Initial commit

2021-03-12 03:35:14 +01:00 · 2021-03-12 03:35:14 +01:00 · 420be44f56
commit 420be44f56
11 changed files with 432 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,170 @@
+- name: parse config
+  set_fact:
+    backup_backend: "{% if backups.mode in ['standalone-restic', 'hypervisor-restic'] %}restic{% else %}False{% endif %}"
+    backup_executor: "{% if backups.mode in ['vm-via-hypervisor'] %}False{% else %}True{% endif %}"
+
+- debug:
+    var: backup_backend
+
+- name: create config folder
+  file:
+    path: /etc/backup-client/
+    state: directory
+    owner: root
+    group: root
+    mode: 0700
+
+- name: setup hosts that actualy run backup code (not vms for example)
+  when: backup_executor
+  block:
+  - name: create retention file
+    copy:
+      dest: /etc/backup-client/retention.env
+      owner: root
+      group: root
+      mode: 0700
+      content: |
+        export BACKUP_RETENTION_HOURS={{ backups.retention.hours }}
+        export BACKUP_RETENTION_DAYS={{ backups.retention.days }}
+        export BACKUP_RETENTION_WEEKS={{ backups.retention.weeks }}
+        export BACKUP_RETENTION_MONTHS={{ backups.retention.months }}
+        export BACKUP_RETENTION_YEARS={{ backups.retention.years }}
+  - name: copy backup config
+    loop:
+      - name: 'enabled'
+        flag: '{{ backups.enabled }}'
+    file:
+      path: /etc/backup-client/{{ item.name }}
+      owner: root
+      group: root
+      mode: 0600
+      state: "{% if item.flag %}touch{% else %}absent{% endif %}"
+  - name: copy scripts
+    loop:
+      - backup-retention
+      - backup-standalone
+      - backup-vm
+      - backup-all-vms
+      - backup-full
+      - backup-cronjob
+    template:
+      src: "{{ item }}.j2"
+      dest: "/usr/local/bin/{{ item }}"
+      owner: root
+      group: root
+      mode: 0700
+      validate: /bin/bash -n %s
+  - name: create data folder
+    file:
+      path: /var/backup-client/
+      state: directory
+      owner: root
+      group: root
+      mode: 0700
+
+- name: handle common restic based setup tasks
+  when: backup_backend == 'restic'
+  block:
+  - name: install backend tools (restic)
+    apt:
+      pkg:
+      - restic
+  - name: copy exclude file
+    copy:
+      dest: /etc/backup-client/exclude_files
+      owner: root
+      group: root
+      mode: 0600
+      content: "{{ backups.exclude_files|filterEnabled|join('\n') }}"
+  - name: copy include file
+    copy:
+      dest: /etc/backup-client/include_files
+      owner: root
+      group: root
+      mode: 0600
+      content: "{{ backups.include_files|filterEnabled|join('\n') }}"
+  - name: create repo key for restic
+    command: "dd if=/dev/urandom of=/etc/backup-client/restic.key bs=1k count=16"
+    args:
+      creates: "/etc/backup-client/restic.key"
+  - name: create restic env file
+    copy:
+      dest: /etc/backup-client/restic.env
+      owner: root
+      group: root
+      mode: 0700
+      content: |
+        export RESTIC_REPOSITORY="{{ backups.backends.restic.url }}"
+        export RESTIC_PASSWORD_FILE="/etc/backup-client/restic.key"
+  - name: create restic repository folder
+    when: backups.backends.restic.repo_type == 'local'
+    file:
+      path: "{{ backups.backends.restic.url }}"
+      state: directory
+      owner: root
+      group: root
+      mode: 0700
+  - name: create repo for restic
+    when: backups.backends.restic.repo_type == 'local'
+    shell: 'source /etc/backup-client/restic.env; restic init'
+    args:
+      executable: /bin/bash
+      creates: "{{ backups.backends.restic.url }}/config"
+
+- name: handle hypervisor mode
+  when: backups.mode == 'hypervisor-restic'
+  block:
+  - name: create vms config folder
+    file:
+      path: /etc/backup-client/vms/
+      state: directory
+      owner: root
+      group: root
+      mode: 0700
+  - name: create vm mount point
+    file:
+      path: /var/backup-client/vm-mountpoint/
+      state: directory
+      owner: root
+      group: root
+      mode: 0700
+
+- name: handle vm-via-hypervisor mode
+  when: backups.mode == 'vm-via-hypervisor'
+  block:
+  - name: create config folder on vm host
+    delegate_to: "{{ vm['host'] }}"
+    file:
+      dest: /etc/backup-client/vms/{{ vm['name'] }}
+      state: directory
+      owner: root
+      group: root
+      mode: 0700
+  - name: copy exclude file to vm host
+    delegate_to: "{{ vm['host'] }}"
+    copy:
+      dest: /etc/backup-client/vms/{{ vm['name'] }}/exclude_files
+      owner: root
+      group: root
+      mode: 0600
+      content: "{{ backups.exclude_files|filterEnabled|vmpath2hostpath(mountpoint='/var/backup-client/vm-mountpoint')|join('\n') }}"
+  - name: copy include file to vm host
+    delegate_to: "{{ vm['host'] }}"
+    copy:
+      dest: /etc/backup-client/vms/{{ vm['name'] }}/include_files
+      owner: root
+      group: root
+      mode: 0600
+      content: "{{ backups.include_files|filterEnabled|vmpath2hostpath(mountpoint='/var/backup-client/vm-mountpoint')|join('\n') }}"
+  - name: copy vm backup config to vm host
+    delegate_to: "{{ vm['host'] }}"
+    loop:
+      - name: 'enabled'
+        flag: '{{ backups.enabled }}'
+    file:
+      path: /etc/backup-client/vms/{{ vm['name'] }}/{{ item.name }}
+      owner: root
+      group: root
+      mode: 0600
+      state: "{% if item.flag %}touch{% else %}absent{% endif %}"
+