ctucx.git: ansible-configs

My personal ansible roles and playbooks

commit 9716657b52e049dad4b79a161258b0b7e27c476f
parent fb7093f78bf0e96bcacf958cbf37ed75e6a19b27
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 6 May 2021 12:00:11 +0200

configuration/{osterei,quitschi}: automatic backups to desastro AND lollo
4 files changed, 74 insertions(+), 58 deletions(-)
M
roles/backup/tasks/osterei.yml
|
11
+++++++----
M
roles/backup/tasks/quitschi.yml
|
11
+++++++----
M
scripts/restic-backup/osterei.sh
|
63
++++++++++++++++++++++++++++++++++-----------------------------
M
scripts/restic-backup/quitschi.sh
|
47
++++++++++++++++++++++++++---------------------
diff --git a/roles/backup/tasks/osterei.yml b/roles/backup/tasks/osterei.yml
@@ -1,12 +1,15 @@
 ---
 
-- name: create password file for rest-server
+- name: create password file(s) for rest-server
   copy:
-    content: "{{ lookup('community.general.passwordstore', 'Server/desastro/rest-server.plain returnall=true')}}"
-    dest:    /var/lib/restic-password
-    mode:    0755
+    content: "{{ lookup('community.general.passwordstore', 'Server/{{item}}/rest-server.plain returnall=true')}}"
+    dest:    "/var/lib/restic-password-{{item}}"
+    mode:    0700
     owner:   root
     group:   root
+  loop:
+    - desastro
+    - lollo
 
 - name: create password files for services
   copy:
diff --git a/roles/backup/tasks/quitschi.yml b/roles/backup/tasks/quitschi.yml
@@ -1,12 +1,15 @@
 ---
 
-- name: create password file for rest-server
+- name: create password file(s) for rest-server
   copy:
-    content: "{{ lookup('community.general.passwordstore', 'Server/desastro/rest-server.plain returnall=true')}}"
-    dest:    /var/lib/restic-password
-    mode:    0755
+    content: "{{ lookup('community.general.passwordstore', 'Server/{{item}}/rest-server.plain returnall=true')}}"
+    dest:    "/var/lib/restic-password-{{item}}"
+    mode:    0700
     owner:   root
     group:   root
+  loop:
+    - desastro
+    - lollo
 
 - name: create password files for services
   copy:
diff --git a/scripts/restic-backup/osterei.sh b/scripts/restic-backup/osterei.sh
@@ -1,38 +1,43 @@
 #!/usr/bin/env sh
 
 echo "Last run: $(date -R)" > /root/backup.last-run 
-echo "Status:" >> /root/backup.last-run
 
-#backup services
-for service in pleroma radicale synapse git maddy oeffisearch
+for backupTarget in desastro lollo
 do
-  sudo -u $service restic init --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-$service
-  sudo -u $service restic backup --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-$service /var/lib/$service
+  echo "Backing up to: $backupTarget"  >> /root/backup.last-run
+  echo "Status:" >> /root/backup.last-run
+  #backup services
+  for service in pleroma radicale synapse git maddy oeffisearch
+  do
+    sudo -u $service restic init --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-$service
+    sudo -u $service restic backup --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-$service /var/lib/$service
+    if [ $? -eq 0 ]; then
+    	echo "$service: OK" >> /root/backup.last-run
+    else 
+    	echo "$service: FAIL" >> /root/backup.last-run
+    fi
+  done
+
+  #backup websites
+  sudo -u leah restic init --password-file /var/lib/websites/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-websites
+  sudo -u leah restic backup --password-file /var/lib/websites/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-websites /var/lib/websites --exclude /var/lib/websites/photos.ctu.cx
   if [ $? -eq 0 ]; then
-  	echo "$service: OK" >> /root/backup.last-run
+    echo "websites: OK" >> /root/backup.last-run
   else 
-  	echo "$service: FAIL" >> /root/backup.last-run
+    echo "websites: FAIL" >> /root/backup.last-run
   fi
-done
 
-#backup websites
-sudo -u leah restic init --password-file /var/lib/websites/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-websites
-sudo -u leah restic backup --password-file /var/lib/websites/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-websites /var/lib/websites --exclude /var/lib/websites/photos.ctu.cx
-if [ $? -eq 0 ]; then
-  echo "websites: OK" >> /root/backup.last-run
-else 
-  echo "websites: FAIL" >> /root/backup.last-run
-fi
-
-#backup postgres
-SQLFILE=/var/lib/postgresql/backup/postgres.sql
-sudo -u postgres mkdir /var/lib/postgresql/backup
-sudo -u postgres sh -c "pg_dumpall > $SQLFILE"
-sudo -u postgres restic init --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-postgres
-sudo -u postgres restic backup --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-postgres /var/lib/postgresql/backup
-if [ $? -eq 0 ]; then
-  echo "postgres: OK" >> /root/backup.last-run
-else 
-  echo "postgres: FAIL" >> /root/backup.last-run
-fi
-sudo -u postgres rm -rf /var/lib/postgresql/backup
+  #backup postgres
+  SQLFILE=/var/lib/postgresql/backup/postgres.sql
+  sudo -u postgres mkdir /var/lib/postgresql/backup
+  sudo -u postgres sh -c "pg_dumpall > $SQLFILE"
+  sudo -u postgres restic init --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-postgres
+  sudo -u postgres restic backup --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-postgres /var/lib/postgresql/backup
+  if [ $? -eq 0 ]; then
+    echo "postgres: OK" >> /root/backup.last-run
+  else 
+    echo "postgres: FAIL" >> /root/backup.last-run
+  fi
+  sudo -u postgres rm -rf /var/lib/postgresql/backup
+  echo ""  >> /root/backup.last-run 
+done
diff --git a/scripts/restic-backup/quitschi.sh b/scripts/restic-backup/quitschi.sh
@@ -1,29 +1,33 @@
 #!/usr/bin/env sh
 
 echo "Last run: $(date -R)" > /root/backup.last-run 
-echo "Status:" >> /root/backup.last-run
 
-#backup services
-for service in synapse
+for backupTarget in desastro lollo
 do
-  sudo -u $service restic init --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-$service
-  sudo -u $service restic backup --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-$service /var/lib/$service
+  echo "Backing up to: $backupTarget"  >> /root/backup.last-run
+  echo "Status:" >> /root/backup.last-run
+  #backup services
+  for service in synapse
+  do
+    sudo -u $service restic init --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-$service
+    sudo -u $service restic backup --password-file /var/lib/$service/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-$service /var/lib/$service
+    if [ $? -eq 0 ]; then
+    	echo "$service: OK" >> /root/backup.last-run
+    else 
+    	echo "$service: FAIL" >> /root/backup.last-run
+    fi
+  done
+
+  #backup postgres
+  SQLFILE=/var/lib/postgresql/backup/postgres.sql
+  sudo -u postgres mkdir /var/lib/postgresql/backup
+  sudo -u postgres sh -c "pg_dumpall > $SQLFILE"
+  sudo -u postgres restic init --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-postgres
+  sudo -u postgres restic backup --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password-$backupTarget)@restic.$backupTarget.ctu.cx/$(hostname)-postgres /var/lib/postgresql/backup
   if [ $? -eq 0 ]; then
-  	echo "$service: OK" >> /root/backup.last-run
+    echo "postgres: OK" >> /root/backup.last-run
   else 
-  	echo "$service: FAIL" >> /root/backup.last-run
+    echo "postgres: FAIL" >> /root/backup.last-run
   fi
-done
-
-#backup postgres
-SQLFILE=/var/lib/postgresql/backup/postgres.sql
-sudo -u postgres mkdir /var/lib/postgresql/backup
-sudo -u postgres bash -c "pg_dumpall > $SQLFILE"
-sudo -u postgres restic init --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-postgres
-sudo -u postgres restic backup --password-file /var/lib/postgresql/restic-password --repo rest:https://restic:$(cat /var/lib/restic-password)@restic.ctu.cx/$(hostname)-postgres /var/lib/postgresql/backup
-if [ $? -eq 0 ]; then
-  echo "postgres: OK" >> /root/backup.last-run
-else 
-  echo "postgres: FAIL" >> /root/backup.last-run
-fi
-sudo -u postgres rm -rf /var/lib/postgresql/backup
+  sudo -u postgres rm -rf /var/lib/postgresql/backup
+done+
\ No newline at end of file