diff --git a/roles/borgbackup/handlers/main.yml b/roles/borgbackup/handlers/main.yml new file mode 100644 index 0000000..643177a --- /dev/null +++ b/roles/borgbackup/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: Restart cron + ansible.builtin.service: + name: cron + state: restarted \ No newline at end of file diff --git a/roles/borgbackup/tasks/main.yml b/roles/borgbackup/tasks/main.yml new file mode 100644 index 0000000..c96db3c --- /dev/null +++ b/roles/borgbackup/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: Install required system packages + ansible.builtin.package: + state: present + name: "{{ borgbackup_deps }}" + +- name: Copy smb credentials file + ansible.builtin.template: + src: "../templates/.cifs.j2" + dest: /home/{{ user['name'] }}/.cifs + owner: simon + group: simon + mode: '0600' + +- name: Copy "backup_to_smb.sh" Skript + ansible.builtin.template: + src: "../templates/backup_to_smb.sh" + dest: /usr/local/bin/ + owner: simon + group: simon + mode: '0700' + +- name: add cron backupjob for backups to samba server + become: true + ansible.builtin.cron: + user: simon + name: "borgbackup the docker dir to smb" + minute: "30" + hour: "3" + job: "sudo /usr/local/bin/backup_to_smb.sh > /dev/null 2>&1" + notify: restart cron \ No newline at end of file diff --git a/roles/borgbackup/templates/.cifs.j2 b/roles/borgbackup/templates/.cifs.j2 new file mode 100644 index 0000000..81300c5 --- /dev/null +++ b/roles/borgbackup/templates/.cifs.j2 @@ -0,0 +1,2 @@ +username= {{ smb_username }} +password= {{ smb_pass }} \ No newline at end of file diff --git a/roles/borgbackup/templates/backup_to_smb.sh b/roles/borgbackup/templates/backup_to_smb.sh new file mode 100644 index 0000000..0fb24d7 --- /dev/null +++ b/roles/borgbackup/templates/backup_to_smb.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# Variablen +data_dir="{{ data_dir }}" +samba_share="{{ smb_share }}" +samba_credentials="{{ smb_credentials }}" +backup_target_usage_threshold="{{smb_threshold}}" # Prozentuale Schwellenwert für die Speicherauslastung +mount_point="{{ mount_point }}" +backup_repository="$mount_point/{{borg_repo}}" +borg_password="{{borg_pass}}" +email_recipient="{{admin_mail}}" + + +# Mounten des Backup-Ziels +mount_successful=0 +mount_output=$(mount -t cifs "$samba_share" "$mount_point" -o credentials="$samba_credentials" 2>&1) +mount_status=$? + +if [ "$mount_status" -eq 0 ]; then + mount_successful=1 +else + echo "Mount fehlgeschlagen: $mount_output" >&2 +fi + +if [ "$mount_successful" -eq 1 ]; then + # Alle laufenden Container stoppen + running_containers=$(docker ps --format '{{.Names}}') + for container in $running_containers; do + docker stop "$container" + done + + # Backup mit BorgBackup erstellen + export BORG_PASSPHRASE="$borg_password" + backup_result=$(borg create --progress --list --stats --compression lz4 "$backup_repository"::'{hostname}-{now:%Y-%m-%d_%H:%M:%S}' $data_dir 2>&1) + backup_status=$? + + # Alle gestoppten Container starten + for container in $running_containers; do + docker start "$container" + done + + # Backup-Integrität überprüfen + borg_check_result=$(borg check --repository-only "$backup_repository" 2>&1) + + # Backup-Status und Speicherauslastung prüfen + if [ "$backup_status" -eq 0 ]; then + backup_result="Backup erfolgreich:\n$backup_result\n\nIntegrität des Backups überprüft:\n$borg_check_result" + else + backup_result="Backup fehlgeschlagen (Status: $backup_status):\n$backup_result\n\nIntegrität des Backups konnte nicht überprüft werden." + fi + + # Retention Policy anwenden + borg_prune_result=$(borg prune --keep-daily=7 --keep-weekly=4 --keep-monthly=6 "$backup_repository" 2>&1) + + # Unmounten des Backup-Ziels + umount_output=$(umount "$mount_point" 2>&1) + umount_status=$? + if [ "$umount_status" -ne 0 ]; then + echo "Unmount fehlgeschlagen: $umount_output" >&2 + fi + + # E-Mail senden + target_usage=$(df -h "$mount_point" | tail -1 | awk '{ print $5 }') + target_usage_number=${target_usage%%%} + + if [ "$target_usage_number" -gt "$backup_target_usage_threshold" ]; then + target_usage_warning="\n\nWARNUNG: Die Speicherauslastung des Backup-Ziels beträgt $target_usage und überschreitet den festgelegten Schwellenwert von $backup_target_usage_threshold%." + else + target_usage_warning="" + fi + + mail_subject="Backup-Bericht: $(date +'%Y-%m-%d %H:%M:%S')" + mail_body="$backup_result\n diff --git a/roles/borgbackup/vars/main.yml b/roles/borgbackup/vars/main.yml new file mode 100644 index 0000000..8cfb13a --- /dev/null +++ b/roles/borgbackup/vars/main.yml @@ -0,0 +1,22 @@ +$ANSIBLE_VAULT;1.1;AES256 +61623832336230653866643264303864323139326239363664393164333865353231306365626231 +6230366364326262643966313133323233376661343034390a646464323330303361626239383562 +66326134626365643464656431353238653835376636653630343533343461316339663365383963 +3739623738623766380a643465613364366233336230353237303862653964643765323535363835 +63336161363131343365383837666165366536653535323166383433326462643363326261666434 +64376232643533663537613239653731343661393733373665316234616137316433653366613161 +63613134613365363632316238316438633466373236383138303430376138376635663438623661 +34633562666464336466663135623661336465333231393731656535333434356133353564663833 +32323963643966643831396261383535353765383636313064316363643136333436316230313931 +63326261636430313533643537363731633332396434323136656536386165616464636435303239 +66363963376438396638383238663264316662626433646135323936373733363364626634346631 +31336661663430396461303166376332383064383436626138343830313338396335646465343166 +34613935656562656339303736343032376361653461616337623537636163393763356466616130 +65666331316430636133656637663435633637313938346663356337613464633333613230646263 +39346438346235663839356564313766313636393961303362373561386332653764663062633563 +39643238343736326233346436623130383838303639323966333434633766383130313962663131 +61616438353233643432383861663238373566393435663636383732643062376139653863396531 +31646435333631376466383565363137636637393233306362643965396363623261386433353137 +35323836653130343930356661356338353133333932646333343336376564613834613162653162 +32336234663665393130376334303032346436343961373232626631336533323132376261356530 +6262