diff --git a/roles/ynh_backup/README-FR.md b/roles/ynh_backup/README-FR.md
index 0580e2a1304edd918594fd137b41eb7fa513fe13..0e16cc75ec9aa1cce4846ed45bd12f54a26e5b8a 100644
--- a/roles/ynh_backup/README-FR.md
+++ b/roles/ynh_backup/README-FR.md
@@ -11,10 +11,11 @@ YunoHost doit déjà être installé sur votre serveur.
## Variables du rôle
Les variables par défaut sont disponibles dans `default/main.yml` cependant il est possible de les surcharger selon vos besoins.
-Nous avons intégré deux systèmes de sauvegardes différents à ce rôle YunoHost :
+Nous avons intégré trois systèmes de sauvegardes différents à ce rôle YunoHost :
- sauvegardes natives YunoHost en local
- sauvegardes à distance avec un [dépôt BorgBackup](https://borgbackup.readthedocs.io/en/stable/)
+- sauvegardes à distance avec un [dépôt Restic](https://restic.readthedocs.io/en/stable/)
### Sauvegardes natives YunoHost locales
@@ -22,16 +23,15 @@ Nous avons intégré deux systèmes de sauvegardes différents à ce rôle YunoH
```yml
ynh_backup:
- scheduled: True
- directory: "/data/backup"
- scheduled_hour: "*"
- scheduled_minute: "*/30"
+ scheduled: True
+ directory: "/data/backup"
+ scheduled_hour: "*"
+ scheduled_minute: "*/30"
scheduled_weekday: "*"
- scheduled_month: "*"
- system: True
- apps: True
+ scheduled_month: "*"
+ system: True
+ apps: True
number_days_to_keep: "2"
-
```
- `ynh_backup.scheduled` : active la fonctionnalité de sauvegarde des applications YunoHost en mettant la valeur à `True`.
@@ -48,18 +48,17 @@ ynh_backup:
```yml
ynh_borg_backup_scheduled: True
-borg_source_directories:
- - "/data/yunohost"
-borg_repository: "/data/backup/live"
+borg_source_directories: "{{ ynh_backup.directory }}"
+borg_repository: "/data/backup/live"
borg_encryption_passphrase: "PLEASECHANGEME"
-borgmatic_config_name: "borgmatic_ynh_config"
-borgmatic_cron_name: "borgmatic_ynh_cron"
+borgmatic_config_name: "borgmatic_ynh_config"
+borgmatic_cron_name: "borgmatic_ynh_cron"
borg_retention_policy:
keep_daily: "4"
ynh_borg_backup_remote_repo: True
-borg_ssh_keys_src: "files/prd/ssh_keys/ynh_ed25519.vault"
-borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
-ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {{ borg_ssh_keys_dest }}"
+borg_ssh_keys_src: "files/prd/ssh_keys/ynh_ed25519.vault"
+borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
+ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {{ borg_ssh_keys_dest }}"
```
- `ynh_borg_backup_scheduled` : Active / désactive la fonctionnalité de sauvegarde avec BorgBackup.
@@ -92,18 +91,18 @@ restic_keep_time: 0y2m0d0h
restic_repos:
s3_ynh_restic_repo:
- location: "s3:s3.fr-par.scw.cloud/dummy_bucket_name"
- password: "dummy_restic_repo_password"
- aws_access_key: "dummy_access_key"
+ location: "s3:s3.fr-par.scw.cloud/dummy_bucket_name"
+ password: "dummy_restic_repo_password"
+ aws_access_key: "dummy_access_key"
aws_secret_access_key: "dummy_secret_access_key"
- aws_default_region: "fr-par"
+ aws_default_region: "fr-par"
init: true
restic_backups:
YunoHost_remote:
- name: "remote_ynh_restic"
- repo: "s3_ynh_restic_repo"
- src: "/data/yunohost/backup"
+ name: "remote_ynh_restic"
+ repo: "s3_ynh_restic_repo"
+ src: "{{ ynh_backup.directory }}"
tags:
- yunohost
- remote
diff --git a/roles/ynh_backup/README.md b/roles/ynh_backup/README.md
index 054428ca81a0b31c8474afa1aa43fca2aa66fcd0..583854ce061d056e0611a7dea66e7840d05b3661 100644
--- a/roles/ynh_backup/README.md
+++ b/roles/ynh_backup/README.md
@@ -11,10 +11,11 @@ YunoHost needs to be installed on your server.
## Role Variables
The default variables are available in `default/main.yml` however it is possible to override them according to your needs.
-We have integrated two different backup systems to this YunoHost role:
+We have integrated three different backup systems to this YunoHost role:
- YunoHost native local backups
- Remote backups with a [BorgBackup repository](https://borgbackup.readthedocs.io/en/stable/)
+- Remote backups with a [Restic repository](https://restic.readthedocs.io/en/stable/)
### YunoHost native local backups
@@ -22,14 +23,15 @@ YunoHost provides its own native backup system. It is able to back up YunoHost c
```yml
ynh_backup:
- scheduled: True
- directory: "/data/backup"
- scheduled_hour: "*"
- scheduled_minute: "*/30"
+ scheduled: True
+ directory: "/data/backup"
+ scheduled_hour: "*"
+ scheduled_minute: "*/30"
scheduled_weekday: "*"
- scheduled_month: "*"
- system: True
- apps: True
+ scheduled_month: "*"
+ system: True
+ apps: True
+ number_days_to_keep: "2"
```
- `ynh_backup.scheduled`: Enable the YunoHost applications backup feature by setting the value to `True`.
@@ -46,22 +48,22 @@ ynh_backup:
```yml
ynh_borg_backup_scheduled: True
-borg_source_directories:
- - "/data/yunohost"
-borg_repository: "/data/backup/live"
+borg_source_directories: "{{ ynh_backup.directory }}"
+borg_repository: "/data/backup/live"
borg_encryption_passphrase: "PLEASECHANGEME"
-borgmatic_config_name: "borgmatic_ynh_config"
-borgmatic_cron_name: "borgmatic_ynh_cron"
+borgmatic_config_name: "borgmatic_ynh_config"
+borgmatic_cron_name: "borgmatic_ynh_cron"
borg_retention_policy:
keep_daily: "4"
ynh_borg_backup_remote_repo: True
-borg_ssh_keys_src: "files/prd/ssh_keys/ynh_ed25519.vault"
-borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
+borg_ssh_keys_src: "files/prd/ssh_keys/ynh_ed25519.vault"
+borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
+ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {{ borg_ssh_keys_dest }}"
```
- `ynh_borg_backup_scheduled`: Enable / disable the backup feature with BorgBackup.
- `ynh_borg_backup_remote_repo`: Enable / disable the backup functionality on a BorgBackup remote repository (tasks related to SSH keys setup). If you enable this feature, then you will need to use `borg_ssh_keys_src` and `borg_ssh_keys_dest` variables.
-- `borg_source_directories`: List of source folders to back up. By default, this is the folder containing all YunoHost data (configuration, applications).
+- `borg_source_directories`: List of source folders to back up. By default, this is the folder in which YunoHost local backups are located.
- `borg_repository`: Full path to the Borg repository. Possibility to give a list of repositories to save data in several places.
- `borg_encryption_passphrase` : **Mandatory**, password to use for the Borg repository encryption key.
- `borgmatic_config_name`: **Optional**, name of the Borgmatic configuration file.
@@ -89,18 +91,18 @@ restic_keep_time: 0y2m0d0h
restic_repos:
s3_ynh_restic_repo:
- location: "s3:s3.fr-par.scw.cloud/dummy_bucket_name"
- password: "dummy_restic_repo_password"
- aws_access_key: "dummy_access_key"
+ location: "s3:s3.fr-par.scw.cloud/dummy_bucket_name"
+ password: "dummy_restic_repo_password"
+ aws_access_key: "dummy_access_key"
aws_secret_access_key: "dummy_secret_access_key"
- aws_default_region: "fr-par"
+ aws_default_region: "fr-par"
init: true
restic_backups:
YunoHost_remote:
- name: "remote_ynh_restic"
- repo: "s3_ynh_restic_repo"
- src: "/data/yunohost/backup"
+ name: "remote_ynh_restic"
+ repo: "s3_ynh_restic_repo"
+ src: "{{ ynh_backup.directory }}"
tags:
- yunohost
- remote
diff --git a/roles/ynh_backup/defaults/main.yml b/roles/ynh_backup/defaults/main.yml
index 6a8c9ce9135d79cc6b6157b797c932b6a02f34f0..b68ee3be279f31eb17034998c4313b4afd3ce359 100644
--- a/roles/ynh_backup/defaults/main.yml
+++ b/roles/ynh_backup/defaults/main.yml
@@ -23,15 +23,15 @@ ynh_backup:
scheduled: False
# Variables for YunoHost BorgBackup
-ynh_borg_backup_scheduled: False
+ynh_borg_backup_scheduled: False
borg_source_directories:
- "/data/yunohost"
-borg_repository: "/data/backup/live"
-borg_init_command: "borgmatic init -c /etc/borgmatic/{{ borgmatic_config_name }} -e repokey --syslog-verbosity 1"
-borg_archive_name_format: "'{hostname}-yunohost-live-data-{now:%Y-%m-%d-%H%M%S}'"
+borg_repository: "/data/backup/live"
+borg_init_command: "borgmatic init -c /etc/borgmatic/{{ borgmatic_config_name }} -e repokey --syslog-verbosity 1"
+borg_archive_name_format: "'{hostname}-yunohost-live-data-{now:%Y-%m-%d-%H%M%S}'"
ynh_borg_backup_remote_repo: False
# Variables for YunoHost Restic
# https://github.com/roles-ansible/ansible_role_restic
ynh_restic_backup_scheduled: False
-restic_schedule_type: "cronjob"
+restic_schedule_type: "cronjob"
diff --git a/roles/ynh_backup/tasks/backup.yml b/roles/ynh_backup/tasks/backup.yml
index 94ebd0b863bec716c6ec53bd45e01f664daf5dc7..7e6d6a3a430ea5621b012c294943150902cb0c8d 100644
--- a/roles/ynh_backup/tasks/backup.yml
+++ b/roles/ynh_backup/tasks/backup.yml
@@ -25,19 +25,19 @@
- name: Create backup folder if doesn't already exist
ansible.builtin.file:
- path: "{{ ynh_backup.directory }}"
+ path: "{{ ynh_backup.directory }}"
state: directory
- mode: '0750'
+ mode: '0750'
when: ynh_backup.directory is defined
tags: backup
- name: Create backup script
ansible.builtin.template:
- src: "{{ ynh_backup_src_script }}"
- dest: "{{ ynh_backup_dest_script }}"
+ src: "{{ ynh_backup_src_script }}"
+ dest: "{{ ynh_backup_dest_script }}"
owner: root
group: root
- mode: '0740'
+ mode: '0740'
tags: backup
- name: Create cron task to schedule YNH backup script
diff --git a/roles/ynh_backup/tasks/borgbackup.yml b/roles/ynh_backup/tasks/borgbackup.yml
index 52027d047dc8685cb86825a69dc15d804598c2da..2dbfc28bafbc20e4fc734f195e65cab205ad7928 100644
--- a/roles/ynh_backup/tasks/borgbackup.yml
+++ b/roles/ynh_backup/tasks/borgbackup.yml
@@ -54,19 +54,19 @@
block:
- name: deploy ssh public key for BorgBackup
ansible.builtin.copy:
- src: "{{ borg_ssh_keys_src }}.pub"
- dest: "{{ borg_ssh_keys_dest }}.pub"
+ src: "{{ borg_ssh_keys_src }}.pub"
+ dest: "{{ borg_ssh_keys_dest }}.pub"
owner: "root"
group: "root"
- mode: 0600
+ mode: 0600
- name: deploy ssh private key for BorgBackup
ansible.builtin.copy:
- src: "{{ borg_ssh_keys_src }}.vault"
- dest: "{{ borg_ssh_keys_dest }}"
+ src: "{{ borg_ssh_keys_src }}.vault"
+ dest: "{{ borg_ssh_keys_dest }}"
owner: "root"
group: "root"
- mode: 0600
+ mode: 0600
when: ynh_borg_backup_remote_repo
- name: change SSH command in "/etc/borgmatic/{{ borgmatic_config_name }}"
@@ -83,7 +83,7 @@
- name: change archive name in "/etc/borgmatic/{{ borgmatic_config_name }}"
ansible.builtin.lineinfile:
- path: "/etc/borgmatic/{{ borgmatic_config_name }}"
+ path: "/etc/borgmatic/{{ borgmatic_config_name }}"
regexp: "archive_name_format:"
line: " archive_name_format: {{ borg_archive_name_format }}"
state: present
@@ -97,7 +97,7 @@
#!/bin/bash
. /opt/borgmatic/bin/activate
borg "$@"
- dest: /usr/local/bin/borg
+ dest: /usr/local/bin/borg
owner: root
group: root
mode: "0755"
diff --git a/roles/ynh_backup/tasks/restic.yml b/roles/ynh_backup/tasks/restic.yml
index 22d04126232941d0119f9af7ff6735e7facc10fb..afe3722c22d33207046520b7c37a81e2e71e3fa2 100644
--- a/roles/ynh_backup/tasks/restic.yml
+++ b/roles/ynh_backup/tasks/restic.yml
@@ -20,7 +20,7 @@
- name: Download Restic role on localhost
ansible.builtin.command: ansible-galaxy install do1jlr.restic,v0.7.1 -p "{{ _ansible_role_directory }}"
delegate_to: localhost
- become: False
+ become: False
tags:
- backup
- restic