ryan/Terraform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

commit

Browse Source
This commit is contained in:
tolerryan
2024-10-20 03:14:52 -05:00
parent 687addc328
commit a81e9a26e3
2 changed files with 73 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/ind/bookstack/cron.vars
View File

@@ -2,7 +2,7 @@
job_name: "Daily /home/docker/ Backup" job_name: "Daily /home/docker/ Backup"
job_minute: "0" job_minute: "0"
job_hour: "2" job_hour: "2"
job_command: "/home/restic/restic.sh /home/docker/ backup" job_command: "/home/restic/restic.sh --backup /home/docker/"
#job_name: "Daily /data/app Backup" #job_name: "Daily /data/app Backup"
#job_minute: "0" #job_minute: "0"

87
roles/lib/setup-restic.yml
View File

@@ -17,12 +17,20 @@
home: /home/restic home: /home/restic
shell: /bin/bash shell: /bin/bash
- name: Add key for Restic user - name: Add Authorized key for Restic user
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: restic user: restic
state: present state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOsDIrV6QIMtpJFNpZEgHnkYgFC6OXMJQFc1JqrnpCzY fake@gmail.com" key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOsDIrV6QIMtpJFNpZEgHnkYgFC6OXMJQFc1JqrnpCzY fake@gmail.com"
- name: Install Restic Private key
copy:
dest: /home/restic/.ssh/resticuser.ed25519
content: "{{ restic_private }}"
owner: restic
group: users
mode: '0600'
- name: Copy restic.sh - name: Copy restic.sh
copy: copy:
dest: /home/restic/restic.sh dest: /home/restic/restic.sh
@@ -30,8 +38,8 @@
#!/bin/bash #!/bin/bash
# Check if a flag was passed # Check if a flag was passed
if [[ "$#" -lt 1 ]]; then if [[ "$#" -lt 2 ]]; then
echo "Usage: $0 [--backup] [--forget] [--check]" echo "Usage: $0 [--backup] [--forget] [--check] [--init] dirtobackup"
exit 1 exit 1
fi fi
@@ -39,32 +47,56 @@
backup=false backup=false
forget=false forget=false
check=false check=false
init=false
password=($cat ./.resticpassword) password=($cat ./.resticpassword)
last_arg=""
# Parse arguments # Parse arguments
for arg in "$@" case $1 in
do
case $arg in
--backup) --backup)
backup=true backup=true
shift
;; ;;
--forget) --forget)
forget=true forget=true
shift
;; ;;
--check) --check)
check=true check=true
shift
;;
--init)
init=true
shift
;; ;;
*) *)
echo "Unknown argument: $arg" echo "Usage: $0 [--backup] [--forget] [--check] [--init] dirtobackup"
exit 1
;; ;;
esac esac
done
# Check if last argument is valid
last_arg=$1
if [ -n "$last_arg" ]; then
if [ -d "$last_arg" ]; then
#Last argument is a directory: $last_arg
backupdir=$last_arg
elif [ -f "$last_arg" ]; then
#Last argument is a file: $last_arg
backupdir=$last_arg
else
echo "Last argument is neither a directory nor a file: $last_arg"
fi
else
echo "No valid argument provided after options"
fi
# Execute Restic commands based on flags # Execute Restic commands based on flags
if $backup; then if $backup; then
echo "Backing up... to misamisa" echo "Backing up... to misamisa"
echo "Date: $(date '+%Y-%m-%d_%H-%M-%S')" # Add your Restic backup command here echo "Date: $(date '+%Y-%m-%d_%H-%M-%S')" # Add your Restic backup command here
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) backup ./ restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname)/$backup backup $backupdir
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
# If the exit status is 0 (success), send a success message # If the exit status is 0 (success), send a success message
./discord.sh "$(hostname) backup complete" ./discord.sh "$(hostname) backup complete"
@@ -78,7 +110,7 @@
if $forget; then if $forget; then
echo "Removing old backups..." echo "Removing old backups..."
# Add your Restic forget command here # Add your Restic forget command here
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) forget --keep-within-daily 7d --keep-within-weekly 1m --keep-within-monthly 1y restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname)/$backupdir forget --keep-within-daily 7d --keep-within-weekly 1m --keep-within-monthly 1y
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
# If the exit status is 0 (success), send a success message # If the exit status is 0 (success), send a success message
./discord.sh "$(hostname) forget command completed successfully" ./discord.sh "$(hostname) forget command completed successfully"
@@ -91,7 +123,7 @@
if $check; then if $check; then
echo "Checking backups..." echo "Checking backups..."
# Add your Restic check command here # Add your Restic check command here
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) check --read-data restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname)/$backupdir check --read-data
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
# If the exit status is 0 (success), send a success message # If the exit status is 0 (success), send a success message
./discord.sh "$(hostname) Restic Verification complete" ./discord.sh "$(hostname) Restic Verification complete"
@@ -99,9 +131,26 @@
# If the exit status is not 0 (failure), send a failure message # If the exit status is not 0 (failure), send a failure message
./discord.sh "$(hostname) Restic Verification failed!! there is an issue" ./discord.sh "$(hostname) Restic Verification failed!! there is an issue"
fi fi
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) unlock restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname)/$backupdir unlock
fi fi
if $init; then
echo "Init backup..."
# Generate password
if [[ -z $(grep '[^[:space:]]' ./.resticpassword) ]] ; then
echo "Password file empty. generating passwordwq"
tr -dc A-Za-z0-9 </dev/urandom | head -c 25 > ./.resticpassword
fi
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname)/$backupdir init
if [ $? -eq 0 ]; then
# If the exit status is 0 (success), send a success message
./discord.sh "$(hostname) Restic Init complete for $(hostname)"
else
# If the exit status is not 0 (failure), send a failure message
./discord.sh "$(hostname) Restic init failed!! there is an issue on $(hostname)"
fi
fi
owner: restic owner: restic
group: users group: users
mode: '0755' mode: '0755'
@@ -112,7 +161,7 @@
content: "{{ discord_webhook }}" content: "{{ discord_webhook }}"
owner: restic owner: restic
group: users group: users
mode: '0644' mode: '0755'
- name: Create SSH config file - name: Create SSH config file
copy: copy:
@@ -121,11 +170,19 @@
Hostname misamisa.duckdns.org Hostname misamisa.duckdns.org
Port 25456 Port 25456
User restic User restic
IdentityFile vm IdentityFile /home/restic/.ssh/resticuser.ed25519
owner: restic owner: restic
group: users group: users
mode: '0644' mode: '0644'
- name: Add known host entry for misamisa
ansible.builtin.known_hosts:
path: /etc/ssh/ssh_known_hosts
key: "{{ lookup('pipe', 'ssh-keyscan misamisa.duckdns.org') }}"
name: misamisa.duckdns.org
state: present
- name: Download restic bz2 file - name: Download restic bz2 file
get_url: get_url:
url: "https://github.com/restic/restic/releases/download/v0.17.1/restic_0.17.1_linux_amd64.bz2" url: "https://github.com/restic/restic/releases/download/v0.17.1/restic_0.17.1_linux_amd64.bz2"