ansible/duplicity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
18 commits 1 branch 0 tags 53 KiB
  • Jinja 100%
Find a file
Exact
Paul Rudnitskiy 8e6d2a3a3c delegate pt1
2019-12-04 22:52:51 +01:00
.github init 2019-09-11 16:31:56 +02:00
defaults delegate pt1 2019-12-04 22:52:51 +01:00
handlers init 2019-09-11 16:31:56 +02:00
meta delegate pt1 2019-12-04 22:52:51 +01:00
molecule init 2019-09-11 16:31:56 +02:00
tasks delegate pt1 2019-12-04 22:52:51 +01:00
templates delegate pt1 2019-12-04 22:52:51 +01:00
vars init 2019-09-11 16:31:56 +02:00
.ansible-lint init 2019-09-11 16:31:56 +02:00
.cookiecutter.yml init 2019-09-11 16:31:56 +02:00
.gitignore init 2019-09-11 16:31:56 +02:00
.gitlab-ci.yml init 2019-09-11 16:31:56 +02:00
.travis.yml init 2019-09-11 16:31:56 +02:00
.yamllint init 2019-09-11 16:31:56 +02:00
LICENSE init 2019-09-11 16:31:56 +02:00
README.md readme 2019-10-15 19:19:34 +03:00
requirements.yml init 2019-09-11 16:31:56 +02:00

README.md

logan.duplicity role

License Build Status Build Status Galaxy Ansible Ansible

This role installs duplicity and configures backup programmatical way. All you need is to set variables (examples below). You must have a place where to store backups you made. Keeping backups locally on system you're backing up is not recommended.

This role designed and made relativle simple (dumb simple), because backups are important so it's better to be clear with it.

This role not provides GPG management. You must to install and manage GPG keys by you own

Requirements

This role is full all-in-one. If you want to use GPG keys to encrypt backups - you should install gpg software and generate key by yourself, role will not do it.

Role Variables

Most of the job parameters is inherited from defaults, so you can setup defaults and then use only mandatory params.

Role defaults

  • duplicity_archive_dir_prefix - where to store metadata. Metadata contains information about file backed up so you need to access it on each backup or restore
  • duplicity_log_dir_prefix - where to store logs
  • duplicity_run_dir_prefix - where to store scripts
  • duplicity_verbosity - log level
  • duplicity_encryption - encryption structure. Default is false, means no encryption ** enckey - encryption key id ** signkey - sign key id. default is encryption key id.
  • duplicity_compress - use compression. Can be disabled if you're backing up data which is already compressed (such as images or movies)
  • duplicity_runas - user who will run scripts
  • duplicity_use_s3 - if true - adds S3-specified settings to job.
  • duplicity_clean_keep - how many full backups to keep.
  • duplicity_schedule_defaults - schedule to run. Used for cron so cron syntax is avaliable

Job definition

Each job contains a lot of setting which you can rewrite to achive maximum flexibility and usage.

Required job params:

  • name - job name
  • src - source to backup
  • dest - destination where backup stored. Duplicity url syntax must be used

Yep. That's all which is mandatory

Optional job params:

  • verbosity - log level
  • volsize - volume size in megabytes. Default is 128Mb.
  • full_if_older - make full backup if other is older that. Default is 7D
  • num_retries - how many retries to take to upload volume. Default is 3.
  • encryption - use encryption. Default is false. You can see the structure in duplicity_encryption above.
  • compress - use compression. Default is true
  • keep_full - how many full backups to keep. Default is 4.
  • runas - run as user. Deafult is root
  • use_s3 - use S3 for this job. Default is false
  • schedule - schedule to run backup. See description below. Default is 4:10 AM every day.
  • global_pre - script which will run before all jobs (backup, restore, status). For example - AWS creds unlock.
  • global_post - script which will run after all jobs (backup, restore, status).
  • backup_pre - script which will run before backup. For example - dump database.
  • backup_post - script which will run after backup. For example - dump cleanup.

Schedule

Duplicity runs using cron so the cron syntax is supported in schdeule structure. You can use rich templates such as "*/3" or "1,3,5"

Structure elements:

  • hour - hour to run
  • minute - minute to run
  • day - days of month to run
  • dow - days of week to run

Dependencies

No depedencies for this role.

Example Playbook

The easiest way to use role - backup

- name: backup for 127.0.0.1
  hosts: 127.0.0.1
  vars:
    - duplicity_encryption:
    - duplicity_jobs:
        - name: etc
          src: /etc
          dest: file:///var/duplicity-backups/etc
  roles:
    - logan.duplicity

Each job have four required parameters:

  • name
  • src (what to backup)
  • dest (where to backup)
  • when (when to backup)

More complex example - S3 and GPG, runs each even day.

- name: make dict combined
  hosts: 127.0.0.1
  connection: local
  gather_facts: no
  vars:
    - duplicity_runas: logan
    - duplicity_encryption:
        enckey: ABC123
    - duplicity_global_pre: |
        export AWS_ACCESS_KEY_ID="AAAAAAAA"
        export AWS_SECRET_ACCESS_KEY="YYYYYYYYYYYYYYYYYYYYYYY"
        export PASSPHRASE="FFFFFFFFFFF"
    - duplicity_global_post: |
        unset AWS_ACCESS_KEY_ID
        unset AWS_SECRET_ACCESS_KEY
        unset PASSPHRASE
    - duplicity_jobs:
        - name: etc
          src: /etc
          dest: s3://backup-store-spb.prudnitskiy.pro/backup-core-zoo/etc/
          schedule:
            hour: 5
            days: */2
  roles:
    - duplicity

License

GPLv3

Author Information

authors: