added NFS Backup as an alternative to smb

roles/borgbackup/tasks/main.yml

@@ -4,13 +4,16 @@
     state: present
     name: "{{ borgbackup_deps }}"
 
+## Samba (ungetestet)##
+
 - name: Copy smb credentials file
   ansible.builtin.template:
-    src: "../templates/.cifs.j2"
-    dest: /home/{{ user['name'] }}/.cifs
+    src: "../templates/cifs.j2"
+    dest: "/home/{{ user['name'] }}/.cifs"
     owner: "{{ user['name'] }}"
     group: "{{ user['name'] }}"
     mode: '0600'
+  when: backup_via_samba == true
 
 - name: Copy "backup_to_smb.sh" Skript
   ansible.builtin.template:
@@ -19,13 +22,37 @@
     owner: "{{ user['name'] }}"
     group: "{{ user['name'] }}"
     mode: '0700'
+  when: backup_via_samba == true
 
 - name: add cron backupjob for backups to samba server
   become: true
   ansible.builtin.cron:
     user: "{{ user['name'] }}"
-    name: "borgbackup the docker dir to smb"
+    name: "borgbackup the docker dir to smb share"
     minute: "30"
     hour: "3"
     job: "sudo /usr/local/bin/backup_to_smb.sh > /dev/null 2>&1"
-  notify: restart cron
+  notify: Restart cron
+  when: backup_via_samba == true
+## NFS ##
+
+- name: Copy "backup_to_nfs.sh" Skript
+  ansible.builtin.template:
+    src: "../templates/backup_to_nfs.sh"
+    dest: /usr/local/bin/
+    owner: "{{ user['name'] }}"
+    group: "{{ user['name'] }}"
+    mode: '0700'
+  when: backup_via_nfs == true
+
+
+- name: add cron backupjob for backups to NFS server
+  become: true
+  ansible.builtin.cron:
+    user: "{{ user['name'] }}"
+    name: "borgbackup the docker dir to nfs share"
+    minute: "30"
+    hour: "4"
+    job: "sudo /usr/local/bin/backup_to_nfs.sh > /dev/null 2>&1"
+  notify: Restart cron
+  when: backup_via_nfs == true

roles/borgbackup/templates/.cifs.j2

@@ -1,2 +0,0 @@
-username= {{ smb_username }}
-password= {{ smb_pass }}

roles/borgbackup/templates/backup_to_nfs.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+
+# Variablen
+data_dir="/home/{{ user['name'] }}/docker"
+nfs_share="{{ nfs_share }}"
+backup_target_usage_threshold="{{nfs_threshold}}" # Prozentuale Schwellenwert für die Speicherauslastung
+mount_point="{{ mount_point }}"
+backup_repository="$mount_point/{{borg_repo}}"
+borg_password="{{borg_pass}}"
+email_recipient="{{admin_mail}}"
+
+# Mounten des Backup-Ziels
+mount_successful=0
+mount_output=$(mount -t nfs "$nfs_share" "$mount_point" 2>&1)
+mount_status=$?
+
+if [ "$mount_status" -eq 0 ]; then
+    mount_successful=1
+else
+    echo "Mount fehlgeschlagen: $mount_output" >&2
+fi
+
+if [ "$mount_successful" -eq 1 ]; then
+    # Repository erstellen, falls nicht vorhanden
+    mkdir -p "$backup_repository"    
+
+    # Alle laufenden Container stoppen
+    running_containers=$(docker ps --format '{{ "{{.Names}}" }}')
+    for container in $running_containers; do
+      docker stop "$container"
+    done
+  
+    # Prüfen, ob das Repository existiert, und ggf. erstellen
+    export BORG_PASSPHRASE="$borg_password"
+    if ! borg list "$backup_repository" >/dev/null 2>&1; then
+        borg init --encryption=repokey "$backup_repository"
+    fi
+
+    # Backup mit BorgBackup erstellen
+    backup_result=$(borg create --progress --list --stats --compression lz4 "$backup_repository"::'{hostname}-{now:%Y-%m-%d_%H:%M:%S}' $data_dir 2>&1)
+    backup_status=$?
+
+    # Alle gestoppten Container starten
+    for container in $running_containers; do
+      docker start "$container"
+    done
+
+    # Backup-Integrität überprüfen
+    borg_check_result=$(borg check --repository-only "$backup_repository" 2>&1)
+
+    # Backup-Status und Speicherauslastung prüfen
+    if [ "$backup_status" -eq 0 ]; then
+      backup_result="Backup erfolgreich:\n$backup_result\n\nIntegrität des Backups überprüft:\n$borg_check_result"
+    else
+      backup_result="Backup fehlgeschlagen (Status: $backup_status):\n$backup_result\n\nIntegrität des Backups konnte nicht überprüft werden."
+    fi
+
+    # Retention Policy anwenden
+    borg_prune_result=$(borg prune --keep-daily=7 --keep-weekly=4 --keep-monthly=6 "$backup_repository" 2>&1)
+
+    # Unmounten des Backup-Ziels
+    umount_output=$(umount "$mount_point" 2>&1)
+    umount_status=$?
+    if [ "$umount_status" -ne 0 ]; then
+        echo "Unmount fehlgeschlagen: $umount_output" >&2
+    fi
+
+       # E-Mail senden
+    target_usage=$(df -h "$mount_point" | tail -1 | awk '{ print $5 }')
+    target_usage_number=${target_usage%%%}
+
+    if [ "$target_usage_number" -gt "$backup_target_usage_threshold" ]; then
+      target_usage_warning="\n\nWARNUNG: Die Speicherauslastung des Backup-Ziels beträgt $target_usage und überschreitet den festgelegten Schwellenwert von $backup_target_usage_threshold%."
+    else
+      target_usage_warning=""
+    fi
+
+hostname=$(hostname)
+mail_subject="Backup-Bericht: $hostname - $(date +'%Y-%m-%d %H:%M:%S')"
+mail_body="$backup_result\n"
+
+    echo -e "$mail_body$target_usage_warning" | mail -s "$mail_subject" -r "no-reply@homeserver.zernis.ch" "$email_recipient"
+fi

roles/borgbackup/templates/backup_to_smb.sh

@@ -23,14 +23,22 @@ else
 fi
 
 if [ "$mount_successful" -eq 1 ]; then
+    # Repository erstellen, falls nicht vorhanden
+    mkdir -p "$backup_repository"
+
     # Alle laufenden Container stoppen
-    running_containers=$(docker ps --format '{{.Names}}')
+    running_containers=$(docker ps --format '{{ "{{.Names}}" }}')
     for container in $running_containers; do
       docker stop "$container"
     done
 
-    # Backup mit BorgBackup erstellen
+    # Prüfen, ob das Repository existiert, und ggf. erstellen
     export BORG_PASSPHRASE="$borg_password"
+    if ! borg list "$backup_repository" >/dev/null 2>&1; then
+        borg init --encryption=repokey "$backup_repository"
+    fi
+
+    # Backup mit BorgBackup erstellen
     backup_result=$(borg create --progress --list --stats --compression lz4 "$backup_repository"::'{hostname}-{now:%Y-%m-%d_%H:%M:%S}' $data_dir 2>&1)
     backup_status=$?
 
@@ -59,7 +67,7 @@ if [ "$mount_successful" -eq 1 ]; then
         echo "Unmount fehlgeschlagen: $umount_output" >&2
     fi
 
-    # E-Mail senden
+       # E-Mail senden
     target_usage=$(df -h "$mount_point" | tail -1 | awk '{ print $5 }')
     target_usage_number=${target_usage%%%}
 
@@ -69,5 +77,9 @@ if [ "$mount_successful" -eq 1 ]; then
       target_usage_warning=""
     fi
 
-    mail_subject="Backup-Bericht: $(date +'%Y-%m-%d %H:%M:%S')"
-    mail_body="$backup_result\n
+hostname=$(hostname)
+mail_subject="Backup-Bericht: $hostname - $(date +'%Y-%m-%d %H:%M:%S')"
+mail_body="$backup_result\n"
+
+    echo -e "$mail_body$target_usage_warning" | mail -s "$mail_subject" -r "no-reply@homeserver.zernis.ch" "$email_recipient"
+fi

roles/borgbackup/templates/cifs.j2

@@ -0,0 +1,2 @@
+username={{ smb_username }}
+password={{ smb_pass }}

roles/borgbackup/vars/main.yml

@@ -1,17 +1,22 @@
 $ANSIBLE_VAULT;1.1;AES256
-31313762306564396437376639373533663934616265346631303230333162323461313039346662
-3139346239303931363936383235626236623966376234340a366363376562313730363131323232
-37613762663966363539613037363565643362323363376638363037653938343638633466396632
-3265616165663163610a393465636632306136623937633963356235636139636236626535343936
-39633065643539343265396430363664666332383661386264393566323738636337373035396633
-66303130376231383839353064666431626439373735396261376365646535623136343930623266
-35653464396334666564626237653631303837643062656338636236633439613133653831323065
-39323932363766333638373538616163363134636666613339623133653662323239386536333533
-66316434636162643139363037316166643736323939666432373132613637663739656663303166
-31643634666664626139376663393765356666666633306166393939353439393866303762323834
-32326165633437333532313131653038613738663837633436613630366361306536626631343165
-64616264373663663437636565303566363566616533376566373564376165636637613361346534
-30633630393864333462383133613762303434333464643564333261653038326463363263666566
-36333963616431373735653536376633363735613031623865366461306333623265386339646131
-30313162343231386664623933336661396438643665626339623931333966303433376266653562
-66363964386363623633
+38323533333730343930363765333334613963343566663761376365303935646663323939333065
+3762353331303463613139663066656135316664336466640a363131663435343562613066623562
+39656336613366383230613736646661613038633663326335626239323634393761336637333736
+3939653738386532610a666564363934306261386266656462616537373865336235373031323466
+33633331326430623965316565633465666136623632613135353033633731643432613461656630
+64303031376466323132396462623836373439363032653766336432373864306334613738303039
+65666333326265316139646331336132366136356437666530386364383234656638366462653430
+65616365623531303361623736373531353737316164303163306264663136333037333038663161
+64643032633061656466303237326336313661333635346362636630323937386234346438633134
+61373562303237623032373337613664656437663562383563613764306233653532626263643437
+38643764336232373631363663626662323063663061386231316265373165323364343861393461
+39393563323432316566306366363937626238636532313434356332626166363531313936333133
+66313930323939376130356237666638316262636539303637636365633365303766633534666139
+33333965333538383163373438333533636564346562353736666462626433386232306639636434
+65633839333338346162643565633165633935646438306235316263386135616530336165336234
+38323666313934393863643666623438306264316161383931336230616132363434396264653038
+39666232313738373535626637643633366662303835626538353836346239666135366634353838
+61373462346332336432663536666363303338653938643932643736396639393339653731343434
+31333235666133343539353638353066333131646136356135663763616533636662656363326337
+37333730373061663064356631623663616536653933393131663431346235303732623635393935
+3766