From 9aba305e2e2f147cb4da2b36b39b20221100200f Mon Sep 17 00:00:00 2001
From: Arthur BOUDREAULT <arthur@lydra.fr>
Date: Mon, 25 Jul 2022 16:00:04 +0200
Subject: [PATCH] WIP work on restic
---
roles/ynh_backup/README-FR.md | 12 +++++++++
roles/ynh_backup/README.md | 10 ++++++++
roles/ynh_backup/defaults/main.yml | 28 +++++++++++++++++++++
roles/ynh_backup/tasks/main.yml | 9 ++++++-
roles/ynh_backup/tasks/restic.yml | 39 ++++++++++++++++++++++++++++++
5 files changed, 97 insertions(+), 1 deletion(-)
create mode 100644 roles/ynh_backup/tasks/restic.yml
diff --git a/roles/ynh_backup/README-FR.md b/roles/ynh_backup/README-FR.md
index 178a558..879fb1b 100644
--- a/roles/ynh_backup/README-FR.md
+++ b/roles/ynh_backup/README-FR.md
@@ -76,6 +76,18 @@ ynh_ssh_borg_command: "ssh_command: ssh -p 7410 -o StrictHostKeychecking=no -i {
N'hésitez pas à regarder les variables disponibles dans le [rôle](https://github.com/borgbase/ansible-role-borgbackup).
+### Sauvegardes distantes avec Restic
+
+- Les sauvegardes avec [Restic](https://restic.net/) : Grâce au rôle Ansible `do1jlr.restic`, nous pouvons automatiser le processus d'installation et de configuration de Restic sur un serveur YunoHost. Les sauvegardes Borg Restic accessibles sur un dépôt Restic en local ou à distance et compatible stockage objet S3. Plus d'info sur ce rôle [ici](https://github.com/roles-ansible/ansible_role_restic).
+
+âš ï¸ Attention, pour pouvoir utiliser le rôle Ansible `do1jlr.restic`, vous devez avoir les paquets suivants installé sur la machine qui exécute Ansible : `bzip2` (binaire disponible sur la plupart des systèmes Linux) et `jmespath` (paquet python, installable avec pip).
+
+```yml
+
+```
+
+N'hésitez pas à regarder les variables disponibles dans le [rôle](https://github.com/borgbase/ansible-role-borgbackup).
+
## Dépendances
Le rôle `m3nu.ansible_role_borgbackup` sera installé sur la machine exécutant Ansible pour que les tâches liées à Borg fonctionnent. Un fichier `requirements.yml` est à la racine du rôle et va télécharger le rôle (par défaut vers `~/.ansible/roles`).
diff --git a/roles/ynh_backup/README.md b/roles/ynh_backup/README.md
index 59ba516..44fe532 100644
--- a/roles/ynh_backup/README.md
+++ b/roles/ynh_backup/README.md
@@ -75,6 +75,16 @@ borg_ssh_keys_dest: "/home/debian/.ssh/ynh_ed25519"
Feel free to look at the variables available in the [role](https://github.com/borgbase/ansible-role-borgbackup).
+### remote backups with YunoHost Restic
+
+- Backups with [Restic](https://restic.net/): Thanks to the Ansible role `do1jlr.restic` we can automate the installation and configuration process of Restic on a YunoHost server. Restic backups are accessible on a local or a remote Restic repository and compatible with S3 object storage. More info about this role [here](https://github.com/roles-ansible/ansible_role_restic).
+
+```yml
+
+```
+
+Feel free to look at the variables available in the [role](https://github.com/roles-ansible/ansible_role_restic).
+
## Dependencies
The `m3nu.ansible_role_borgbackup` role will be installed on the machine running Ansible for Borg-related tasks to work. A `requirements.yml` file is in the root of the role and will download the role (by default to `~/.ansible/roles`).
diff --git a/roles/ynh_backup/defaults/main.yml b/roles/ynh_backup/defaults/main.yml
index 7b616ac..558f686 100644
--- a/roles/ynh_backup/defaults/main.yml
+++ b/roles/ynh_backup/defaults/main.yml
@@ -30,3 +30,31 @@ borg_repository: "/data/backup/live"
borg_init_command: "borgmatic init -c /etc/borgmatic/{{ borgmatic_config_name }} -e repokey --syslog-verbosity 1"
borg_archive_name_format: "'{hostname}-yunohost-live-data-{now:%Y-%m-%d-%H%M%S}'"
ynh_borg_backup_remote_repo: False
+
+# Variables for YunoHost Restic S3
+# https://github.com/roles-ansible/ansible_role_restic
+restic_version: '0.12.1'
+ynh_restic_backup_scheduled: False
+restic_create_schedule: true
+restic_schedule_type: cronjob
+restic_no_log: false
+
+restic_keep_time: 1y0m0d0h
+
+restic_repos:
+ local_ynh_restic_repo:
+ location: "/data/backup/restic"
+ password: "Pa$$w0rdT0Change"
+ init: true
+
+restic_backups:
+ YunoHost_local:
+ name: "local_ynh_restic"
+ repo: "local_ynh_restic_repo"
+ src: "/data/yunohost"
+ tags:
+ - yunohost
+ keep-within: "{{ restic_keep_time }}"
+ scheduled: true
+ schedule_hour: 5
+ schedule_minute: 0
diff --git a/roles/ynh_backup/tasks/main.yml b/roles/ynh_backup/tasks/main.yml
index ac16ba4..9b44ede 100644
--- a/roles/ynh_backup/tasks/main.yml
+++ b/roles/ynh_backup/tasks/main.yml
@@ -23,9 +23,16 @@
when: ynh_backup.scheduled
tags: backup
-- name: Use Borg Backup with YunoHost
+- name: Use BorgBackup with YunoHost
ansible.builtin.include_tasks: borgbackup.yml
when: ynh_borg_backup_scheduled
tags:
- backup
- borg
+
+- name: Use Restic with YunoHost
+ ansible.builtin.include_tasks: restic.yml
+ when: ynh_restic_backup_scheduled
+ tags:
+ - backup
+ - restic
diff --git a/roles/ynh_backup/tasks/restic.yml b/roles/ynh_backup/tasks/restic.yml
new file mode 100644
index 0000000..58cd5c7
--- /dev/null
+++ b/roles/ynh_backup/tasks/restic.yml
@@ -0,0 +1,39 @@
+---
+#-----------------------------------------------------------------------------#
+# ansible-yunohost allows to deploy Yunohost using Ansible #
+# Copyright 2021-present Lydra https://www.lydra.fr/ #
+# #
+# this program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# this program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+#-----------------------------------------------------------------------------#
+- name: Download Restic role on localhost
+ ansible.builtin.command: ansible-galaxy install do1jlr.restic,v0.7.1 -p ~/.ansible/roles
+ delegate_to: localhost
+ become: False
+ tags:
+ - backup
+ - restic
+
+- name: Gather facts for Restic role
+ ansible.builtin.setup:
+ tags:
+ - backup
+ - restic
+
+- name: run Restic role
+ ansible.builtin.import_role:
+ name: do1jlr.restic
+ tags:
+ - backup
+ - restic
--
GitLab