diff --git a/roles/backups/tasks/main.yml b/roles/backups/tasks/main.yml index 28a795e..8c0a3f2 100644 --- a/roles/backups/tasks/main.yml +++ b/roles/backups/tasks/main.yml @@ -13,14 +13,12 @@ become: true community.docker.docker_container: name: postgresql-backuper-1 - image: git.comfycamp.space/lumin/postgresql-backuper:v0.0.3 + image: git.comfycamp.space/lumin/postgres:16.4-bookworm + entrypoint: ["sleep"] + command: ["infinity"] volumes: - postgresql-backups:/backups - /root/.pgpass:/root/.pgpass:ro - env: - CUSTOM_ARGS: "-U postgres -h postgresql --no-password" - BACKUPS_DIR: /backups - BACKUP_INTERVAL: 24h networks: - name: postgresql restart_policy: unless-stopped @@ -74,11 +72,17 @@ - prosody:/data/docker/prosody:ro - synapse:/data/docker/synapse:ro - vaultwarden:/data/docker/vaultwarden:ro -- name: Configure postgresql cron job +- name: Copy backup script + become: true + ansible.builtin.template: + src: backup.sh.j2 + dest: /root/backup.sh + mode: "0700" + owner: root +- name: Configure backup job become: true ansible.builtin.cron: - name: restic-postgresql + name: backups minute: "35" - hour: "*/24" - job: "docker exec restic-1 restic --repo s3:https://{{ s3_host }}/{{ s3_buckets }} -o s3.bucket-lookup=dns backup /data/postgresql" - user: root + hour: "0" + job: /root/backup.sh diff --git a/roles/backups/templates/backup.sh.j2 b/roles/backups/templates/backup.sh.j2 new file mode 100644 index 0000000..1642da1 --- /dev/null +++ b/roles/backups/templates/backup.sh.j2 @@ -0,0 +1,7 @@ +#!/bin/sh + +set -e + +docker exec postgresql-backuper-1 pg_dumpall -U postgres -h postgresql --no-password -f /backups/postgresql.sql +docker exec restic-1 restic --repo s3:https://{{ s3_host }}/{{ s3_bucket }} -o s3.bucket-lookup=dns backup /data/postgresql +docker exec restic-1 restic --repo s3:https://{{ s3_host }}/{{ s3_bucket }} -o s3.bucket-lookup=dns forget --keep-daily 7 --keep-weekly 2 diff --git a/roles/backups/vars/main.yml b/roles/backups/vars/main.yml index ce84066..92db1d2 100644 --- a/roles/backups/vars/main.yml +++ b/roles/backups/vars/main.yml @@ -1,3 +1,3 @@ s3_region: ru-1 s3_host: s3.ru-1.storage.selcloud.ru -s3_buckets: cc-backups +s3_bucket: cc-backups