Verified Commit f943cdf2 authored by Sheogorath's avatar Sheogorath 🛫

backup_lvm: Switching to container based setup

Duplicity as natively installed setup might be restricted by package
management and alike from the host OS side. This usage of a container
based setup will provide more flexability with upstream providers for
Backups.

Concret: One major issue with CentOS 7 was the installation of the b2sdk
without messing up the hosts python installation. Therefore running it
in a container seems like a good solution as all hosts have container
engines installed anyway.
parent 8af7bddf
---
- hosts: backup
roles:
- docker
- docker-compose
- backup_lvm
force_handlers: True
environment:
PYTHONPATH: /opt/docker-compose
......@@ -2,6 +2,9 @@
backup_vols: []
backup_target: ""
backup_duplicity_version: "0.8"
backup_duplicity_image_version: "{{ backup_duplicity_version }}"
backup_gpg:
id: ""
passphrase: ""
- name: Install duplicity
- name: Remove duplicity installation
yum:
name: "duplicity"
state: present
state: absent
become: true
- name: LVM snapshot backup
......@@ -47,10 +47,18 @@
path: "{{ tmp_fstab.path }}"
state: absent
- name: Create backup using duplicity
command: "duplicity --full-if-older-than 1M --encrypt-sign-key {{ backup_gpg.id }} /backup_snapshots/ {{ backup_target }}"
environment:
PASSPHRASE: "{{ backup_gpg.passphrase }}"
- name: Create backup using duplicity container
docker_container:
name: duplicity-backup
image: "quay.io/sheogorath/duplicity:{{ backup_duplicity_image_version }}"
detach: false
volumes:
- "/backup_snapshots/:/backup/:ro"
- "/root/.cache/duplicity/:/archive"
- "/root/.gnupg/:/root/.gnupg/"
security_opts:
- "label:disable"
command: "--full-if-older-than 1M --encrypt-sign-key {{ backup_gpg.id }} /backup/ {{ backup_target }}"
env:
PASSPHRASE: "{{ backup_gpg.passphrase }}"
become: true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment