Add Synapse backup tasks.
This commit is contained in:
parent
1408698d53
commit
0460ac0840
7 changed files with 96 additions and 55 deletions
1
env.yml
1
env.yml
|
@ -50,6 +50,7 @@ projects:
|
|||
|
||||
|
||||
projects_to_backup:
|
||||
- synapse
|
||||
- vaultwarden
|
||||
|
||||
|
||||
|
|
32
roles/synapse/tasks/backup.yml
Normal file
32
roles/synapse/tasks/backup.yml
Normal file
|
@ -0,0 +1,32 @@
|
|||
- name: Backup PostgreSQL database
|
||||
community.docker.docker_container_exec:
|
||||
container: synapse-postgres
|
||||
docker_host: "unix:///run/user/{{ host_uid }}/docker.sock"
|
||||
command: |
|
||||
pg_dump -c
|
||||
-d synapse
|
||||
-U synapse
|
||||
-f /var/lib/postgresql/data/synapse-dump.sql
|
||||
|
||||
- name: Create borg backup
|
||||
command:
|
||||
cmd: |
|
||||
borg create
|
||||
--compression=lzma
|
||||
"{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
|
||||
{{ volumes['synapse_datadir'] }}/media_store
|
||||
{{ volumes['synapse_postgres_datadir'] }}/synapse-dump.sql
|
||||
environment:
|
||||
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||
become: true
|
||||
|
||||
- name: Prune borg repository
|
||||
command:
|
||||
cmd: |
|
||||
borg prune
|
||||
--glob-archives='{{ role_name }}-*'
|
||||
{{ borg_prune_options }}
|
||||
{{ borg_repodir }}
|
||||
environment:
|
||||
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||
become: true
|
|
@ -1,53 +1,9 @@
|
|||
- name: "Create {{ synapse_project_dir }} project directory"
|
||||
file:
|
||||
path: "{{ synapse_project_dir }}"
|
||||
state: directory
|
||||
- name: Include backup tasks
|
||||
include_tasks:
|
||||
file: backup.yml
|
||||
when: run_backup | default(false) | bool
|
||||
|
||||
- name: Template docker-compose.yaml to project directory
|
||||
template:
|
||||
src: docker-compose.yaml
|
||||
dest: "{{ synapse_project_dir }}/docker-compose.yaml"
|
||||
owner: "{{ ansible_env['USER'] }}"
|
||||
group: "{{ ansible_env['USER'] }}"
|
||||
mode: '640'
|
||||
|
||||
- name: Template homeserver.yaml to project directory
|
||||
template:
|
||||
src: homeserver.yaml
|
||||
dest: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||
owner: "{{ ansible_env['USER'] }}"
|
||||
mode: '640'
|
||||
# Store result to restart services if the file changed
|
||||
register: synapse_template_homeserver_result
|
||||
|
||||
# Separate task because template module cannot chown/chgrp to a non-existing user/group
|
||||
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
|
||||
file:
|
||||
path: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||
group: "{{ users['synapse'] + uid_shift }}"
|
||||
become: true
|
||||
|
||||
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
|
||||
file:
|
||||
path: "{{ volumes['synapse_datadir'] }}"
|
||||
state: directory
|
||||
owner: "{{ users['synapse'] + uid_shift }}"
|
||||
group: "{{ users['synapse'] + uid_shift }}"
|
||||
mode: '770'
|
||||
become: true
|
||||
|
||||
- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
|
||||
file:
|
||||
path: "{{ volumes['synapse_postgres_datadir'] }}"
|
||||
state: directory
|
||||
owner: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||
group: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||
mode: '770'
|
||||
become: true
|
||||
|
||||
- name: Pull/Create/Restart project services
|
||||
community.docker.docker_compose:
|
||||
project_src: "{{ synapse_project_dir }}"
|
||||
pull: "{{ docker_pull_images | bool }}"
|
||||
# Restart if config file(s) changed
|
||||
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
|
||||
- name: Include update tasks
|
||||
include_tasks:
|
||||
file: update.yml
|
||||
when: run_update | default(false) | bool
|
||||
|
|
53
roles/synapse/tasks/update.yml
Normal file
53
roles/synapse/tasks/update.yml
Normal file
|
@ -0,0 +1,53 @@
|
|||
- name: "Create {{ synapse_project_dir }} project directory"
|
||||
file:
|
||||
path: "{{ synapse_project_dir }}"
|
||||
state: directory
|
||||
|
||||
- name: Template docker-compose.yaml to project directory
|
||||
template:
|
||||
src: docker-compose.yaml
|
||||
dest: "{{ synapse_project_dir }}/docker-compose.yaml"
|
||||
owner: "{{ ansible_env['USER'] }}"
|
||||
group: "{{ ansible_env['USER'] }}"
|
||||
mode: '640'
|
||||
|
||||
- name: Template homeserver.yaml to project directory
|
||||
template:
|
||||
src: homeserver.yaml
|
||||
dest: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||
owner: "{{ ansible_env['USER'] }}"
|
||||
mode: '640'
|
||||
# Store result to restart services if the file changed
|
||||
register: synapse_template_homeserver_result
|
||||
|
||||
# Separate task because template module cannot chown/chgrp to a non-existing user/group
|
||||
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
|
||||
file:
|
||||
path: "{{ synapse_project_dir }}/homeserver.yaml"
|
||||
group: "{{ users['synapse'] + uid_shift }}"
|
||||
become: true
|
||||
|
||||
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
|
||||
file:
|
||||
path: "{{ volumes['synapse_datadir'] }}"
|
||||
state: directory
|
||||
owner: "{{ users['synapse'] + uid_shift }}"
|
||||
group: "{{ users['synapse'] + uid_shift }}"
|
||||
mode: '770'
|
||||
become: true
|
||||
|
||||
- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
|
||||
file:
|
||||
path: "{{ volumes['synapse_postgres_datadir'] }}"
|
||||
state: directory
|
||||
owner: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||
group: "{{ users['synapse_postgres'] + uid_shift }}"
|
||||
mode: '770'
|
||||
become: true
|
||||
|
||||
- name: Pull/Create/Restart project services
|
||||
community.docker.docker_compose:
|
||||
project_src: "{{ synapse_project_dir }}"
|
||||
pull: "{{ docker_pull_images | bool }}"
|
||||
# Restart if config file(s) changed
|
||||
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
|
|
@ -7,7 +7,7 @@ services:
|
|||
environment:
|
||||
LANG: C
|
||||
POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF8"
|
||||
POSTGRES_USER: {{ synapse_secrets['postgres_user'] }}
|
||||
POSTGRES_USER: synapse
|
||||
POSTGRES_PASSWORD: {{ synapse_secrets['postgres_password'] }}
|
||||
volumes:
|
||||
- {{ volumes['synapse_postgres_datadir'] }}:/var/lib/postgresql/data
|
||||
|
|
|
@ -24,7 +24,7 @@ max_avatar_size: 2M
|
|||
database:
|
||||
name: psycopg2
|
||||
args:
|
||||
user: {{ synapse_secrets['postgres_user'] }}
|
||||
user: synapse
|
||||
password: {{ synapse_secrets['postgres_password'] }}
|
||||
dbname: synapse
|
||||
host: synapse-postgres
|
||||
|
|
|
@ -17,7 +17,6 @@ searxng_secrets:
|
|||
searxng_secret:
|
||||
|
||||
synapse_secrets:
|
||||
postgres_user:
|
||||
postgres_password:
|
||||
turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
|
||||
macaroon_secret_key:
|
||||
|
|
Loading…
Reference in a new issue