Borg backup role
Go to file
Luc Stroobant 645694e411 1.0.11
2018-01-27 19:55:30 +01:00
defaults 1.0.11 2018-01-27 19:55:30 +01:00
meta update meta 2018-01-21 19:42:31 +01:00
tasks adding key-options for hetzner too, unifying modification of authorized_keys with rsync and hetzner 2018-01-21 23:12:48 +01:00
templates Making it possible to define shell and support other os-ses 2018-01-11 23:26:43 +01:00
backup.yml fix hosts list 2017-10-01 12:01:28 +02:00
LICENSE.md license 2017-09-08 20:23:21 +02:00
README.md Hetzner support 2018-01-11 23:21:43 +01:00

Borg backup role

This role installs Borg backup on borgbackup_servers and clients. The role contains a wrapper-script 'borg-backup' to ease the usage on the client. Supported options include borg-backup info | init | list | backup | mount. Automysqlbackup will run as pre-backup command if it's installed. The role supports both self hosted and offsite backup-storage such as rsync.net and hetzner storage box as Borg server.

It's possible to configure append-only repositories to secure the backups against deletion from the client.

Required variables

Define a group borgbackup_servers in your inventory with one or multiple hosts. The group borgbackup_management is only necessary if you want to enable append-only mode and prune the backups from a secured hosts.

[borgbackup_servers]
backup1.fiaas.co

[borgbackup_management]
supersecurehost

Define group- or hostvars for your backup endpoints and retention:

borgbackup_servers:
  - fqdn: backup1.fiaas.co
    user: borgbackup
    type: normal
    home: /backup/
    pool: repos
    options: ""
  - fqdn: yourhost.rsync.net
    user: userid
    type: rsync.net
    home: ""
    pool: repos
    options: "--remote-path=borg1"
  - fqdn: username.your-storagebox.de
    user: username
    type: hetzner
    home: ""
    pool: repos
    options: ""


borgbackup_retention:
  hourly: 12
  daily: 7
  weekly: 4
  monthly: 6
  yearly: 1

WARNING: the trailing / in item.home is required.

Define a borg_passphrase for every host. host_vars\client1:

borgbackup_passphrase: Ahl9EiNohr5koosh1Wohs3Shoo3ooZ6p

Per default the role creates a cronjob in /etc/cron.d/borg-backup running as root every day on a random hour between 0 and 5am on a random minute. Override the defaults if necessary:

borgbackup_cron_user: root
borgbackup_cron_day: "*"
borgbackup_cron_minute: "{{ 59|random }}"
borgbackup_cron_hour: "{{ 5|random }}"

Set borgbackup_appendonly: True in host or group vars if you want append-only repositories. In that case it's possible to define a hostname in borgbackup_management_station where a borg prune script will be configured.

Make sure to check the configured defaults for this role, which contains the list of default locations being backed up in backup_include. Override this in your inventory where required.

Usage

Configure Borg on the server and on a client:

ansible-playbook -i inventory/test backup.yml -l backup1.fiaas.co
ansible-playbook -i inventory/test backup.yml -l client1.fiaas.co

Further reading

https://borgbackup.readthedocs.io/en/stable/