backup

Overview Versions Insights

Build Status

Backup role

This Ansible role will install and configure tarsnap + tarsnapper to make encrypted backups at regular intervals.

These backups are stored with tarsnap which uses Amaozn S3.

Laern more about Tarsnap, online backups for the truly paranoid.

Requirements

  • A tarsnap account with funds on it
  • This role has only been tested on Ubuntu 16.04 (I'll expand it to other platforms if there is any interest, let me know by opening an issue)
  • A tarsnapper config file at templates/tarsnapper.yml.j2 in your playbook (how to write a tarsnapper config file
  • A tarsnap config file at templates/tarsnap.conf.j2 in your playbook (how to write a tarsnap config file)

Role Variables

variable default value purpose
backup__rebuild_cache false Will skip tarsnap --fsck
backup__tarsnap_cachedir /usr/local/tarsnap-cache Sets the directory tarsnap will use to cache backups (cf. tarsnap.conf man page
backup__tarsnap_keyfile /root/tarsnap.key Sets the path where the tarsnap key will be saved
backup__tarsnap_apt_key 40B98B68F04DE775 ID for the key used to sign the tarsnap package
backup__tarsnap_username [email protected] Username for tarsnap.com (only required if you want to generate a new tarsnap key)
backup__tarsnap_password encrypt me Password for tarsnap.com (only required if you want to generate a new tarsnap key)
backup__tarsnapper_config_file /etc/tarsnapper.yml Sets the path where the tarsnapper jobs configuration will be saved on the target host
backup__tarsnapper_log_file /var/log/tarsnapper.log Sets the path to where the cronjob logs will be written
backup__cron_{minute,hour,dom,month,dow} respectively: 28, 3, *, *, * Interval at which to run tarsnap for backups

Notes

If there is no tarsnap key file found at files/{{ ansible_hostname }}.yml, a new Tarsnap key will be generated using the backup__tarsnap_username and backup__tarsnap_password variables, and a new machine will be registered as {{ ansible_host }}.

If there is a tarsnap key at files/{{ ansible_hostname }}.yml, then that key will be used instead and no new key generation or machine registration will occur.

If the Add tarsnap apt key task fails, it means the package's key has changed but I haven't updated the role yet. Check what the current key is at https://www.tarsnap.com/pkg-deb.html, override its value with the backup__tarsnap_apt_key variable, and open an issue so I can update the role with the new key.

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - role: coaxial.backup

License

MIT

Author Information

Coaxial <64b.it>

About

Automated, encrypted, online backups using tarsnap

role backup tarsnap tarsnapper
Install
ansible-galaxy install coaxial/ansible-role-backup
GitHub repository
1 stars
3 forks
2 open issues
License
Unknown
Downloads
288
Owner