stuff

2026-05-25 22:06:31 +02:00
parent 9729b28681
commit 808ff14aba
11 changed files with 142 additions and 11 deletions
@@ -0,0 +1,57 @@
+- name: Backup
+  hosts: pi
+  become: true
+  vars:
+    gpg_password: !vault |
+              $ANSIBLE_VAULT;1.1;AES256
+              34383033383462626132353163303532376137613539326662383038663537633465373863396539
+              6139623961303165353230303637303530343136363165380a323534663665323836636165323237
+              39653863313962353033336338376462303962323762663139663136663033306161316361303630
+              6466663761643438360a653166616130633862643236633663303731356337326361636436646439
+              37303633353961623766313063363734376334383163376337376639306135373064
+  tasks:
+    - name: Install rsync
+      ansible.builtin.apt:
+        name: rsync
+        state: present
+
+    - name: Create backup directory
+      ansible.builtin.file:
+        path: /opt/backup
+        state: directory
+        mode: '0700'
+
+    - name: Copy daily
+      ansible.builtin.copy:
+        src: backupDaily.sh
+        dest: /opt/backup/backupDaily.sh
+        mode: '0700'
+
+    - name: Copy weekly
+      ansible.builtin.copy:
+        src: backupWeekly.sh
+        dest: /opt/backup/backupWeekly.sh
+        mode: '0700'
+
+    - name: Copy passphrase
+      ansible.builtin.template:
+        src: passphrase.txt.j2
+        dest: /opt/backup/passphrase.txt
+        mode: '0600'
+
+    - name: Schedule daily backup
+      ansible.builtin.cron:
+        name: beepi backup daily
+        user: root
+        minute: '0'
+        hour: '3'
+        job: /opt/backup/backupDaily.sh >> /var/log/beepi-backup.log 2>&1
+
+    - name: Schedule weekly backup
+      ansible.builtin.cron:
+        name: beepi backup weekly
+        user: root
+        minute: '0'
+        hour: '5'
+        weekday: '0'
+        job: /opt/backup/backupWeekly.sh >> /var/log/beepi-backup.log 2>&1
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+set -euo pipefail
+
+now=$(date +"%Y%m%d%H%M")
+
+declare -a arr=("gitea" "mail" "matrix" "monitoring")
+declare -a monitoring=("monitoring_prometheus-data" "monitoring_grafana-storage" "monitoring_loki-data" "monitoring_alloy-data")
+declare -a matrix=("matrix_db")
+
+trap cleanup EXIT
+
+for i in "${arr[@]}"
+do
+    cd /opt/beeserver/${i}
+    podman-compose down -t 60
+    if [[ "$i" == "monitoring" ]]
+    then
+        for j in "${monitoring[@]}"
+        do
+            podman volume export ${j} --output ${j}.tar
+        done
+    fi
+
+    if [[ "$i" == "matrix" ]]
+    then
+        for j in "${matrix[@]}"
+        do
+            podman volume export ${j} --output ${j}.tar
+        done
+    fi
+    rsync -aH /opt/beeserver/${i} /opt/backup/beeserver
+    podman-compose up -d
+done
+
+tar -czf - /opt/backup/beeserver | gpg --batch --passphrase-file /opt/backup/passphrase.txt -c -o /home/beeshare/raid/serverBackup/beeserver_daily_${now}.tar.gz.gpg
+
+function cleanup()
+{
+    for j in "${monitoring[@]}"
+    do
+        rm -rf /opt/beeserver/monitoring/${j}.tar
+    done
+
+    for j in "${matrix[@]}"
+    do
+        rm -rf /opt/beeserver/matrix/${j}.tar
+    done
+}
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -euo pipefail
+
+now=$(date +"%Y%m%d%H%M")
+
+tar -czf - /opt/backup/beeserver | gpg --batch --passphrase-file /opt/backup/passphrase.txt -c -o /home/beeshare/raid/serverBackup/beeserver_weekly_${now}.tar.gz.gpg
+
+if [ -s /home/beeshare/raid/serverBackup/beeserver_weekly_${now}.tar.gz.gpg ]
+then
+    rm -rf /opt/backup/beeserver
+fi
+
+find /home/beeshare/raid/serverBackup -maxdepth 1 -name 'beeserver_weekly_*.tar.gz.gpg' -mtime +30 -delete
+find /home/beeshare/raid/serverBackup -maxdepth 1 -name 'beeserver_daily_*.tar.gz.gpg' -mtime +7 -delete
@@ -0,0 +1 @@
+{{ gpg_password }}