Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0

Daily backup of db zipped and signed

Cette révision appartient à :
tomleb 2017-05-08 00:25:46 -04:00
Parent aa91d89bce
révision 7456fc8a03
6 fichiers modifiés avec 55 ajouts et 0 suppressions

Voir le fichier

@ -1,3 +1,5 @@
nyaapantsu_dbname: nyaapantsu
nyaapantsu_user: nyaapantsu
nyaapantsu_password: nyaapantsu
nyaapantsu_gpg_passphrase_file: ~/passphrase
# vim: ft=yaml

Voir le fichier

@ -0,0 +1,21 @@
# Create a backup from the database
#!/bin/bash
set -eu
NYAAPANTSU_USERNAME="$1"
NYAAPANTSU_PASSWORD="$2"
NYAAPANTSU_DB="$3"
NYAAPANTSU_PASSPHRASE_FILE="$4"
dump_file="${NYAAPANTSU_DB}_$(date +'%Y_%m_%d_%H_%M').backup"
pg_dump -U "${NYAAPANTSU_USERNAME}" -f "${dump_file}"
xz -z "${dump_file}"
compressed_dump_file="${dump_file}.xz"
gpg2 --batch --yes --passphrase-fd 0 \
--output "${compressed_dump_file}.sig" \
--detach-sig "${compressed_dump_file}" < "${NYAAPANTSU_PASSPHRASE_FILE}"

Voir le fichier

@ -0,0 +1,27 @@
# TODO Allow autogenerating of GPG keys
- name: Make sure there is a passphrase file
stat:
path: "{{ nyaapantsu_gpg_passphrase_file }}"
register: pass_file
- name: Copy backup script
copy:
src: backup.sh
dest: "{{ backup_script }}"
mode: 0755
become: true
when: pass_file.stat.exists == true
- name: Create (if not exists) cronjob
file:
path: "{{ backup_cron_job }}"
state: touch
become: true
when: pass_file.stat.exists == true
- name: Setup backup cron
template:
src: backup_cron.j2
dest: "{{ backup_cron_job }}"
become: true
when: pass_file.stat.exists == true

Voir le fichier

@ -0,0 +1 @@
0 {{ backup_cron_hours }} * * * {{ backup_script }} {{ nyaapantsu_user }} {{ nyaapantsu_password }} {{ nyaapantsu_dbname }} {{ nyaapantsu_gpg_passphrase_file }}

Voir le fichier

@ -0,0 +1,3 @@
backup_script: /usr/bin/nyaapantsu_backup.sh
backup_cron_hours: 0
backup_cron_job: /etc/cron.d/nyaapantsu_backup

Voir le fichier

@ -6,4 +6,5 @@
- name: Set up databases
hosts: dbs
roles:
- backup
- postgresql