89 lines
3.4 KiB
Bash
89 lines
3.4 KiB
Bash
#!/bin/bash
|
|
|
|
# Infrastructure
|
|
# Ansible instructions to deploy the infrastructure
|
|
# Copyright (C) 2020 Saibotk
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, version 3 of the License.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
function backup () {(
|
|
set -e
|
|
|
|
echo "Starting data backup:"
|
|
|
|
docker run --name="duplicity-backup-lvm" \
|
|
--security-opt "label=disable" \
|
|
--security-opt "no-new-privileges" \
|
|
--cap-drop=ALL \
|
|
--cap-add=DAC_OVERRIDE \
|
|
--rm \
|
|
-v "$HOME/.cache/duplicity/:/archive" \
|
|
-v "/root/.gnupg/:/root/.gnupg/" \
|
|
-v "/lvm_self_backup_snapshots/:/backup/:ro" \
|
|
-e "PASSPHRASE={{ lvm_self_backup_gpg.passphrase }}" \
|
|
--hostname {{ ansible_fqdn }} \
|
|
{{ lvm_self_backup_duplicity_image }}:{{ lvm_self_backup_duplicity_image_version }} \
|
|
--full-if-older-than 1M \
|
|
--progress \
|
|
--progress-rate 60 \
|
|
--sign-key "{{ lvm_self_backup_gpg.sign_key | default(lvm_self_backup_gpg.id) }}" \
|
|
{% for encryption_key in lvm_self_backup_gpg.encryption_keys | default([lvm_self_backup_gpg.id]) %}
|
|
--encrypt-key "{{ encryption_key }}" \
|
|
{% endfor %}
|
|
/backup/ \
|
|
"{{ lvm_self_backup_target }}"
|
|
|
|
{% if lvm_self_backup_retention.incremental.enabled %}
|
|
echo "Remove old incremental backups"
|
|
docker run --name="duplicity-backup-lvm" \
|
|
--security-opt "label=disable" \
|
|
--security-opt "no-new-privileges" \
|
|
--cap-drop=ALL \
|
|
--cap-add=DAC_OVERRIDE \
|
|
--rm \
|
|
-v "$HOME/.cache/duplicity/:/archive" \
|
|
--hostname {{ ansible_fqdn }} \
|
|
{{ lvm_self_backup_duplicity_image }}:{{ lvm_self_backup_duplicity_image_version }} \
|
|
remove-all-inc-of-but-n-full {{ lvm_self_backup_retention.incremental.count }} --force \
|
|
"{{ lvm_self_backup_target }}"
|
|
{% endif %}
|
|
|
|
{% if lvm_self_backup_retention.full.enabled %}
|
|
echo "Remove old full backups"
|
|
docker run --name="duplicity-backup-lvm" \
|
|
--security-opt "label=disable" \
|
|
--security-opt "no-new-privileges" \
|
|
--cap-drop=ALL \
|
|
--cap-add=DAC_OVERRIDE \
|
|
--rm \
|
|
-v "$HOME/.cache/duplicity/:/archive" \
|
|
--hostname {{ ansible_fqdn }} \
|
|
{{ lvm_self_backup_duplicity_image }}:{{ lvm_self_backup_duplicity_image_version }} \
|
|
remove-all-but-n-full {{ lvm_self_backup_retention.full.count }} --force \
|
|
"{{ lvm_self_backup_target }}"
|
|
{% endif %}
|
|
)}
|
|
|
|
echo "LVM backup started:"
|
|
|
|
backup
|
|
success=$?
|
|
if [ $success -gt 0 ]; then
|
|
echo "ERROR: An error occured during backup! $success"
|
|
fi
|
|
|
|
echo $success > {{ lvm_self_backup_status_directory }}/backup.status
|
|
|
|
chown {{ lvm_self_backup_status_directory_uid }}:{{ lvm_self_backup_status_directory_gid }} {{ lvm_self_backup_status_directory }}/backup.status
|
|
|
|
exit $success
|