homelab/roles/backups/tasks/main.yml

71 lines
2.2 KiB
YAML

- name: Copy pgpass file
become: true
ansible.builtin.template:
src: pgpass.j2
dest: /root/.pgpass
mode: "0600"
owner: root
- name: Create restic cache volume
become: true
community.docker.docker_volume:
name: restic-cache
- name: Run backup container
become: true
community.docker.docker_container:
name: restic-1
image: git.comfycamp.space/lumin/restic:0.17.3
hostname: restic-1
env:
AWS_ACCESS_KEY_ID: "{{ s3_access_key_id }}"
AWS_SECRET_ACCESS_KEY: "{{ s3_secret_access_key }}"
AWS_DEFAULT_REGION: "{{ s3_region }}"
RESTIC_REPOSITORY: s3:https://{{ s3_host }}/{{ s3_bucket }}
RESTIC_PASSWORD: "{{ restic_password }}"
networks:
- name: postgresql
entrypoint: ["sleep"]
command: ["infinity"]
volumes:
- restic-cache:/root/.cache/restic
- /root/.pgpass:/root/.pgpass:ro
- /mnt/hdd/archivebox-data:/data/archivebox:ro
- archivebox:/data/docker/archivebox:ro
- authentik-media:/data/docker/authentik-media:ro
- authentik-certs:/data/docker/authentik-certs:ro
- comfycamp:/data/docker/comfycamp:ro
- forgejo:/data/docker/forgejo:ro
- freshrss:/data/docker/freshrss:ro
- /mnt/hdd/immich:/data/immich:ro
- jellyfin-config:/data/docker/jellyfin-config:ro
- maddy:/data/docker/maddy:ro
- /mnt/hdd/mastodon:/data/mastodon:ro
- minecraft:/data/docker/minecraft:ro
- grafana:/data/docker/grafana:ro
- prometheus:/data/docker/prometheus:ro
- uptime-kuma:/data/docker/uptime-kuma:ro
- nextcloud:/data/docker/nextcloud:ro
- /mnt/hdd/nextcloud:/data/nextcloud:ro
- /mnt/hdd/peertube:/data/peertube:ro
- phoenix:/data/docker/phoenix:ro
- prosody:/data/docker/prosody:ro
- synapse:/data/docker/synapse:ro
- vaultwarden:/data/docker/vaultwarden:ro
- name: Install shellcheck
become: true
ansible.builtin.apt:
name: shellcheck
- name: Copy backup script
become: true
ansible.builtin.template:
src: backup.sh.j2
dest: /root/backup.sh
mode: "0700"
owner: root
validate: shellcheck %s
- name: Configure backup job
become: true
ansible.builtin.cron:
name: backups
minute: "35"
hour: "0"
job: /root/backup.sh