Add Synapse backup tasks.
This commit is contained in:
parent
1408698d53
commit
0460ac0840
7 changed files with 96 additions and 55 deletions
1
env.yml
1
env.yml
|
@ -50,6 +50,7 @@ projects:
|
||||||
|
|
||||||
|
|
||||||
projects_to_backup:
|
projects_to_backup:
|
||||||
|
- synapse
|
||||||
- vaultwarden
|
- vaultwarden
|
||||||
|
|
||||||
|
|
||||||
|
|
32
roles/synapse/tasks/backup.yml
Normal file
32
roles/synapse/tasks/backup.yml
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
- name: Backup PostgreSQL database
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: synapse-postgres
|
||||||
|
docker_host: "unix:///run/user/{{ host_uid }}/docker.sock"
|
||||||
|
command: |
|
||||||
|
pg_dump -c
|
||||||
|
-d synapse
|
||||||
|
-U synapse
|
||||||
|
-f /var/lib/postgresql/data/synapse-dump.sql
|
||||||
|
|
||||||
|
- name: Create borg backup
|
||||||
|
command:
|
||||||
|
cmd: |
|
||||||
|
borg create
|
||||||
|
--compression=lzma
|
||||||
|
"{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
|
||||||
|
{{ volumes['synapse_datadir'] }}/media_store
|
||||||
|
{{ volumes['synapse_postgres_datadir'] }}/synapse-dump.sql
|
||||||
|
environment:
|
||||||
|
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Prune borg repository
|
||||||
|
command:
|
||||||
|
cmd: |
|
||||||
|
borg prune
|
||||||
|
--glob-archives='{{ role_name }}-*'
|
||||||
|
{{ borg_prune_options }}
|
||||||
|
{{ borg_repodir }}
|
||||||
|
environment:
|
||||||
|
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||||
|
become: true
|
|
@ -1,53 +1,9 @@
|
||||||
- name: "Create {{ synapse_project_dir }} project directory"
|
- name: Include backup tasks
|
||||||
file:
|
include_tasks:
|
||||||
path: "{{ synapse_project_dir }}"
|
file: backup.yml
|
||||||
state: directory
|
when: run_backup | default(false) | bool
|
||||||
|
|
||||||
- name: Template docker-compose.yaml to project directory
|
- name: Include update tasks
|
||||||
template:
|
include_tasks:
|
||||||
src: docker-compose.yaml
|
file: update.yml
|
||||||
dest: "{{ synapse_project_dir }}/docker-compose.yaml"
|
when: run_update | default(false) | bool
|
||||||
owner: "{{ ansible_env['USER'] }}"
|
|
||||||
group: "{{ ansible_env['USER'] }}"
|
|
||||||
mode: '640'
|
|
||||||
|
|
||||||
- name: Template homeserver.yaml to project directory
|
|
||||||
template:
|
|
||||||
src: homeserver.yaml
|
|
||||||
dest: "{{ synapse_project_dir }}/homeserver.yaml"
|
|
||||||
owner: "{{ ansible_env['USER'] }}"
|
|
||||||
mode: '640'
|
|
||||||
# Store result to restart services if the file changed
|
|
||||||
register: synapse_template_homeserver_result
|
|
||||||
|
|
||||||
# Separate task because template module cannot chown/chgrp to a non-existing user/group
|
|
||||||
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
|
|
||||||
file:
|
|
||||||
path: "{{ synapse_project_dir }}/homeserver.yaml"
|
|
||||||
group: "{{ users['synapse'] + uid_shift }}"
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
|
|
||||||
file:
|
|
||||||
path: "{{ volumes['synapse_datadir'] }}"
|
|
||||||
state: directory
|
|
||||||
owner: "{{ users['synapse'] + uid_shift }}"
|
|
||||||
group: "{{ users['synapse'] + uid_shift }}"
|
|
||||||
mode: '770'
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
|
|
||||||
file:
|
|
||||||
path: "{{ volumes['synapse_postgres_datadir'] }}"
|
|
||||||
state: directory
|
|
||||||
owner: "{{ users['synapse_postgres'] + uid_shift }}"
|
|
||||||
group: "{{ users['synapse_postgres'] + uid_shift }}"
|
|
||||||
mode: '770'
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: Pull/Create/Restart project services
|
|
||||||
community.docker.docker_compose:
|
|
||||||
project_src: "{{ synapse_project_dir }}"
|
|
||||||
pull: "{{ docker_pull_images | bool }}"
|
|
||||||
# Restart if config file(s) changed
|
|
||||||
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
|
|
||||||
|
|
53
roles/synapse/tasks/update.yml
Normal file
53
roles/synapse/tasks/update.yml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
- name: "Create {{ synapse_project_dir }} project directory"
|
||||||
|
file:
|
||||||
|
path: "{{ synapse_project_dir }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Template docker-compose.yaml to project directory
|
||||||
|
template:
|
||||||
|
src: docker-compose.yaml
|
||||||
|
dest: "{{ synapse_project_dir }}/docker-compose.yaml"
|
||||||
|
owner: "{{ ansible_env['USER'] }}"
|
||||||
|
group: "{{ ansible_env['USER'] }}"
|
||||||
|
mode: '640'
|
||||||
|
|
||||||
|
- name: Template homeserver.yaml to project directory
|
||||||
|
template:
|
||||||
|
src: homeserver.yaml
|
||||||
|
dest: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||||
|
owner: "{{ ansible_env['USER'] }}"
|
||||||
|
mode: '640'
|
||||||
|
# Store result to restart services if the file changed
|
||||||
|
register: synapse_template_homeserver_result
|
||||||
|
|
||||||
|
# Separate task because template module cannot chown/chgrp to a non-existing user/group
|
||||||
|
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
|
||||||
|
file:
|
||||||
|
path: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||||
|
group: "{{ users['synapse'] + uid_shift }}"
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
|
||||||
|
file:
|
||||||
|
path: "{{ volumes['synapse_datadir'] }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ users['synapse'] + uid_shift }}"
|
||||||
|
group: "{{ users['synapse'] + uid_shift }}"
|
||||||
|
mode: '770'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
|
||||||
|
file:
|
||||||
|
path: "{{ volumes['synapse_postgres_datadir'] }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||||
|
group: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||||
|
mode: '770'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Pull/Create/Restart project services
|
||||||
|
community.docker.docker_compose:
|
||||||
|
project_src: "{{ synapse_project_dir }}"
|
||||||
|
pull: "{{ docker_pull_images | bool }}"
|
||||||
|
# Restart if config file(s) changed
|
||||||
|
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
|
|
@ -7,7 +7,7 @@ services:
|
||||||
environment:
|
environment:
|
||||||
LANG: C
|
LANG: C
|
||||||
POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF8"
|
POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF8"
|
||||||
POSTGRES_USER: {{ synapse_secrets['postgres_user'] }}
|
POSTGRES_USER: synapse
|
||||||
POSTGRES_PASSWORD: {{ synapse_secrets['postgres_password'] }}
|
POSTGRES_PASSWORD: {{ synapse_secrets['postgres_password'] }}
|
||||||
volumes:
|
volumes:
|
||||||
- {{ volumes['synapse_postgres_datadir'] }}:/var/lib/postgresql/data
|
- {{ volumes['synapse_postgres_datadir'] }}:/var/lib/postgresql/data
|
||||||
|
|
|
@ -24,7 +24,7 @@ max_avatar_size: 2M
|
||||||
database:
|
database:
|
||||||
name: psycopg2
|
name: psycopg2
|
||||||
args:
|
args:
|
||||||
user: {{ synapse_secrets['postgres_user'] }}
|
user: synapse
|
||||||
password: {{ synapse_secrets['postgres_password'] }}
|
password: {{ synapse_secrets['postgres_password'] }}
|
||||||
dbname: synapse
|
dbname: synapse
|
||||||
host: synapse-postgres
|
host: synapse-postgres
|
||||||
|
|
|
@ -17,7 +17,6 @@ searxng_secrets:
|
||||||
searxng_secret:
|
searxng_secret:
|
||||||
|
|
||||||
synapse_secrets:
|
synapse_secrets:
|
||||||
postgres_user:
|
|
||||||
postgres_password:
|
postgres_password:
|
||||||
turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
|
turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
|
||||||
macaroon_secret_key:
|
macaroon_secret_key:
|
||||||
|
|
Loading…
Reference in a new issue