149 lines
4.7 KiB
YAML
149 lines
4.7 KiB
YAML
---
|
|
- name: Setup restic user and scripts.
|
|
hosts: all
|
|
become: yes
|
|
remote_user: ansible
|
|
gather_facts: false
|
|
|
|
|
|
tasks:
|
|
- name: Create Restic user
|
|
user:
|
|
name: restic
|
|
uid: 2001
|
|
group: users
|
|
state: present
|
|
create_home: yes
|
|
home: /home/restic
|
|
shell: /bin/bash
|
|
|
|
- name: Add key for Restic user
|
|
ansible.posix.authorized_key:
|
|
user: restic
|
|
state: present
|
|
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOsDIrV6QIMtpJFNpZEgHnkYgFC6OXMJQFc1JqrnpCzY fake@gmail.com"
|
|
|
|
- name: Copy restic.sh
|
|
copy:
|
|
dest: /home/restic/restic.sh
|
|
content: |
|
|
#!/bin/bash
|
|
|
|
# Check if a flag was passed
|
|
if [[ "$#" -lt 1 ]]; then
|
|
echo "Usage: $0 [--backup] [--forget] [--check]"
|
|
exit 1
|
|
fi
|
|
|
|
# Initialize variables
|
|
backup=false
|
|
forget=false
|
|
check=false
|
|
password=($cat ./.resticpassword)
|
|
# Parse arguments
|
|
for arg in "$@"
|
|
do
|
|
case $arg in
|
|
--backup)
|
|
backup=true
|
|
;;
|
|
--forget)
|
|
forget=true
|
|
;;
|
|
--check)
|
|
check=true
|
|
;;
|
|
*)
|
|
echo "Unknown argument: $arg"
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# Execute Restic commands based on flags
|
|
if $backup; then
|
|
echo "Backing up... to misamisa"
|
|
echo "Date: $(date '+%Y-%m-%d_%H-%M-%S')" # Add your Restic backup command here
|
|
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) backup ./
|
|
if [ $? -eq 0 ]; then
|
|
# If the exit status is 0 (success), send a success message
|
|
./discord.sh "$(hostname) backup complete"
|
|
else
|
|
# If the exit status is not 0 (failure), send a failure message
|
|
./discord.sh "$(hostname) Backup has failed"
|
|
fi
|
|
echo "Backup completed $(date '+%Y-%m-%d_%H-%M-%S')"
|
|
fi
|
|
|
|
if $forget; then
|
|
echo "Removing old backups..."
|
|
# Add your Restic forget command here
|
|
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) forget --keep-within-daily 7d --keep-within-weekly 1m --keep-within-monthly 1y
|
|
if [ $? -eq 0 ]; then
|
|
# If the exit status is 0 (success), send a success message
|
|
./discord.sh "$(hostname) forget command completed successfully"
|
|
else
|
|
# If the exit status is not 0 (failure), send a failure message
|
|
./discord.sh "$(hostname) forget command has failed"
|
|
fi
|
|
fi
|
|
|
|
if $check; then
|
|
echo "Checking backups..."
|
|
# Add your Restic check command here
|
|
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) check --read-data
|
|
if [ $? -eq 0 ]; then
|
|
# If the exit status is 0 (success), send a success message
|
|
./discord.sh "$(hostname) Restic Verification complete"
|
|
else
|
|
# If the exit status is not 0 (failure), send a failure message
|
|
./discord.sh "$(hostname) Restic Verification failed!! there is an issue"
|
|
fi
|
|
restic --password-file ./.resticpassword -r sftp:misamisa://home/restic/$(hostname) unlock
|
|
|
|
fi
|
|
owner: restic
|
|
group: users
|
|
mode: '0644'
|
|
|
|
- name: Copy discord.sh
|
|
copy:
|
|
dest: /home/restic/discord.sh
|
|
content: "{{ discord_webhook }}"
|
|
owner: restic
|
|
group: users
|
|
mode: '0644'
|
|
|
|
- name: Create SSH config file
|
|
copy:
|
|
dest: /home/restic/.ssh/config
|
|
content: |
|
|
Hostname misamisa.duckdns.org
|
|
Port 25456
|
|
User restic
|
|
IdentityFile vm
|
|
owner: restic
|
|
group: users
|
|
mode: '0644'
|
|
|
|
- name: Download restic bz2 file
|
|
get_url:
|
|
url: "https://github.com/restic/restic/releases/download/v0.17.1/restic_0.17.1_linux_amd64.bz2"
|
|
dest: "/tmp/restic.bz2"
|
|
mode: '0755'
|
|
|
|
- name: Extract restic bz2 file
|
|
ansible.builtin.command:
|
|
cmd: gunzip /tmp/restic.bz2 /tmp/restic
|
|
creates: /tmp/restic
|
|
|
|
- name: Move restic to /usr/bin/
|
|
copy:
|
|
src: "/tmp/restic.bz2"
|
|
dest: "/usr/bin/restic"
|
|
remote_src: yes
|
|
|
|
- name: Make restic executable
|
|
command: chmod +x /usr/bin/restic
|
|
args:
|
|
creates: /usr/bin/restic |