91 lines
2.9 KiB
YAML
91 lines
2.9 KiB
YAML
---
|
|
|
|
- name: Ensure {{ restic_user }} system user exists
|
|
user:
|
|
name: "{{ restic_user }}"
|
|
state: present
|
|
system: true
|
|
when: restic_create_user
|
|
|
|
- name: Ensure either backup_paths or backup_stdin_command is populated
|
|
when: restic_backup_paths|length > 0 and restic_backup_stdin_command
|
|
fail:
|
|
msg: "Setting both `restic_backup_paths` and `restic_backup_stdin_command` is not supported"
|
|
|
|
- name: Ensure a filename for stdin_command backup is given
|
|
when: restic_backup_stdin_command and not restic_backup_stdin_command_filename
|
|
fail:
|
|
msg: "`restic_backup_stdin_command` was set but no filename for the resulting output was supplied in `restic_backup_stdin_command_filename`"
|
|
|
|
- name: Ensure backup frequency adheres to systemd's OnCalender syntax
|
|
command:
|
|
cmd: "systemd-analyze calendar {{ restic_policy.frequency }}"
|
|
register: systemd_calender_parse_res
|
|
failed_when: systemd_calender_parse_res.rc != 0
|
|
changed_when: false
|
|
|
|
- name: Ensure restic is installed
|
|
block:
|
|
- name: Ensure restic is installed via apt
|
|
apt:
|
|
package: restic
|
|
state: latest
|
|
when: ansible_os_family == 'Debian'
|
|
- name: Ensure restic is installed via dnf
|
|
dnf:
|
|
name: restic
|
|
state: latest
|
|
when: ansible_os_family == 'RedHat'
|
|
- name: Ensure restic is installed using the auto-detected package-manager
|
|
package:
|
|
name: "{{ restic_package_name }}"
|
|
state: present
|
|
when: ansible_os_family not in ['RedHat', 'Debian']
|
|
|
|
- name: Ensure systemd service file for '{{ restic_job_name }}' is templated
|
|
template:
|
|
dest: "/etc/systemd/system/{{ service.unit_name }}.service"
|
|
src: "{{ service.file }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0640
|
|
notify:
|
|
- reload-systemd
|
|
- trigger-restic
|
|
loop:
|
|
- unit_name: "{{ restic_systemd_unit_naming_scheme }}"
|
|
file: restic.service.j2
|
|
- unit_name: "{{ restic_systemd_unit_naming_scheme }}-unlock"
|
|
file: restic-unlock.service.j2
|
|
loop_control:
|
|
loop_var: service
|
|
label: "{{ service.file }}"
|
|
|
|
- name: Ensure systemd service file for '{{ restic_job_name }}' is templated
|
|
template:
|
|
dest: "/etc/systemd/system/{{ restic_systemd_unit_naming_scheme }}.timer"
|
|
src: restic.timer.j2
|
|
owner: root
|
|
group: root
|
|
mode: 0640
|
|
notify:
|
|
- reload-systemd
|
|
|
|
- name: Flush handlers to ensure systemd knows about '{{ restic_job_name }}'
|
|
meta: flush_handlers
|
|
|
|
- name: Ensure systemd service for unlocking repository for '{{ restic_job_name }}' is enabled
|
|
systemd:
|
|
name: "{{ restic_systemd_unit_naming_scheme }}-unlock.service"
|
|
enabled: true
|
|
|
|
- name: Ensure systemd timer for '{{ restic_job_name }}' is activated
|
|
systemd:
|
|
name: "{{ restic_systemd_unit_naming_scheme }}.timer"
|
|
enabled: true
|
|
|
|
- name: Ensure systemd timer for '{{ restic_job_name }}' is started
|
|
systemd:
|
|
name: "{{ restic_systemd_unit_naming_scheme }}.timer"
|
|
state: started
|