@ location:
{% for dir in backup_include|default([]) %}
- {{ dir }}
{% endfor %}
{% for drupal in drupal_settings|default([]) %}
{% if drupal.jail is defined and drupal.mountpoints is not defined %}
- {{ jailroot|default('/jails') }}/{{ drupal.jail.name }}/var/www/files
{% endif %}
{% endfor %}
{% if groups['dbserver_mysql'] is defined and inventory_hostname in groups['dbserver_mysql'] %}
- /var/backups/mysql
{% endif %}
repositories:
- /var/backups/borg
- /var/backups/borg/default
{% if borgbackup.remote_repo is defined %}
- {{ borgbackup.remote_repo }}
{% endif %}
exclude_patterns:
- '*.pyc'
- '*/.git'
......@@ -32,4 +30,4 @@ consistency:
- archives
hooks:
on_error:
- /usr/local/bin/alertalerta.py{% if netdata_alerta_project_id is defined %} --pid={{ netdata_alerta_project_id }}{% endif %} {{ inventory_hostname }} {{ netdata_alerta_environment|default("production") }} {{ netdata_alerta_webhook }} {{ netdata_alerta_apikey }} '{"resource":"Borg Backup"}'
- /usr/local/bin/alertalerta.py{% if netdata_alerta_project_id is defined %} --pid={{ netdata_alerta_project_id }}{% endif %} {{ inventory_hostname }} {{ netdata_alerta_environment|default("production") }} {{ netdata_alerta_webhook }} {{ netdata_alerta_apikey }} '{"resource":"{{ inventory_hostname }}","event":"Borg Backup Exception Default"}'
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment