diff options
| author | Colin Wilk <colin.wilk@tum.de> | 2023-11-03 19:45:20 +0100 |
|---|---|---|
| committer | Colin Wilk <colin.wilk@tum.de> | 2023-11-04 14:02:38 +0100 |
| commit | 50a2795c3a6c72203262400db5029f5afdf1d49c (patch) | |
| tree | db1476895f9e0a4f1ed7c393c5b58e5d4a85d862 /defaults | |
| parent | abc40a024ea6ee1d2e3db642b56c6b27a603bb2f (diff) | |
| download | ansible-role-borgbackup-50a2795c3a6c72203262400db5029f5afdf1d49c.tar.gz ansible-role-borgbackup-50a2795c3a6c72203262400db5029f5afdf1d49c.zip | |
Migrate role from cron to systemd
Systemd gives us the ability to monitor backup job status using existing
monitoring solutions (node exporter) and allows us greater control over
the scheduling of the backup jobs.
This introduces a breaking change that requires users to manually remove
the old repositories from the clients and redeploying them with the
role. You will have to remove the Cron job that was created by the
Ansible script, everything else will be overwritten with a run from the
newer version.
- name: Remove backup cron jobs
ansible.builtin.cron:
name: BORG (Application level backups)
state: absent
become: true
- name: Remove env for backup cron job
ansible.builtin.cron:
name: BORG_PASSPHRASE
env: true
state: absent
become: true
Performing manual migrations on the Borg server is not required.
We now additionally support multiple Borg repositories per client host
using the `borg_backup_argument` variable.
Signed-off-by: Colin Wilk <colin.wilk@tum.de>
Diffstat (limited to 'defaults')
| -rw-r--r-- | defaults/main.yml | 55 |
1 files changed, 39 insertions, 16 deletions
diff --git a/defaults/main.yml b/defaults/main.yml index fa8190d..c915ef9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -77,7 +77,7 @@ borg_backup_name_format: '{hostname}-{now:%Y-%m-%dT%H:%M:%S}' # https://borgbackup.readthedocs.io/en/stable/usage/help.html#borg-help-compression borg_compression: zstd -# This is a list of files and directories to be backed up in the cron job. +# This is a list of files and directories to be backed up in the systemd job. # In case you leave this empty, the role will not create an automatic backup job borg_included_dirs: [] @@ -92,7 +92,7 @@ borg_excluded_dirs: [] # By default the role is configured to only use an encryption key with no # passphrase. This allows it to use the borgs command on the machine without any # haste. If you wish to enable the borg passphrase you can do so here. Note that -# The passphrase will be stored in plaintext inside the cron job. +# The passphrase will be stored in plaintext inside the backup script. # For more information about the borg passphrase see # https://borgbackup.readthedocs.io/en/stable/quickstart.html#passphrase-notes borg_passphrase: '' @@ -109,17 +109,40 @@ borg_passphrase: '' # management system. borg_decryption_keys_yaml_path: '{{ inventory_dir }}/decryption_keys.yml' -# Define the cron values for the automatic backup job as specified in the cron -# module. -# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/cron_module.html -# Values that are not specified are omitted -# borg_cron_time: -# minute: -# hour: -# weekday: -# day: -# month: -# special_time: -borg_cron_time: - minute: 0 - hour: 3 +# The role creates a script for backing up with the configured parameters that +# the regular systemd service then executes. This specifies the default location +# and name where the script is stored. By default, we store it as +# `/usr/local/bin/run_borg_backup` so that you can run `run_borg_backup` from +# your shell to create manual backups. +# When you use multiple backups, this script will trigger all of them. You can +# trigger them individually by calling +# {{ borg_backup_script_location }}@{{ borg_backup_argument }}. +# See: `borg_backup_argument` variable. +borg_backup_script_location: /usr/local/bin/run_borg_backup + +# Name of the systemd timer that is created for the borg service. +# The borg backup argument is appended to the timer name, meaning the timer will +# be called {{ borg_backup_timer_name }}@{{ borg_backup_argument }} +borg_backup_timer_name: borg_backup + +# Name of the systemd service that is created for the borg service. +# The borg backup argument is appended to the service name, meaning the service +# will be called {{ borg_backup_service_name }}@{{ borg_backup_argument }} +borg_backup_service_name: borg_backup + +# The backup argument is appended to systemd timer / systemd service and the +# backup script. It is used to distinguish backup targets from one another +# meaning it should be unique per target. +# By default, we use borg_server_host_url, which is fine as long as you don't +# need multiple backup repositories from the same client on the same server. +borg_backup_argument: '{{ borg_server_host_url }}' + +# Configures the systemd timer for how regularly to run the backup. By default, +# the backup will run every night attacker 2AM. For more information on how to +# configure this, see: systemd.timer(5) +borg_systemd_oncalendar: '*-*-* 02:00:00' + +# Specify the accuracy the timer shall elapse with. By default, we use 60min +# to distribute the load on the backup server. For more information on how to +# configure this see: systemd.timer(5) +borg_systemd_accuracysec: 60min |