Update

3 years ago · 71f337e290
parent 2b53c104e6
commit 71f337e290
2 changed files with 30 additions and 22 deletions
--- a/HOW_TO_RUN.md
+++ b/HOW_TO_RUN.md
@ -1,3 +1,5 @@
 pass init your-gpg-id

 ansible-playbook -i '157.90.240.248,rpi' backup.yml
+
+if running the playbook on a yunohost instance, remember to open the 1194 port on the server via the admin panel
--- a/backup.yml
+++ b/backup.yml
@ -1,13 +1,13 @@
 ---
- hosts: remote_server:rpi
+- hosts: yuno.sealcode.org:rpi
  tasks:
    - set_fact: RPI_NAME=kuba-rpi
-    - set_fact: SERVER_NAME=my-server
-    - set_fact: SERVER_FQDN=my.example.com
-    - set_fact: OVPN_IP_PREFIX=10.8.10
+    - set_fact: SERVER_NAME=sealcode-yuno
+    - set_fact: SERVER_FQDN=yuno.sealcode.org
+    - set_fact: OVPN_IP_PREFIX=10.8.11
    - set_fact: RPI_BACKUP_DIR=/mnt/hdd/Backups

- hosts: remote_server
+- hosts: yuno.sealcode.org
  become: yes
  become_user: root
  #  become_method: su
@ -72,6 +72,7 @@
        path: /root/.ssh/config
        backup: yes
        create: yes
+        marker: "#{{RPI_NAME}}"
        block: |
          Host {{RPI_NAME}}
            User {{SERVER_NAME}}-backup
@ -96,23 +97,6 @@
      pause:
        prompt: ZAPISZ TEN KLUCZ W MANADŻERZE HASEŁ ☝ i wciśnij ENTER

-    - name: initiate restic reposiotory
-      command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
-      run_once: true
-    - name: Create the backup script
-      ansible.builtin.template:
-        src: "backup.sh.j2"
-        dest: /root/backup.sh
-        mode: u+rwx
-        backup: yes
-
-    - name: setup CRON
-      ansible.builtin.cron:
-        name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
-        minute: 15
-        hour: 4
-        job: "/root/backup.sh"
-
 - hosts: rpi
  become: yes
  become_user: root
@ -162,6 +146,7 @@
        path: /etc/ssh/sshd_config
        backup: yes
        create: yes
+        marker: "#{{SERVER_NAME}}"
        block: |
          Match User {{SERVER_NAME}}-backup
            ForceCommand internal-sftp
@ -176,3 +161,24 @@
        name: ssh
        state: restarted
        enabled: yes
+
+- hosts: yuno.sealcode.org
+  become: yes
+  become_user: root
+  tasks:
+    - name: initiate restic reposiotory
+      command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
+      run_once: true
+    - name: Create the backup script
+      ansible.builtin.template:
+        src: "backup.sh.j2"
+        dest: /root/backup.sh
+        mode: u+rwx
+        backup: yes
+
+    - name: setup CRON
+      ansible.builtin.cron:
+        name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
+        minute: 15
+        hour: 4
+        job: "/root/backup.sh"