diff --git a/production/host_vars/silk.kde.org.yml b/production/host_vars/silk.kde.org.yml deleted file mode 100644 index 6516ba7..0000000 --- a/production/host_vars/silk.kde.org.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -backup_directory: backups -hetzner_backup_host: gohma diff --git a/production/host_vars/silk.kde.org/vars.yml b/production/host_vars/silk.kde.org/vars.yml new file mode 100644 index 0000000..01567a7 --- /dev/null +++ b/production/host_vars/silk.kde.org/vars.yml @@ -0,0 +1,9 @@ +--- +backup_directory: backups +hetzner_backup_host: gohma + +# do not install borgbackup via backup_apt_dependencies; +# silk's distro version doesn't have it, so there is a local copy +# in ~root/bin + +backup_borg_passphrase: "{{vault_backup_borg_passphrase}}" diff --git a/production/host_vars/silk.kde.org/vault.yml b/production/host_vars/silk.kde.org/vault.yml new file mode 100644 index 0000000..f4ff30b --- /dev/null +++ b/production/host_vars/silk.kde.org/vault.yml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +39326630343662373963366131633730353333653366613639333435313266396463363866323263 +3630623735353161663432366131613236373261656264330a666237323733313863386231353634 +32373332313564306637333532663335663962316635653937366535306538326238666632643563 +6565653530336436330a363534383737356162393533373935613464383237343736373839383266 +36323062306637363937373861353338366566626564353638343230373561323334613330663863 +62366466636535636536393262343637353032303562616230663334656661633866613232316136 +346466313031333364623235313136393665 diff --git a/roles/kde-backup/templates/backup-silk.sh b/roles/kde-backup/templates/backup-silk.sh index e09b868..91bf804 100755 --- a/roles/kde-backup/templates/backup-silk.sh +++ b/roles/kde-backup/templates/backup-silk.sh @@ -1,26 +1,44 @@ LOCATION=/root/{{backup_directory}} find $LOCATION -name "srv.*.tar.xz" -mtime +2 | xargs rm -f # Backup databases for DATABASE in `mysqlshow | grep -v "information_schema" | grep -v "performance_schema" | grep -v "mysql" | grep -v "stats" | tail -n+4 | awk '{print $2}'`; do mysqldump --opt --quick --single-transaction --skip-extended-insert --events --create-options --set-charset $DATABASE > $LOCATION/db.$DATABASE.`date +%w`.sql xz -f $LOCATION/db.$DATABASE.`date +%w`.sql done # Backup Piwik database DATABASE="stats" mysqldump --opt --quick --single-transaction --skip-extended-insert --events --create-options --set-charset $DATABASE > $LOCATION/db.$DATABASE.sql xz -f $LOCATION/db.$DATABASE.sql # Backup homes! tar -cJf /root/backups/homes.`date +%w`.tar.xz -C / home/ # Backup website contents tar -cJf $LOCATION/srv.`date +%w`.tar.xz -C / --exclude=srv/www/forum.kde.org/cache --exclude=srv/www/mediawiki/mediawiki/cache --exclude=srv/www/mediawiki/mediawiki/logs --exclude=srv/www/paste.kde.org/app/storage --exclude=*/.git srv/www 2>&1 | grep -v "file changed as we read it" # Backup configuration and list of installed packages tar -czf $LOCATION/etc.`date +%w`.tgz -C / etc/ tar -czf $LOCATION/crontabs.`date +%w`.tgz -C / var/spool/cron/ dpkg -l > $LOCATION/dpkg.`date +%w` +# Transfer the generated backups lftp -f ~/bin/backup-options + +# Borg backup time! Let's get ready to go... +export PATH=$HOME/bin:$PATH +export BORG_PASSPHRASE='{{backup_borg_passphrase}}' + +{% set backup_creds = hetzner_backup_creds[hetzner_backup_host] %} +BORG_SERVER="ssh://{{backup_creds.username}}@{{backup_creds.username}}.your-backup.de:23" + +# Backup /srv +export BORG_REPO="$BORG_SERVER/./borg-backups/silk-srv" +borg create --compression zlib,5 --exclude-caches ::'{hostname}-silk-srv-{now}' /srv/ 2>&1 | grep -v "Compacting segments" +borg prune --prefix '{hostname}-' --keep-daily 7 --keep-weekly 4 --keep-monthly 6 2>&1 | grep -v "Compacting segments" + +# Backup /home +export BORG_REPO="$BORG_SERVER/./borg-backups/silk-homes" +borg create --compression zlib,5 --exclude-caches ::'{hostname}-silk-homes-{now}' /home/ 2>&1 | grep -v "Compacting segments" +borg prune --prefix '{hostname}-' --keep-daily 7 --keep-weekly 4 --keep-monthly 6 2>&1 | grep -v "Compacting segments"