45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
---
|
|
- name: Borgmatic Setup
|
|
hosts: pubnix
|
|
vars:
|
|
bkp_source_directories:
|
|
- /usr
|
|
- /var
|
|
- /root
|
|
- /boot
|
|
- /etc
|
|
- /configs
|
|
- /aquota.user
|
|
- /aquota.group
|
|
- /home
|
|
- /nix
|
|
- /opt
|
|
bkp_exclude_patterns: [/var/log, /var/soju/main.db]
|
|
bkp_hc_uuid: 94c410f3-22f4-49f6-9f7f-e6f7b6409ced
|
|
tasks:
|
|
- name: Remove useless passphrase line (runs after borgmatic role)
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/borgmatic/config.yaml
|
|
state: absent
|
|
regexp: ^.*encryption_passphrase
|
|
roles:
|
|
- role: borgbase.ansible_role_borgbackup
|
|
borg_repository:
|
|
- ssh://zh6265@zh6265.rsync.net/data1/home/zh6265/backups/pubnix
|
|
borg_source_directories: "{{bkp_source_directories}}"
|
|
borg_exclude_patterns: "{{bkp_exclude_patterns}}"
|
|
borg_remote_path: /usr/local/bin/borg_1.2.4/borg1
|
|
borgmatic_hooks:
|
|
sqlite_databases:
|
|
- name: soju
|
|
path: /var/soju/soju.db
|
|
healthchecks:
|
|
ping_url: https://healthchecks.projectsegfau.lt/ping/{{bkp_hc_uuid}}
|
|
states: [finish]
|
|
borg_retention_policy:
|
|
keep_daily: 4
|
|
keep_weekly: 2
|
|
keep_monthly: 2
|
|
# very secure I know; it has to be plain text anyway for automated backups, unless there is a better way (in which case please email me@aryak.me)
|
|
borg_encryption_passcommand: cat /etc/borgmatic/passphrase
|