From 85d5e68b4afcc3d804eb798fcda97f337ca081be Mon Sep 17 00:00:00 2001 From: Patrick Spek Date: Mon, 23 May 2022 13:12:20 +0200 Subject: Add playbook for borg --- playbooks.d/backup-borg/description.txt | 1 + playbooks.d/backup-borg/etc/defaults | 1 + playbooks.d/backup-borg/etc/os.d/linux-gentoo | 2 + playbooks.d/backup-borg/playbook.bash | 63 +++++++++++++++++++++++++++ playbooks.d/backup-borg/share/backup.bash | 59 +++++++++++++++++++++++++ 5 files changed, 126 insertions(+) create mode 100644 playbooks.d/backup-borg/description.txt create mode 100644 playbooks.d/backup-borg/etc/defaults create mode 100644 playbooks.d/backup-borg/etc/os.d/linux-gentoo create mode 100644 playbooks.d/backup-borg/playbook.bash create mode 100644 playbooks.d/backup-borg/share/backup.bash (limited to 'playbooks.d/backup-borg') diff --git a/playbooks.d/backup-borg/description.txt b/playbooks.d/backup-borg/description.txt new file mode 100644 index 0000000..18f5120 --- /dev/null +++ b/playbooks.d/backup-borg/description.txt @@ -0,0 +1 @@ +Backups managed with Borg and Borgmatic diff --git a/playbooks.d/backup-borg/etc/defaults b/playbooks.d/backup-borg/etc/defaults new file mode 100644 index 0000000..5b4b596 --- /dev/null +++ b/playbooks.d/backup-borg/etc/defaults @@ -0,0 +1 @@ +backup.user=root diff --git a/playbooks.d/backup-borg/etc/os.d/linux-gentoo b/playbooks.d/backup-borg/etc/os.d/linux-gentoo new file mode 100644 index 0000000..e0403ec --- /dev/null +++ b/playbooks.d/backup-borg/etc/os.d/linux-gentoo @@ -0,0 +1,2 @@ +pkg.borg=app-backup/borgbackup +pkg.borgmatic=app-backup/borgmatic diff --git a/playbooks.d/backup-borg/playbook.bash b/playbooks.d/backup-borg/playbook.bash new file mode 100644 index 0000000..8f91f8a --- /dev/null +++ b/playbooks.d/backup-borg/playbook.bash @@ -0,0 +1,63 @@ +#!/usr/bin/env bash + +playbook_add() { + # TODO: Abort if backup.key is not set yet + + pkg install borg + pkg install borgmatic + + # Create a `borg1` for compatability with rsync.net + ln -s /usr/bin/borg /usr/local/bin/borg1 + + playbook_sync + + info "$BASHTARD_PLAYBOOK" "Don't forget to add \`sysbackup\` to your crontab!" +} + +playbook_sync() { + local config + + config="$(getent passwd "$(config "backup.user")" | awk -F: '{ print $6 }')/.config/borgmatic/config.yaml" + + mkdir -pv -- "$(dirname "$config")" + + notice "$BASHTARD_PLAYBOOK" "Installing backup script" + file_template "backup.bash" \ + > /usr/local/bin/sysbackup + chmod +x -- /usr/local/bin/sysbackup + + # This is not going to be pretty, generating a YAML document from + # straight Bash, but the simple sed-based templating in Bashtard + # doesn't do loops, so this is the best I can do here. + notice "$BASHTARD_PLAYBOOK" "Generating borgmatic configuration" + printf "location:\n" > "$config" + printf " source_directories:\n" >> "$config" + + while read -r cpath + do + printf ' - "%s"\n' "$(config "$cpath")" >> "$config" + done < <(config_subkeys "backup.fs.paths") + + printf " repositories:\n" >> "$config" + + while read -r cremote + do + printf ' - "%s"\n' "$(config "$cremote")" >> "$config" + done < <(config_subkeys "backup.fs.remotes") + + printf " one_file_system: true\n" >> "$config" + printf " remote_path: borg1\n" >> "$config" # rsync.net wont work without this + printf "storage:\n" >> "$config" + printf " encryption_passphrase: \"%s\"\n" "$(config "backup.key")" >> "$config" + printf "retention:\n" >> "$config" + printf " keep_daily: 7\n" >> "$config" + printf " keep_weekly: 4\n" >> "$config" + printf " keep_monthly: 6\n" >> "$config" + printf " keep_yearly: 1\n" >> "$config" +} + +playbook_del() { + pkg uninstall borgmatic + pkg uninstall borg + rm -f -- /usr/local/bin/sysbackup +} diff --git a/playbooks.d/backup-borg/share/backup.bash b/playbooks.d/backup-borg/share/backup.bash new file mode 100644 index 0000000..0f9d5b7 --- /dev/null +++ b/playbooks.d/backup-borg/share/backup.bash @@ -0,0 +1,59 @@ +#!/usr/bin/env bash + +main() { + BORG_PASSPHRASE="$(bashtard var backup.key | awk -F= '{ print $NF }')" + + if [[ -z "$BORG_PASSPHRASE" ]] + then + return 3 + fi + + export BORG_PASSPHRASE + + backup_filesystem + backup_database_postgresql +} + +backup_filesystem() { + if ! command -v "borg" > /dev/null 2>&1 + then + return 4 + fi + + if ! command -v "borgmatic" > /dev/null 2>&1 + then + return 4 + fi + + borgmatic +} + +backup_database_postgresql() { + if ! command -v "psql" > /dev/null 2>&1 + then + return 4 + fi + + if ! command -v "pg_dump" > /dev/null 2>&1 + then + return 4 + fi + + local remote + + remote="$(bashtard var backup.db.postgresql.remote_base)" + PGUSER="$(bashtard var backup.db.postgresql.user | awk -F= '{ print $NF }')" + + export PGUSER + + while read -r database + do + [[ $database == "postgres" ]] && continue + [[ $database =~ template* ]] && continue + + pg_dump "$database" \ + | borg create "$remote-$database::$(date -u +%FT%TZ)" + done < <(psql -AXt -d template1 -c "SELECT datname FROM pg_database") +} + +main "$@" -- cgit v1.1