|
|
@ -1,13 +1,13 @@
|
|
|
|
---
|
|
|
|
---
|
|
|
|
- hosts: remote_server:rpi
|
|
|
|
- hosts: yuno.sealcode.org:rpi
|
|
|
|
tasks:
|
|
|
|
tasks:
|
|
|
|
- set_fact: RPI_NAME=kuba-rpi
|
|
|
|
- set_fact: RPI_NAME=kuba-rpi
|
|
|
|
- set_fact: SERVER_NAME=my-server
|
|
|
|
- set_fact: SERVER_NAME=sealcode-yuno
|
|
|
|
- set_fact: SERVER_FQDN=my.example.com
|
|
|
|
- set_fact: SERVER_FQDN=yuno.sealcode.org
|
|
|
|
- set_fact: OVPN_IP_PREFIX=10.8.10
|
|
|
|
- set_fact: OVPN_IP_PREFIX=10.8.11
|
|
|
|
- set_fact: RPI_BACKUP_DIR=/mnt/hdd/Backups
|
|
|
|
- set_fact: RPI_BACKUP_DIR=/mnt/hdd/Backups
|
|
|
|
|
|
|
|
|
|
|
|
- hosts: remote_server
|
|
|
|
- hosts: yuno.sealcode.org
|
|
|
|
become: yes
|
|
|
|
become: yes
|
|
|
|
become_user: root
|
|
|
|
become_user: root
|
|
|
|
# become_method: su
|
|
|
|
# become_method: su
|
|
|
@ -72,6 +72,7 @@
|
|
|
|
path: /root/.ssh/config
|
|
|
|
path: /root/.ssh/config
|
|
|
|
backup: yes
|
|
|
|
backup: yes
|
|
|
|
create: yes
|
|
|
|
create: yes
|
|
|
|
|
|
|
|
marker: "#{{RPI_NAME}}"
|
|
|
|
block: |
|
|
|
|
block: |
|
|
|
|
Host {{RPI_NAME}}
|
|
|
|
Host {{RPI_NAME}}
|
|
|
|
User {{SERVER_NAME}}-backup
|
|
|
|
User {{SERVER_NAME}}-backup
|
|
|
@ -96,23 +97,6 @@
|
|
|
|
pause:
|
|
|
|
pause:
|
|
|
|
prompt: ZAPISZ TEN KLUCZ W MANADŻERZE HASEŁ ☝ i wciśnij ENTER
|
|
|
|
prompt: ZAPISZ TEN KLUCZ W MANADŻERZE HASEŁ ☝ i wciśnij ENTER
|
|
|
|
|
|
|
|
|
|
|
|
- name: initiate restic reposiotory
|
|
|
|
|
|
|
|
command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
|
|
|
|
|
|
|
|
run_once: true
|
|
|
|
|
|
|
|
- name: Create the backup script
|
|
|
|
|
|
|
|
ansible.builtin.template:
|
|
|
|
|
|
|
|
src: "backup.sh.j2"
|
|
|
|
|
|
|
|
dest: /root/backup.sh
|
|
|
|
|
|
|
|
mode: u+rwx
|
|
|
|
|
|
|
|
backup: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: setup CRON
|
|
|
|
|
|
|
|
ansible.builtin.cron:
|
|
|
|
|
|
|
|
name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
|
|
|
|
|
|
|
|
minute: 15
|
|
|
|
|
|
|
|
hour: 4
|
|
|
|
|
|
|
|
job: "/root/backup.sh"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- hosts: rpi
|
|
|
|
- hosts: rpi
|
|
|
|
become: yes
|
|
|
|
become: yes
|
|
|
|
become_user: root
|
|
|
|
become_user: root
|
|
|
@ -162,6 +146,7 @@
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
path: /etc/ssh/sshd_config
|
|
|
|
backup: yes
|
|
|
|
backup: yes
|
|
|
|
create: yes
|
|
|
|
create: yes
|
|
|
|
|
|
|
|
marker: "#{{SERVER_NAME}}"
|
|
|
|
block: |
|
|
|
|
block: |
|
|
|
|
Match User {{SERVER_NAME}}-backup
|
|
|
|
Match User {{SERVER_NAME}}-backup
|
|
|
|
ForceCommand internal-sftp
|
|
|
|
ForceCommand internal-sftp
|
|
|
@ -176,3 +161,24 @@
|
|
|
|
name: ssh
|
|
|
|
name: ssh
|
|
|
|
state: restarted
|
|
|
|
state: restarted
|
|
|
|
enabled: yes
|
|
|
|
enabled: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- hosts: yuno.sealcode.org
|
|
|
|
|
|
|
|
become: yes
|
|
|
|
|
|
|
|
become_user: root
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
|
|
|
|
- name: initiate restic reposiotory
|
|
|
|
|
|
|
|
command: restic init --password-file=/backup-pwd -r sftp:{{SERVER_NAME}}-backup@{{RPI_NAME}}:data
|
|
|
|
|
|
|
|
run_once: true
|
|
|
|
|
|
|
|
- name: Create the backup script
|
|
|
|
|
|
|
|
ansible.builtin.template:
|
|
|
|
|
|
|
|
src: "backup.sh.j2"
|
|
|
|
|
|
|
|
dest: /root/backup.sh
|
|
|
|
|
|
|
|
mode: u+rwx
|
|
|
|
|
|
|
|
backup: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: setup CRON
|
|
|
|
|
|
|
|
ansible.builtin.cron:
|
|
|
|
|
|
|
|
name: "nightly backup for {{SERVER_NAME}}_{{RPI_NAME}}"
|
|
|
|
|
|
|
|
minute: 15
|
|
|
|
|
|
|
|
hour: 4
|
|
|
|
|
|
|
|
job: "/root/backup.sh"
|
|
|
|