l3d.restic_archiver

ansible_role_restic_archiver

======================

This is an Ansible role designed to "archive" backups made with Restic.

Usage Scenario:

  • You have a Restic server that only allows writing (no reading).
  • You send backups from other servers to this Restic backup server.

You don’t want to keep all backups forever. Instead, you want to keep:

  • Daily backups for the last few days.
  • Weekly, monthly, and yearly backups for a limited time, just like you prefer.

To manage this securely without giving access to others, you can use a local cron job. This cron job is set up using this Ansible role.

Bonus Feature: You can also choose to move backups to another disk with a different password, enhancing security.

Note: This role does not install Restic. For that, you can check out this Ansible role, which we've successfully used for the Restic server.

Variables:


---
# Repositories to clean up by default
restic_archiver__repos: {}
# Example configuration for repositories:
# - name: example_server:
#    location: /srv/restic/example_server_repo
#    password: securepassword4eXaMpleSserver
#  - name: other_server
#    location: /srv/restic/other_server_repo
#    password: xtrasecuredifferentpassword4other
#    archive: true
#    archive_location: /mnt/archive/other_server_repo
#    archive_password: archive4other_server_password
#    archive_cleanup: true
#    keep_last: 5
#    keep_hourly: 4
#    keep_daily: 1
#    keep_weekly: 1
#    keep_monthly: 1
#    keep_yearly: 1
#    keep_within: 1
#    prune: true

# Default backup retention settings
restic_archiver__keep: 5
restic_archiver__keep_hourly: 16
restic_archiver__keep_daily: 14
restic_archiver__keep_weekly: 8
restic_archiver__keep_monthly: 16
restic_archiver__keep_yearly: 12

# Owner and group for Restic backups
restic_archiver__owner: 'root'
restic_archiver__group: 'root'

# Schedule for the Restic cron job
restic_archiver__hour: '3'
restic_archiver__minute: '32'

# Check if the disk is mounted
restic_archiver__mount_required: false
# Which disk needs to be mounted
restic_archiver__mount_disk: '/mnt/'
# Unmount after usage?
restic_archiver__umount_after_usage: false

# Required packages
restic_archiver__package:
  - cron

# Logging and notifications settings
restic_archiver__log_output: true
restic_archiver__logrotate: true
restic_archiver__mailsummary: false
restic_archiver__mail_on_error: false
restic_archiver__mailaddress: 'root@localhost'

# Default Restic options
restic_archiver__default_opt: ''

# Additional messages for notifications
restic_archiver__additional_mail_msg: ''
# Check version for this playbook (recommended to be true)
submodules_versioncheck: false

restic_archiver__cache_config: false
restic_archiver__cache_dir: '~/.cache/restic'
restic_archiver__prune: false
Informazioni sul progetto

Role to deploy restic and setup backups.

Installa
ansible-galaxy install l3d.restic_archiver
Licenza
mit
Download
276
Proprietario
Ansible roles provide a framework for fully independent, or interdependent collections of variables,tasks,files,templates &modules. Here we maintain some. enjoy