Add backup script

2022-05-14 21:37:06 -04:00 · 2022-05-14 21:37:06 -04:00 · 4a0b2102d7
commit 4a0b2102d7
parent 5ff28d61de
5 changed files with 76 additions and 0 deletions
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@ -34,6 +34,10 @@ site_repo: http://localhost:3000/dogeystamp/wb4.git
 # This is the raw partition, and not the mapped crypt device
 secondary_disk: /dev/sda1

+# Drive for backups (also separate from OS drive)
+# This is the raw partition, and not the mapped crypt device
+backup_disk: /dev/sda2
+
 # Title used for the static website generator
 web_name: dogeystamp

@ -129,6 +133,9 @@ enable_dotfiles: yes
 # LUKS crypto and filesystem mounts
 enable_filesystems: yes

+# Deploy script to facilitate backups
+enable_backup: yes
+
 # Firewall (UFW)
 enable_firewall: yes

--- a/roles/backup/tasks/main.yml
+++ b/roles/backup/tasks/main.yml
@ -0,0 +1,5 @@
+- name: Deploy backup script
+  template:
+    src: lbk.sh.j2
+    dest: "/home/{{ admin_username }}/.local/bin/lbk.sh"
+    mode: 0755
--- a/roles/backup/templates/lbk.sh.j2
+++ b/roles/backup/templates/lbk.sh.j2
@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+# Local backup script (run as root)
+
+echo "Creating mountpoint."
+mkdir -p /mnt/disk_b/
+
+echo "Preparing to decrypt backup disk..."
+sleep 5
+echo "Decrypting disk..."
+cryptsetup luksOpen {{ backup_disk }} disk_b --key-file /k5e
+echo "Disk decrypted."
+
+echo "Mounting backup disk."
+mount /dev/mapper/disk_b /mnt/disk_b
+
+if ! mountpoint -q /mnt/disk;
+then
+	echo "Missing data disk mount!"
+	exit
+fi
+
+if [ ! -f /mnt/disk_b/bk-0.tgz ]
+then
+	echo "No full archive: preparing to perform complete backup."
+	sleep 5
+	echo "Performing complete backup."
+	tar -czvf /mnt/disk_b/bk-0.tgz -g /mnt/disk_b/bk.snar /mnt/disk
+	echo "Backup finished."
+	tput bel
+else
+	LABEL=$(date +"%Y_%m_%d")
+	echo "Preparing to perform incremental backup: $LABEL"
+	sleep 5.
+	echo "Performing incremental backup."
+	cp /mnt/disk_b/bk.snar "/mnt/disk_b/bk-$LABEL.snar"
+	tar -czvf /mnt/disk_b/bk-0.tgz -g /mnt/disk_b/bk.snar /mnt/disk
+	echo "Backup finished."
+	tput bel
+fi
+
+echo "Preparing to unmount backup disk."
+sleep 5
+echo "Unmounting backup disk."
+umount /mnt/disk_b
+echo "Unmounted backup disk."
+
+echo "Preparing to close backup disk."
+sleep 5
+echo "Closing backup disk."
+cryptsetup luksClose /dev/mapper/disk_b
+echo "Disk closed."
--- a/roles/system/tasks/essential.yml
+++ b/roles/system/tasks/essential.yml
@ -1,3 +1,8 @@
+- name: Set locale
+  community.general.locale_gen:
+    name: en_US.UTF-8
+    state: present
+
 - name: Change hostname
  hostname:
    name: "{{ inventory_hostname }}"
--- a/run.yml
+++ b/run.yml
@ -30,6 +30,11 @@
        - filesystems
      when: enable_filesystems

+    - role: backup
+      tags:
+        - backup
+      when: enable_backup
+
    - role: networking/connection
      tags:
        - connection