115 lines
3.3 KiB
YAML
115 lines
3.3 KiB
YAML
---
|
|
###########################################################################
|
|
#
|
|
# This role will set up our duplicity backup configuration.
|
|
#
|
|
###########################################################################
|
|
# tasks file for du_backups
|
|
|
|
- debug: msg="Setting up duplicity backups (du-bu)"
|
|
|
|
############################################################
|
|
- name: Make sure duplicity package is installed (Debian)
|
|
apt:
|
|
name: duplicity
|
|
state: latest
|
|
when: ansible_os_family == "Debian"
|
|
|
|
############################################################
|
|
- name: Make sure duplicity package is installed (Arch)
|
|
pacman:
|
|
name: duplicity
|
|
state: latest
|
|
when: ansible_os_family == "Archlinux"
|
|
|
|
############################################################
|
|
- name: Create /usr/local/log directory
|
|
file:
|
|
path: "/usr/local/log"
|
|
state: directory
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0755"
|
|
|
|
############################################################
|
|
- name: checkout du_backups repository
|
|
ansible.builtin.git:
|
|
repo: 'http://git.radar231.com/radar231/du_backups'
|
|
dest: "/tmp/{{ ansible_hostname }}/du_backups"
|
|
delegate_to: 127.0.0.1
|
|
|
|
############################################################
|
|
- name: Copy files to /usr/local/bin
|
|
copy:
|
|
src: "/tmp/{{ ansible_hostname }}/du_backups/{{ item }}"
|
|
dest: "/usr/local/bin/{{ item }}"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0755"
|
|
loop:
|
|
- du-bu
|
|
- du-check
|
|
- du-all-check
|
|
- du-clean
|
|
- du-list-files
|
|
- du-restore_info
|
|
- du-wrapper
|
|
|
|
############################################################
|
|
- name: Copy du-list to /usr/local/etc (if it doesn't exist)
|
|
copy:
|
|
src: "/tmp/{{ ansible_hostname }}/du_backups/du-list"
|
|
dest: "/usr/local/etc/du-list"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
force: false
|
|
|
|
############################################################
|
|
- name: Add backup entry to root crontab
|
|
cron:
|
|
name: "Daily backup - full back on 1st of the month, incremental otherwise"
|
|
minute: "00"
|
|
hour: "01"
|
|
job: "/usr/local/bin/du-wrapper >>/usr/local/log/duplicity_cron_run.log 2>&1 &"
|
|
|
|
############################################################
|
|
- name: Add cleanup entry to root crontab
|
|
cron:
|
|
name: "Monthly cleanup of old backups"
|
|
minute: "00"
|
|
hour: "10"
|
|
day: "01"
|
|
job: "/usr/local/bin/du-clean >>/usr/local/log/duplicity_cron_run.log 2>&1 &"
|
|
|
|
############################################################
|
|
- name: Generate ssh keys for root user (if they dont already exist)
|
|
openssh_keypair:
|
|
path: "/root/.ssh/id_rsa"
|
|
comment: "root@{{ ansible_hostname }}"
|
|
owner: "root"
|
|
group: "root"
|
|
force: false
|
|
regenerate: never
|
|
|
|
############################################################
|
|
- name: Display root public ssh key
|
|
command: "cat /root/.ssh/id_rsa.pub"
|
|
register: command_output
|
|
|
|
############################################################
|
|
- name: Print message and ssh key
|
|
debug:
|
|
msg:
|
|
- "Copy the following public ssh key to the buuser authorized_keys file on the backup server host:"
|
|
- ""
|
|
- "{{ command_output.stdout }}"
|
|
- ""
|
|
|
|
############################################################
|
|
- name: clean up cloned git repo
|
|
command: 'rm -rf /tmp/{{ ansible_hostname }}/du_backups'
|
|
delegate_to: 127.0.0.1
|
|
|
|
# EOF
|