Home Explore Help
Register Sign In
cisti
/
infra
4
0
Fork 1
Files Issues 0 Pull Requests 0
Tree: fc734427e2
Branches Tags
infra
/
roles
/
stable
/
restic
/
tasks
/
main.yml

main.yml 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. ---
    2. 

  2. - name: Check if restic is installed
    3. 

  3.   stat:
    4. 

  4.     path: '{{ restic_path }}'
    5. 

  5.   register: restic_binary
    6. 

  6. 

  7. - include_tasks: install.yml
    8. 

  8.   when: not restic_binary.stat.exists or restic_install
    9. 

  9. 

  10.   # TODO: check if exists?
    11. 

  11. - name: Overwrite SSH config for backup server
    12. 

  12.   become: yes
    13. 

  13.   template:
    14. 

  14.     src: ssh_config.j2
    15. 

  15.     dest: '{{ restic_user_home }}/.ssh/config'
    16. 

  16.     owner: root
    17. 

  17.     group: root
    18. 

  18.     mode: '0600'
    19. 

  19.   when: restic_ssh_enabled
    20. 

  20. 

  21. - name: Add SSH private key
    22. 

  22.   become: yes
    23. 

  23.   template:
    24. 

  24.     src: ssh_private_key.j2
    25. 

  25.     dest: '{{ restic_ssh_private_key_path }}'
    26. 

  26.     mode: '0600'
    27. 

  27.   when: restic_ssh_private_key is defined and restic_ssh_enabled
    28. 

  28. 

  29. - name: Add backup server host fingerprint
    30. 

  30.   become: yes
    31. 

  31.   known_hosts:
    32. 

  32.     name: '[{{ restic_ssh_hostname }}]:{{ restic_ssh_port }}'
    33. 

  33.     key: '{{ restic_ssh_host_fingerprint }}'
    34. 

  34.     path: '{{ restic_user_home }}/.ssh/known_hosts'
    35. 

  35.     state: present
    36. 

  36. 

  37. - name: Add restic_env in home folder
    38. 

  38.   become: yes
    39. 

  39.   template:
    40. 

  40.     src: restic_env.j2
    41. 

  41.     dest: '{{ restic_user_home }}/.restic_env'
    42. 

  42.     owner: root
    43. 

  43.     group: root
    44. 

  44.     mode: '0600'
    45. 

  45. 

  46. - name: Add systemd service for restic
    47. 

  47.   become: yes
    48. 

  48.   template:
    49. 

  49.     src: restic-backup.service.j2
    50. 

  50.     dest: /etc/systemd/system/restic-backup.service
    51. 

  51.     mode: '0644'
    52. 

  52.   vars:
    53. 

  53.     restic_folders_combined: '{{ restic_default_folders + restic_folders }}'
    54. 

  54.   notify: systemd reload
    55. 

  55. 

  56. - name: Add systemd timer for restic
    57. 

  57.   become: yes
    58. 

  58.   template:
    59. 

  59.     src: restic-backup.timer.j2
    60. 

  60.     dest: /etc/systemd/system/restic-backup.timer
    61. 

  61.     mode: '0644'
    62. 

  62.   notify: systemd reload
    63. 

  63. 

  64. - name: Enable and start restic timer
    65. 

  65.   become: yes
    66. 

  66.   systemd:
    67. 

  67.     name: restic-backup.timer
    68. 

  68.     enabled: true
    69. 

  69.     state: started
    70. 

  70. 

  71. - name: Initialize restic repo if needed
    72. 

  72.   become: yes
    73. 

  73.   command: "{{restic_path}} init"
    74. 

  74.   environment:
    75. 

  75.     RESTIC_REPOSITORY: "sftp:{{ restic_ssh_host }}:{{ restic_repository_name }}"
    76. 

  76.     RESTIC_PASSWORD: "{{restic_password}}"
    77. 

  77.   no_log: true
    78. 

  78.   register: restic_init
    79. 

  79.   changed_when: "'created restic repository' in restic_init.stdout"
    80. 

  80.   failed_when:
    81. 

  81.     - restic_init.rc != 0
    82. 

  82.     - not 'config file already exists' in restic_init.stderr
    83. 

  83.     - not 'config already initialized' in restic_init.stderr
    84. 

  84.     - not 'config already exists' in restic_init.stderr
    85.