l3d.restic_archiver
ansible_role_restic_archiver
======================
This is an Ansible role designed to "archive" backups made with Restic.
Usage Scenario:
- You have a Restic server that only allows writing (no reading).
- You send backups from other servers to this Restic backup server.
You don’t want to keep all backups forever. Instead, you want to keep:
- Daily backups for the last few days.
- Weekly, monthly, and yearly backups for a limited time, just like you prefer.
To manage this securely without giving access to others, you can use a local cron job. This cron job is set up using this Ansible role.
Bonus Feature: You can also choose to move backups to another disk with a different password, enhancing security.
Note: This role does not install Restic. For that, you can check out this Ansible role, which we've successfully used for the Restic server.
Variables:
---
# Repositories to clean up by default
restic_archiver__repos: {}
# Example configuration for repositories:
# - name: example_server:
# location: /srv/restic/example_server_repo
# password: securepassword4eXaMpleSserver
# - name: other_server
# location: /srv/restic/other_server_repo
# password: xtrasecuredifferentpassword4other
# archive: true
# archive_location: /mnt/archive/other_server_repo
# archive_password: archive4other_server_password
# archive_cleanup: true
# keep_last: 5
# keep_hourly: 4
# keep_daily: 1
# keep_weekly: 1
# keep_monthly: 1
# keep_yearly: 1
# keep_within: 1
# prune: true
# Default backup retention settings
restic_archiver__keep: 5
restic_archiver__keep_hourly: 16
restic_archiver__keep_daily: 14
restic_archiver__keep_weekly: 8
restic_archiver__keep_monthly: 16
restic_archiver__keep_yearly: 12
# Owner and group for Restic backups
restic_archiver__owner: 'root'
restic_archiver__group: 'root'
# Schedule for the Restic cron job
restic_archiver__hour: '3'
restic_archiver__minute: '32'
# Check if the disk is mounted
restic_archiver__mount_required: false
# Which disk needs to be mounted
restic_archiver__mount_disk: '/mnt/'
# Unmount after usage?
restic_archiver__umount_after_usage: false
# Required packages
restic_archiver__package:
- cron
# Logging and notifications settings
restic_archiver__log_output: true
restic_archiver__logrotate: true
restic_archiver__mailsummary: false
restic_archiver__mail_on_error: false
restic_archiver__mailaddress: 'root@localhost'
# Default Restic options
restic_archiver__default_opt: ''
# Additional messages for notifications
restic_archiver__additional_mail_msg: ''
# Check version for this playbook (recommended to be true)
submodules_versioncheck: false
restic_archiver__cache_config: false
restic_archiver__cache_dir: '~/.cache/restic'
restic_archiver__prune: false
Informazioni sul progetto
Role to deploy restic and setup backups.
Installa
ansible-galaxy install l3d.restic_archiver
Licenza
mit
Download
276
Proprietario
Ansible roles provide a framework for fully independent, or interdependent collections of variables,tasks,files,templates &modules. Here we maintain some. enjoy