186 lines
4.4 KiB
YAML
186 lines
4.4 KiB
YAML
---
|
|
- hosts: backup_server
|
|
roles:
|
|
- name: common
|
|
vars:
|
|
ansible_cfg_repo: infra/backups
|
|
|
|
tasks:
|
|
# - name: install necessary packages
|
|
# ansible.builtin.apt:
|
|
# name:
|
|
# - rsnapshot
|
|
# - nfs-common
|
|
# state: present
|
|
# update_cache: yes
|
|
|
|
- name: Copy systemd mount file
|
|
ansible.builtin.copy:
|
|
src: files/{{item}}.mount
|
|
dest: /etc/systemd/system/{{item}}.mount
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- mnt-syno-InfraBackups
|
|
- mnt-syno-k8home
|
|
register: systemd_mount
|
|
|
|
|
|
- name: Copy automount files
|
|
ansible.builtin.copy:
|
|
src: files/{{item}}.automount
|
|
dest: /etc/systemd/system/{{item}}.automount
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- mnt-syno-InfraBackups
|
|
- mnt-syno-k8home
|
|
register: systemd_automount
|
|
|
|
- name: Reload systemd
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
when: systemd_mount.changed or systemd_automount.changed
|
|
|
|
- name: Start & Enable systemd automounts
|
|
ansible.builtin.systemd:
|
|
name: "{{item}}.automount"
|
|
state: started
|
|
enabled: yes
|
|
with_items:
|
|
- mnt-syno-InfraBackups
|
|
- mnt-syno-k8home
|
|
when: systemd_automount.changed
|
|
|
|
|
|
- name: Generate ssh key
|
|
ansible.builtin.openssh_keypair:
|
|
path: /root/.ssh/id_rsa_rsnapshot
|
|
type: rsa
|
|
size: 4096
|
|
state: present
|
|
|
|
- name: Register ssh public key in variable
|
|
slurp:
|
|
src: /root/.ssh/id_rsa_rsnapshot.pub
|
|
register: rsnapshot_ssh_key_slurp
|
|
- name: Set ssh public key in variable
|
|
set_fact:
|
|
rsnapshot_ssh_key: "{{ rsnapshot_ssh_key_slurp['content'] | b64decode }}"
|
|
|
|
|
|
- name: Copy rsnapshot template file
|
|
ansible.builtin.template:
|
|
src: files/rsnapshot.conf.j2
|
|
dest: /etc/rsnapshot.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
register: rsnapshot_conf
|
|
tags: rsnapshot
|
|
|
|
- name: Check rsnapshot config
|
|
ansible.builtin.command:
|
|
cmd: rsnapshot configtest
|
|
register: rsnapshot_configtest
|
|
tags: rsnapshot
|
|
|
|
- name: Copy systemd unit files
|
|
ansible.builtin.copy:
|
|
src: files/{{ item }}
|
|
dest: /etc/systemd/system/
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items:
|
|
- rsnapshot@.service
|
|
- rsnapshot-daily.timer
|
|
- rsnapshot-weekly.timer
|
|
- rsnapshot-monthly.timer
|
|
register: rsnapshot_service
|
|
|
|
- name: Reload systemd
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
when: rsnapshot_service.changed
|
|
|
|
- name: Enable rsnapshot timers
|
|
ansible.builtin.systemd:
|
|
name: '{{ item }}'
|
|
enabled: yes
|
|
with_items:
|
|
- rsnapshot-daily.timer
|
|
- rsnapshot-weekly.timer
|
|
- rsnapshot-monthly.timer
|
|
register: rsnapshot_timers
|
|
when: rsnapshot_service.changed
|
|
|
|
- name: Reboot ## IDK how to start a timer
|
|
ansible.builtin.reboot:
|
|
when: rsnapshot_timers.changed
|
|
|
|
|
|
|
|
- hosts: backup_clients
|
|
gather_facts: no
|
|
vars:
|
|
backup_server: backup.lan.k3s.fr
|
|
tasks:
|
|
- name: Allow ssh from rsnapshot server
|
|
authorized_key:
|
|
user: root
|
|
state: present
|
|
key: "{{ hostvars[backup_server]['rsnapshot_ssh_key'] | trim }} backup@{{ hostvars[backup_server]['ansible_default_ipv4']['address'] }}"
|
|
# key_options: command="/usr/bin/rrsync -ro /",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty"
|
|
- name: Install rsync
|
|
ansible.builtin.package:
|
|
name:
|
|
- rsync
|
|
state: present
|
|
|
|
|
|
|
|
# The kDrive backup stuff
|
|
# XXX the credentials must be stored in /etc/davfs2/secrets
|
|
- hosts: backup_server
|
|
gather_facts: no
|
|
tags: kdrive
|
|
tasks:
|
|
- name: install necessary packages
|
|
ansible.builtin.apt:
|
|
name:
|
|
- davfs2
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Copy kdrive mount file
|
|
ansible.builtin.copy:
|
|
src: files/kdrive.mount
|
|
dest: /etc/systemd/system/mnt-kdrive.mount
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
register: kdrive_mount
|
|
|
|
- name: Copy kdrive automount file
|
|
ansible.builtin.copy:
|
|
src: files/kdrive.automount
|
|
dest: /etc/systemd/system/mnt-kdrive.automount
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
register: kdrive_automount
|
|
|
|
- name: Reload systemd
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
when: kdrive_mount.changed or kdrive_automount.changed
|
|
|
|
- name: start automount
|
|
ansible.builtin.systemd:
|
|
name: mnt-kdrive.automount
|
|
state: started
|
|
enabled: yes
|
|
when: kdrive_automount.changed
|