o New borg.

5 files changed, 106 insertions, 0 deletions

diff --git a/ansible/roles/borg-client/defaults/main.yml b/ansible/roles/borg-client/defaults/main.yml
new file mode 100644
index 0000000..ff82ed3
--- /dev/null
+++ b/ansible/roles/borg-client/defaults/main.yml
@@ -0,0 +1,2 @@
+borg_client__ssh_key: "borg/{{ ansible_hostname }}/ssh-key"
+
diff --git a/ansible/roles/borg-client/handlers/main.yml b/ansible/roles/borg-client/handlers/main.yml
new file mode 100644
index 0000000..970492f
--- /dev/null
+++ b/ansible/roles/borg-client/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: systemctl daemon-reload
+  systemd:
+    daemon_reload: true
diff --git a/ansible/roles/borg-client/tasks/main.yml b/ansible/roles/borg-client/tasks/main.yml
new file mode 100644
index 0000000..d5767cd
--- /dev/null
+++ b/ansible/roles/borg-client/tasks/main.yml
@@ -0,0 +1,59 @@
+- tags: packages
+  apt:
+    name:
+      - borgbackup
+    install_recommends: no
+
+- name: "mkdir /etc/tergum"
+  file:
+    path: "/etc/tergum"
+    state: directory
+    mode: u=rwx,go=
+    owner: root
+    group: root
+
+- copy:
+    dest: /etc/tergum/ssh-key
+    src: "{{ borg_client__ssh_key }}"
+    mode: u=rwx,go=
+    owner: root
+    group: root
+
+- name: "/etc/systemd/system/tergum@.service"
+  copy:
+    dest: "/etc/systemd/system/tergum@.service"
+    content: |
+      [Unit]
+      Description=Borg backup
+
+      [Service]
+      Type=oneshot
+      WorkingDirectory=/
+      ExecStart=-/usr/bin/tergum %i
+      #ExecStartPost=-/usr/bin/tergum-post foo@example.org
+      SuccessExitStatus=0 1
+      EnvironmentFile=/etc/tergum/jobs/%i/env
+  notify:
+    - systemctl daemon-reload
+
+- name: "/etc/systemd/system/tergum@.timer"
+  copy:
+    dest: "/etc/systemd/system/tergum@.timer"
+    content: |
+      [Unit]
+      Description=Borg
+
+      [Install]
+      WantedBy=timers.target
+  notify:
+    - systemctl daemon-reload
+
+- template:
+    dest: "/usr/bin/{{ item }}"
+    src: "bin/{{ item }}"
+    mode: u=rwx,go=rx
+    owner: root
+    group: root
+  with_items:
+    - tergum
+    - tergum-post
diff --git a/ansible/roles/borg-client/templates/bin/tergum b/ansible/roles/borg-client/templates/bin/tergum
new file mode 100644
index 0000000..eaab95c
--- /dev/null
+++ b/ansible/roles/borg-client/templates/bin/tergum
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -euo pipefail
+
+cd /
+
+instance=$1; shift
+
+echo BORG_RSH="$BORG_RSH"
+echo BORG_REPO="$BORG_REPO"
+
+echo "Doing backup for instance $instance"
+
+cmd=()
+cmd+=(borg create)
+cmd+=("--stats")
+cmd+=("--exclude-from=/etc/tergum/jobs/$instance/excludes")
+cmd+=("--patterns-from=/etc/tergum/jobs/$instance/patterns")
+cmd+=("::{hostname}-{now:%Y-%m-%dT%H:%M:%S}")
+
+set -x
+time "${cmd[@]}"
+
+borg info --last 1
diff --git a/ansible/roles/borg-client/templates/bin/tergum-post b/ansible/roles/borg-client/templates/bin/tergum-post
new file mode 100644
index 0000000..647bf5b
--- /dev/null
+++ b/ansible/roles/borg-client/templates/bin/tergum-post
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -euo pipefail
+
+cd /
+
+instance=$1; shift
+
+/usr/sbin/sendmail -t <<ERRMAIL
+To: $1
+From: systemd <root@$HOSTNAME>
+Subject: Backup @ $HOSTNAME
+Content-Transfer-Encoding: 8bit
+Content-Type: text/plain; charset=UTF-8
+
+$(systemctl status --full 2>&1)
+$(journalctl --since today --unit tergum@$instance 2>&1)
+ERRMAIL