diff --git a/borg/tasks/main.yml b/borg/tasks/main.yml new file mode 100644 index 0000000..fd3be99 --- /dev/null +++ b/borg/tasks/main.yml @@ -0,0 +1,28 @@ +- name: copy key + template: + src: ../templates/borg_ssh_key.j2 + dest: /root/borg_ssh_key + owner: root + group: root + mode: 0600 + +- name: push borg + import_role: + name: borgbase.ansible_role_borgbackup + vars: + borg_encryption_passphrase: "{{ borg_password }}" + borg_repository: "{{ borg_repo }}" + borg_user: "{{ borg_my_user }}" + borg_group: "{{ borg_my_group }}" + borgmatic_timer: cron + borg_ssh_command: "ssh -o StrictHostKeyChecking=no -i {{ borg_ssh_key }}" + borg_source_directories: + "{{ base_files + (extra_files[inventory_hostname] | default([])) }}" + borg_retention_policy: + keep_hourly: 3 + keep_daily: 7 + keep_weekly: 4 + keep_monthly: 6 + borgmatic_hooks: + after_backup: + - "curl -d '{{ inventory_hostname }}' {{ backup_topic }}" diff --git a/borg/templates/borg_ssh_key.j2 b/borg/templates/borg_ssh_key.j2 new file mode 100644 index 0000000..70d4cc9 --- /dev/null +++ b/borg/templates/borg_ssh_key.j2 @@ -0,0 +1 @@ +{{ borg_secret_key | b64decode }} diff --git a/deploy.yml b/deploy.yml index ee3c34e..9228ec9 100644 --- a/deploy.yml +++ b/deploy.yml @@ -29,3 +29,6 @@ - name: Website for hatecomputers.club ansible.builtin.import_playbook: playbooks/deploy-hatecomputers-club.yml + +- name: Deploy borg + ansible.builtin.import_playbook: playbooks/deploy-borg.yml diff --git a/group_vars/borg.yml b/group_vars/borg.yml new file mode 100644 index 0000000..8f4c8d9 --- /dev/null +++ b/group_vars/borg.yml @@ -0,0 +1,15 @@ +borg_my_user: "root" +borg_my_group: "root" +borg_ssh_key: "/root/borg_ssh_key" + +backup_topic: "{{ borg_backup_topic }}" + +base_files: + - /home + - /root + - /var + - /etc + - /boot + - /opt + +extra_files: diff --git a/playbooks/deploy-borg.yml b/playbooks/deploy-borg.yml new file mode 100644 index 0000000..842d3a3 --- /dev/null +++ b/playbooks/deploy-borg.yml @@ -0,0 +1,6 @@ +--- + +- name: Borg setup + hosts: borg + roles: + - borg diff --git a/secrets.txt b/secrets.txt index 62d20b4..4660bd9 100644 --- a/secrets.txt +++ b/secrets.txt @@ -14,3 +14,7 @@ hatecomputers_club_oauth2_client_id hatecomputers_club_oauth2_client_secret hcaptcha_site_key hcaptcha_secret +borg_secret_key +borg_password +borg_repo +borg_backup_topic