master
Kuba Orlik 4 years ago
parent 2b53c104e6
commit 71f337e290

@ -1,3 +1,5 @@
pass init your-gpg-id pass init your-gpg-id
ansible-playbook -i '157.90.240.248,rpi' backup.yml ansible-playbook -i '157.90.240.248,rpi' backup.yml
if running the playbook on a yunohost instance, remember to open the 1194 port on the server via the admin panel

@ -1,13 +1,13 @@
--- ---
- hosts: remote_server:rpi - hosts: yuno.sealcode.org:rpi
tasks: tasks:
- set_fact: RPI_NAME=kuba-rpi - set_fact: RPI_NAME=kuba-rpi
- set_fact: SERVER_NAME=my-server - set_fact: SERVER_NAME=sealcode-yuno
- set_fact: SERVER_FQDN=my.example.com - set_fact: SERVER_FQDN=yuno.sealcode.org
- set_fact: OVPN_IP_PREFIX=10.8.10 - set_fact: OVPN_IP_PREFIX=10.8.11
- set_fact: RPI_BACKUP_DIR=/mnt/hdd/Backups - set_fact: RPI_BACKUP_DIR=/mnt/hdd/Backups
- hosts: remote_server - hosts: yuno.sealcode.org
become: yes become: yes
become_user: root become_user: root
# become_method: su # become_method: su
@ -72,6 +72,7 @@
path: /root/.ssh/config path: /root/.ssh/config
backup: yes backup: yes
create: yes create: yes
marker: "#{{RPI_NAME}}"
block: | block: |
Host {{RPI_NAME}} Host {{RPI_NAME}}
User {{SERVER_NAME}}-backup User {{SERVER_NAME}}-backup
@ -96,23 +97,6 @@
pause: pause:
prompt: ZAPISZ TEN KLUCZ W MANADŻERZE HASEŁ ☝ i wciśnij ENTER prompt: ZAPISZ TEN KLUCZ W MANADŻERZE HASEŁ ☝ i wciśnij ENTER
- name: initiate restic reposiotory
command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
run_once: true
- name: Create the backup script
ansible.builtin.template:
src: "backup.sh.j2"
dest: /root/backup.sh
mode: u+rwx
backup: yes
- name: setup CRON
ansible.builtin.cron:
name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
minute: 15
hour: 4
job: "/root/backup.sh"
- hosts: rpi - hosts: rpi
become: yes become: yes
become_user: root become_user: root
@ -162,6 +146,7 @@
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
backup: yes backup: yes
create: yes create: yes
marker: "#{{SERVER_NAME}}"
block: | block: |
Match User {{SERVER_NAME}}-backup Match User {{SERVER_NAME}}-backup
ForceCommand internal-sftp ForceCommand internal-sftp
@ -176,3 +161,24 @@
name: ssh name: ssh
state: restarted state: restarted
enabled: yes enabled: yes
- hosts: yuno.sealcode.org
become: yes
become_user: root
tasks:
- name: initiate restic reposiotory
command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
run_once: true
- name: Create the backup script
ansible.builtin.template:
src: "backup.sh.j2"
dest: /root/backup.sh
mode: u+rwx
backup: yes
- name: setup CRON
ansible.builtin.cron:
name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
minute: 15
hour: 4
job: "/root/backup.sh"

Loading…
Cancel
Save