44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
# IMPORTANT: Inventory file for pubnix is stored in semaphore, not inventory.yml
|
|
---
|
|
- name: Borgmatic Setup
|
|
hosts: pubnix
|
|
vars:
|
|
bkp_source_directories:
|
|
- /usr
|
|
- /var
|
|
- /root
|
|
- /boot
|
|
- /etc
|
|
- /configs
|
|
- /aquota.user
|
|
- /aquota.group
|
|
- /home
|
|
- /nix
|
|
bkp_exclude_patterns:
|
|
- /var/log
|
|
bkp_hc_uuid: 94c410f3-22f4-49f6-9f7f-e6f7b6409ced
|
|
tasks:
|
|
- name: "Remove useless passphrase line (runs after borgmatic role)"
|
|
ansible.builtin.lineinfile:
|
|
dest: "/etc/borgmatic/config.yaml"
|
|
state: "absent"
|
|
regexp: "^.*encryption_passphrase"
|
|
roles:
|
|
- role: borgbase.ansible_role_borgbackup
|
|
borg_repository:
|
|
- ssh://zh3117@zh3117.rsync.net/data1/home/zh3117/backups/pubnix
|
|
borg_source_directories: "{{bkp_source_directories}}"
|
|
borg_exclude_patterns: "{{bkp_exclude_patterns}}"
|
|
borg_remote_path: /usr/local/bin/borg_1.2.4/borg1
|
|
borgmatic_hooks:
|
|
healthchecks:
|
|
ping_url: https://healthchecks.projectsegfau.lt/ping/{{bkp_hc_uuid}}
|
|
states:
|
|
- finish
|
|
borg_retention_policy:
|
|
keep_daily: 7
|
|
keep_weekly: 4
|
|
keep_monthly: 3
|
|
# very secure I know; it has to be plain text anyway for automated backups, unless there is a better way (in which case please email me@aryak.me)
|
|
borg_encryption_passcommand: "cat /etc/borgmatic/passphrase"
|