storage

Ansible role that provisions my storage server.

1.9 KB•YML

restic-server.yml

1.9 KB • 60 lines • yaml

1---
2
3- name: Create Restic backup server directory structure
4  file:
5    path: "{{ item }}"
6    state: directory
7    owner: "{{ storage_user }}"
8    group: "{{ storage_group }}"
9    mode: '2775'
10  loop:
11    - "{{ restic_backup_config_dir }}"
12    - "{{ restic_backup_data_dir }}"
13
14
15
16- name: Deploy Restic server Docker Compose file
17  template:
18    src: restic-server-compose.yml.j2
19    dest: "{{ restic_backup_config_dir }}/docker-compose.yml"
20    owner: "{{ storage_user }}"
21    group: "{{ storage_group }}"
22    mode: '0664'
23  notify: restart restic-server
24
25- name: Check if Restic directory exists
26  stat:
27    path: "{{ restic_backup_config_dir }}"
28  register: restic_dir_stat
29  changed_when: false
30
31- name: Start Restic backup server
32  community.docker.docker_compose_v2:
33    project_src: "{{ restic_backup_config_dir }}"
34    state: present
35  register: restic_start_result
36  check_mode: no
37  when: restic_dir_stat.stat.exists
38
39
40- name: Display Restic backup server deployment summary
41  debug:
42    msg: |
43      Restic Backup Server Deployment:
44      - Status: {{ 'Started' if restic_start_result is changed else 'Already running' }}
45      - Server URL: http://{{ ansible_default_ipv4.address }}:{{ restic_backup_host_port }}/
46      - Data Directory: {{ restic_backup_data_dir }}
47      - Configuration: {{ restic_backup_config_dir }}
48      - Authentication: {{ 'Configured' if restic_backup_username != '' else 'Not configured (Configure vault variables)' }}
49      
50      Client Setup:
51      1. Install restic on client machines
52      2. Use the example script: {{ restic_backup_config_dir }}/client-setup-example.sh
53      3. Initialize repository: restic init
54      4. Create backup: restic backup /path/to/backup
55      
56      Security Notes:
57      - Access is restricted to authenticated users only
58      - Consider setting up TLS/SSL for production use
59      - Ensure proper firewall rules for backup server access
60

1--- 2 3- name: Create Restic backup server directory structure 4 file: 5 path: "{{ item }}" 6 state: directory 7 owner: "{{ storage_user }}" 8 group: "{{ storage_group }}" 9 mode: '2775' 10 loop: 11 - "{{ restic_backup_config_dir }}" 12 - "{{ restic_backup_data_dir }}" 13 14 15 16- name: Deploy Restic server Docker Compose file 17 template: 18 src: restic-server-compose.yml.j2 19 dest: "{{ restic_backup_config_dir }}/docker-compose.yml" 20 owner: "{{ storage_user }}" 21 group: "{{ storage_group }}" 22 mode: '0664' 23 notify: restart restic-server 24 25- name: Check if Restic directory exists 26 stat: 27 path: "{{ restic_backup_config_dir }}" 28 register: restic_dir_stat 29 changed_when: false 30 31- name: Start Restic backup server 32 community.docker.docker_compose_v2: 33 project_src: "{{ restic_backup_config_dir }}" 34 state: present 35 register: restic_start_result 36 check_mode: no 37 when: restic_dir_stat.stat.exists 38 39 40- name: Display Restic backup server deployment summary 41 debug: 42 msg: | 43 Restic Backup Server Deployment: 44 - Status: {{ 'Started' if restic_start_result is changed else 'Already running' }} 45 - Server URL: http://{{ ansible_default_ipv4.address }}:{{ restic_backup_host_port }}/ 46 - Data Directory: {{ restic_backup_data_dir }} 47 - Configuration: {{ restic_backup_config_dir }} 48 - Authentication: {{ 'Configured' if restic_backup_username != '' else 'Not configured (Configure vault variables)' }} 49 50 Client Setup: 51 1. Install restic on client machines 52 2. Use the example script: {{ restic_backup_config_dir }}/client-setup-example.sh 53 3. Initialize repository: restic init 54 4. Create backup: restic backup /path/to/backup 55 56 Security Notes: 57 - Access is restricted to authenticated users only 58 - Consider setting up TLS/SSL for production use 59 - Ensure proper firewall rules for backup server access 60