saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity
infrastructure/roles/lvm-self-backup/templates/backup-lvm.sh
saibotk ac6d8172dd
Initial commit
2020-08-10 01:37:13 +02:00

62 lines
2.3 KiB
Bash
Raw Blame History

#!/bin/sh
# Infrastructure
# Ansible instructions to deploy the infrastructure
# Copyright (C) 2020 Saibotk
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
echo "LVM backup started:"
echo "Creating snapshots:"
{% for item in backup_vols %}
lvcreate -L 1G -n {{ item.lv_name }}_snap -s {{ item.vg_name }}/{{ item.lv_name }}
{% endfor %}
echo "Mount snapshots:"
{% for item in backup_vols %}
mount -o ro,nosuid,noexec{% if item.fstype is defined and item.fstype == "xfs" %},nouuid{% endif %} -t {{ item.fstype | default("ext4") }} /dev/{{ item.vg_name }}/{{ item.lv_name }}_snap /backup_snapshots/{{ item.vg_name }}-{{ item.lv_name }}
{% endfor %}
echo "Backup data:"
docker run --name="duplicity-backup-lvm" \
--security-opt "label=disable" \
--security-opt "no-new-privileges" \
--cap-drop=ALL \
--cap-add=DAC_OVERRIDE \
--rm \
-v "$HOME/.cache/duplicity/:/archive" \
-v "/root/.gnupg/:/root/.gnupg/" \
-v "/backup_snapshots/:/backup/:ro" \
-e "PASSPHRASE={{ backup_gpg.passphrase }}" \
--hostname {{ ansible_fqdn }} \
{{ backup_duplicity_image }}:{{ backup_duplicity_image_version }} \
--full-if-older-than 1M \
--sign-key "{{ backup_gpg.sign_key | default(backup_gpg.id) }}" \
{% for encryption_key in backup_gpg.encryption_keys | default([backup_gpg.id]) %}
--encrypt-key "{{ encryption_key }}" \
{% endfor %}
/backup/ \
"{{ backup_target }}"
echo "Unmount snapshots:"
{% for item in backup_vols %}
umount /dev/{{ item.vg_name }}/{{ item.lv_name }}_snap
{% endfor %}
echo "Remove snapshots:"
{% for item in backup_vols %}
lvremove -f {{ item.vg_name }}/{{ item.lv_name }}_snap
{% endfor %}
echo "Backed up LVM volumes successfully"
Reference in a new issue View git blame Copy permalink