Add Hedgedoc backup tasks.
This commit is contained in:
parent
8d197c8e55
commit
21936246b0
5 changed files with 54 additions and 0 deletions
2
env.yml
2
env.yml
|
@ -51,12 +51,14 @@ projects:
|
||||||
|
|
||||||
projects_to_backup:
|
projects_to_backup:
|
||||||
- etebase
|
- etebase
|
||||||
|
- hedgedoc
|
||||||
- synapse
|
- synapse
|
||||||
- vaultwarden
|
- vaultwarden
|
||||||
|
|
||||||
|
|
||||||
borg_repodir: "{{ cifs_mounts['backups']['path'] }}/borg"
|
borg_repodir: "{{ cifs_mounts['backups']['path'] }}/borg"
|
||||||
borg_passphrase_file: /etc/borg-passphrase.txt
|
borg_passphrase_file: /etc/borg-passphrase.txt
|
||||||
|
hedgedoc_mysql_root_password_file: "/etc/hedgedoc-mysql-root-password.txt"
|
||||||
borg_prune_options: |
|
borg_prune_options: |
|
||||||
--keep-within=1d
|
--keep-within=1d
|
||||||
--keep-daily=7
|
--keep-daily=7
|
||||||
|
|
|
@ -22,6 +22,20 @@
|
||||||
mode: '600'
|
mode: '600'
|
||||||
when: not borg_stat_passphrase_file_result.stat.exists or borg_update_passphrase | default(false) | bool
|
when: not borg_stat_passphrase_file_result.stat.exists or borg_update_passphrase | default(false) | bool
|
||||||
|
|
||||||
|
- name: Get Hedgedoc MySQL root password file stat
|
||||||
|
stat:
|
||||||
|
path: "{{ hedgedoc_mysql_root_password_file }}"
|
||||||
|
register: hedgedoc_mysql_root_password_file_result
|
||||||
|
|
||||||
|
- name: "Template hedgedoc-mysql-root-password.txt to {{ hedgedoc_mysql_root_password_file }}"
|
||||||
|
template:
|
||||||
|
src: hedgedoc-mysql-root-password.txt
|
||||||
|
dest: "{{ hedgedoc_mysql_root_password_file }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '600'
|
||||||
|
when: not hedgedoc_mysql_root_password_file_result.stat.exists or hedgedoc_update_mysql_root_password | default(false) | bool
|
||||||
|
|
||||||
- name: Get borg repository stat
|
- name: Get borg repository stat
|
||||||
stat:
|
stat:
|
||||||
path: "{{ borg_repodir }}"
|
path: "{{ borg_repodir }}"
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
{{ hedgedoc_secrets['mysql_root_password'] }}
|
32
roles/hedgedoc/tasks/backup.yml
Normal file
32
roles/hedgedoc/tasks/backup.yml
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
- name: Backup MySQL database
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: hedgedoc-mysql
|
||||||
|
docker_host: "unix:///run/user/{{ host_uid }}/docker.sock"
|
||||||
|
argv:
|
||||||
|
- /bin/bash
|
||||||
|
- "-c"
|
||||||
|
- "mysqldump hedgedoc > /var/lib/mysql/hedgedoc-dump.sql"
|
||||||
|
env:
|
||||||
|
MYSQL_PWD: "{{ hedgedoc_secrets['mysql_root_password'] if hedgedoc_secrets['mysql_root_password'] is defined else lookup('ansible.builtin.file', hedgedoc_mysql_root_password_file) }}"
|
||||||
|
|
||||||
|
- name: Create borg backup
|
||||||
|
command:
|
||||||
|
cmd: |
|
||||||
|
borg create
|
||||||
|
--compression=lzma
|
||||||
|
"{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
|
||||||
|
{{ volumes['hedgedoc_mysql_datadir'] }}/hedgedoc-dump.sql
|
||||||
|
environment:
|
||||||
|
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Prune borg repository
|
||||||
|
command:
|
||||||
|
cmd: |
|
||||||
|
borg prune
|
||||||
|
--glob-archives='{{ role_name }}-*'
|
||||||
|
{{ borg_prune_options }}
|
||||||
|
{{ borg_repodir }}
|
||||||
|
environment:
|
||||||
|
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
|
||||||
|
become: true
|
|
@ -1,3 +1,8 @@
|
||||||
|
- name: Include backup tasks
|
||||||
|
include_tasks:
|
||||||
|
file: backup.yml
|
||||||
|
when: run_backup | default(false) | bool
|
||||||
|
|
||||||
- name: Include update tasks
|
- name: Include update tasks
|
||||||
include_tasks:
|
include_tasks:
|
||||||
file: update.yml
|
file: update.yml
|
||||||
|
|
Loading…
Reference in a new issue