Configures borg server per https://borgbackup.readthedocs.io/en/stable/deployment/central-backup-server.html
Example of usage:
Simple
vars:
box_borg_clients:
- name: server_1
key: "{{ lookup('file', '/path_to_pub_key/server_1.pub') }}"
- name: server_2
key: "{{ lookup('file', '/path_to_pub_key/server_2.pub') }}"
append_only: true
roles:
- {
role: "sa_borg_server",
borg_clients: "{{ box_borg_clients }}"
}
Advanced
vars:
box_borg_clients:
- name: server_1
key: "{{ lookup('file', '/path_to_pub_key/server1_rsa.pub') }}"
- name: server_2
key: "{{ lookup('file', '/path_to_pub_key/server2_rsa.pub') }}"
append_only: true
roles:
- {
role: "sa_borg_server",
borg_clients: "{{ box_borg_clients }}"
}
If for any reason you want to install package using python , you would need following deps:
- python3
- python3-dev
- python3-pip
- python-virtualenv
- libffi-dev
- libssl-dev
- openssl
- libacl1-dev
- libacl1
- build-essential
- libfuse-dev
- fuse
- pkg-config
# Custom notification backend (optional) https://github.com/dschep/ntfy
pip3 install --upgrade ntfy[pid,emoji,xmpp,telegram,instapush,slack,rocketchat]
# Borgmatic itself
pip3 install --upgrade borgmatic
install client borg (recommended as self contained binary)
sudo curl -sLo /usr/bin/borg https://github.com/borgbackup/borg/releases/download/1.1.15/borg-linux64
sudo chmod +x /usr/bin/borg
curl -sLo ~/dotfiles/bin/borg https://github.com/borgbackup/borg/releases/download/1.1.15/borg-linux64 chmod +x ~/dotfiles/bin/borg
depending on your scenario you are about to install it either to some user (recommended), or directly to root - if you are dealing with multiple user system, and do not want to deal with granting access to "backup" group.
You can also install both tools locally for current user (i.e. including "--user") if needed.
Next step would be either render or generate config.
sudo generate-borgmatic-config --destination /etc/borgmatic/config.yaml
You may find yourself wanting to create different backup policies for different applications on your system. For instance, you may want one backup configuration for your database data directory, and a different configuration for your user home directories.
The way to accomplish that is pretty simple: Create multiple separate configuration files and place each one in a /etc/borgmatic.d/ directory. For instance:
sudo mkdir /etc/borgmatic.d
sudo generate-borgmatic-config --destination /etc/borgmatic.d/app1.yaml
sudo generate-borgmatic-config --destination /etc/borgmatic.d/app2.yaml
If you encrypt your Borg repository with a passphrase or a key file, you'll either need to set the borgmatic encryption_passphrase configuration variable or set the BORG_PASSPHRASE environment variable.
If you'd like to validate that your borgmatic configuration is valid, the following command is available for that:
sudo validate-borgmatic-config -c path-to-config-folder/
This command's exit status ($? in Bash) is zero when configuration is valid and non-zero otherwise.
Configuring ntfy:
echo -e 'backends: ["pushover"]\npushover: {"user_key": "t0k3n"}' > ~/.ntfy.yml
or in extended form, ntfy config looks like
---
backends:
- pushover
pushover:
user_key: hunter2
pushbullet:
access_token: hunter2
simplepush:
key: hunter2
slack:
token: slacktoken
recipient: "#slackchannel"
xmpp:
jid: "[email protected]"
password: "xxxx"
mtype: "chat"
recipient: "[email protected]"
before running first backup, you need to initialize repo, kind of (set enryption on for prod use)
borg init [email protected]:/opt/borg/repos/rocketracoon/sample --encryption none
You would need client tools installed, like
apt install postgresql-client-9.6
for ubuntu:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | \
sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main" >> /etc/apt/sources.list.d/postgresql.list'
sudo apt update
sudo apt install postgresql-client-9.6
If you installed the sa_borg_server
role using the command
ansible-galaxy install softasap.sa_borg_server
the role will be available in the folder softasap.sa_borg_server
Please adjust the path accordingly.
- {
role: "softasap.sa_borg_server"
}
Code is dual licensed under the [BSD 3 clause] (https://opensource.org/licenses/BSD-3-Clause) and the [MIT License] (http://opensource.org/licenses/MIT). Choose the one that suits you best.
Reach us:
Subscribe for roles updates at [FB] (https://www.facebook.com/SoftAsap/)
Join gitter discussion channel at Gitter
Discover other roles at http://www.softasap.com/roles/registry_generated.html
visit our blog at http://www.softasap.com/blog/archive.html