fedora-infra / ansible

Clone
Source Code
GIT

#773 keep weekly weblate backups on backup01
Merged 2 years ago by kevin. Opened 2 years ago by darknao.
fedora-infra/ darknao/ansible weblate_backup  into  main

file modified
+1 
@@ -7,6 +7,7 @@ 
 

  ansible_ifcfg_blocklist: true
 

  

  grokmirror_topdir: /fedora_backups/grokmirror
 

+ weblate_backup_topdir: /fedora_backups/misc/weblate
 

  

  dns1: 10.3.163.33
 

  dns2: 10.3.163.34

file modified
+1 
@@ -27,6 +27,7 @@ 
 

        nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3",
 

        nfs_src_dir: 'fedora_backups' }
 

    - grokmirror_mirror
 

+   - weblate_backup
 

  

    pre_tasks:
 

    - import_tasks: "{{ tasks_path }}/yumrepos.yml"

file added
+62 
@@ -0,0 +1,62 @@ 
 

+ - name: Install packages
 

+   package:
 

+     name:
 

+     - borgbackup
 

+     state: present
 

+   tags:
 

+   - weblate_backup
 

+ 

+ - name: Create a non root user to run the code
 

+   user:
 

+     name: _backup_weblate
 

+   tags:
 

+   - weblate_backup
 

+ 

+ - name: Copy private key
 

+   copy:
 

+     src: "{{ private }}/files/weblate/id_rsa"
 

+     dest: ~_backup_weblate/.ssh/id_rsa
 

+     owner: _backup_weblate
 

+     group: _backup_weblate
 

+     mode: 0600
 

+   tags:
 

+   - weblate_backup
 

+ 

+ - name: Copy passphrase file
 

+   copy:
 

+     src: "{{ private }}/files/weblate/borg_passphrase"
 

+     dest: ~_backup_weblate/.borgpass
 

+     owner: _backup_weblate
 

+     group: _backup_weblate
 

+     mode: 0600
 

+   tags:
 

+   - weblate_backup
 

+  

+ - name: Install backup script
 

+   template:
 

+     src: weblate-backup
 

+     dest: /usr/local/bin/weblate-backup
 

+     owner: root
 

+     group: root
 

+     mode: 0755
 

+   tags:
 

+   - weblate_backup
 

+ 

+ - name: Setup cron job
 

+   template:
 

+     src: cron-weblate-backup
 

+     dest: /etc/cron.d/cron-weblate-backup
 

+     owner: root
 

+     group: root
 

+     mode: 0644
 

+   tags:
 

+   - weblate_backup
 

+ 

+ - name: Create directory to mirror backups to
 

+   file:
 

+     dest: "{{ weblate_backup_topdir }}"
 

+     mode: 0755
 

+     state: directory
 

+     owner: _backup_weblate
 

+   tags:
 

+   - weblate_backup

file added
+1 
@@ -0,0 +1,1 @@ 
 

+ 0 2 * * 0 _weblate_backup /usr/local/bin/weblate-backup

file added
+35 
@@ -0,0 +1,35 @@ 
 

+ #!/bin/bash
 

+ 

+ pass_file=~/.borgpass
 

+ backup_prefix=weblate_backup
 

+ dest_backup={{ weblate_backup_topdir }}
 

+ 

+ dest_backup_file=${dest_backup}/${backup_prefix}_$(date +%Y%m%d%H%M%S).tar.gz
 

+ export BORG_RSH="ssh -o StrictHostKeyChecking=no"
 

+ export BORG_REPO="ssh://u164666-sub8@u164666-sub8.your-storagebox.de:23/./backups"
 

+ 

+ #############################
 

+ 

+ if [ ! -f "$pass_file" ]; then
 

+   echo "Passphrase file not found!"
 

+   exit 1
 

+ fi
 

+ export BORG_PASSCOMMAND="cat $pass_file"
 

+ 

+ echo "* listing backup ..."
 

+ last_backup=$(borg list --last 1 | awk '{print $1}')
 

+ if [ -z "$last_backup" ]; then
 

+   echo "* no backup found"
 

+   exit 1
 

+ fi
 

+ echo "* last backup is $last_backup"
 

+ 

+ 

+ echo "* extracting backup to $dest_backup ..."
 

+ borg export-tar ::$last_backup $dest_backup_file
 

+ echo "* extraction complete"
 

+ 

+ echo "* purging old backups ..."
 

+ # 56 days = 8 weeks
 

+ find ${dest_backup} -name ${backup_prefix}\*.gz -ctime +56 -exec rm -v {} \;
 

+ echo "* purge complete"

Related: https://pagure.io/fedora-infrastructure/issue/8729

A couple of files is needed for this:
/srv/private/ansible/files/weblate/id_rsa : ssh private key to access weblate backup host
/srv/private/ansible/files/weblate/borg_passphrase : passphrase used to decrypt the borgbackup repository

Backups will go in /fedora_backups/misc/weblate on backup01, fetched weekly, with 8 weeks retention.

Build succeeded.

rebased onto 81dc0135a538c9e00a3465cc88954278fb552631
2 years ago

Build succeeded.

Looks pretty good to me, but lets wait until after freeze.

This has conflicts now, can you rebase?

rebased onto a60f8aded3a3fb4ce2efa70af96e72c160546bff
2 years ago

Merge Failed.

This change or one of its cross-repo dependencies was unable to be automatically merged with the current state of its repository. Please rebase the change and upload a new patchset.

rebased onto d08cad7267a8a0ec4f062a2c66e9e9d336ae0b73
2 years ago

Build succeeded.

rebased onto 2b2b53848ddcf5ed64a73aa7ccabd7ca0dab6d03
2 years ago

Build succeeded.

rebased onto db33459b46c66056892c57fe368e46efe9d6dde4
2 years ago

rebased onto db33459b46c66056892c57fe368e46efe9d6dde4
2 years ago

Build succeeded.

rebased onto e0941ac
2 years ago

rebased onto e0941ac
2 years ago

Pull-Request has been merged by kevin
2 years ago

Build succeeded.
Metadata
None
No Tags
Changes Summary 5
+1 -0
file changed
inventory/host_vars/backup01.iad2.fedoraproject.org
+1 -0
file changed
playbooks/groups/backup-server.yml
+62
file added
roles/weblate-backup/tasks/main.yml
+1
file added
roles/weblate-backup/templates/cron-weblate-backup
+35
file added
roles/weblate-backup/templates/weblate-backup
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.