feat: adds borg, timers and systemd service support

2025-07-27 02:13:33 +02:00
parent 47221e5803
commit 4018399fd4
12 changed files with 535 additions and 62 deletions
--- a/config/ansible/tasks/servers/borg-backup.yml
+++ b/config/ansible/tasks/servers/borg-backup.yml
@@ -0,0 +1,93 @@
+---
+- name: Borg Backup Installation and Configuration
+  block:
+    - name: Check if Borg is already installed
+      ansible.builtin.command: which borg
+      register: borg_check
+      ignore_errors: true
+      changed_when: false
+
+    - name: Ensure Borg is installed
+      ansible.builtin.package:
+        name: borg
+        state: present
+      become: true
+      when: borg_check.rc != 0
+
+    - name: Set Borg backup facts
+      ansible.builtin.set_fact:
+        borg_passphrase: "{{ lookup('community.general.onepassword', 'Borg Backup', vault='Dotfiles', field='password') }}"
+        borg_config_dir: "{{ ansible_env.HOME }}/.config/borg"
+        borg_backup_dir: "/mnt/services"
+        borg_repo_dir: "/mnt/object_storage/borg-repo"
+
+    - name: Create Borg directories
+      ansible.builtin.file:
+        path: "{{ borg_dir }}"
+        state: directory
+        mode: "0755"
+      loop:
+        - "{{ borg_config_dir }}"
+        - "/mnt/object_storage"
+      loop_control:
+        loop_var: borg_dir
+      become: true
+
+    - name: Check if Borg repository exists
+      ansible.builtin.stat:
+        path: "{{ borg_repo_dir }}/config"
+      register: borg_repo_check
+      become: true
+
+    - name: Initialize Borg repository
+      ansible.builtin.command: >
+        borg init --encryption=repokey {{ borg_repo_dir }}
+      environment:
+        BORG_PASSPHRASE: "{{ borg_passphrase }}"
+      become: true
+      when: not borg_repo_check.stat.exists
+
+    - name: Create Borg backup script
+      ansible.builtin.template:
+        src: templates/borg-backup.sh.j2
+        dest: "{{ borg_config_dir }}/backup.sh"
+        mode: "0755"
+      become: true
+
+    - name: Create Borg systemd service
+      ansible.builtin.template:
+        src: templates/borg-backup.service.j2
+        dest: /etc/systemd/system/borg-backup.service
+        mode: "0644"
+      become: true
+      register: borg_service
+
+    - name: Create Borg systemd timer
+      ansible.builtin.template:
+        src: templates/borg-backup.timer.j2
+        dest: /etc/systemd/system/borg-backup.timer
+        mode: "0644"
+      become: true
+      register: borg_timer
+
+    - name: Reload systemd daemon
+      ansible.builtin.systemd:
+        daemon_reload: true
+      become: true
+      when: borg_service.changed or borg_timer.changed
+
+    - name: Enable and start Borg backup timer
+      ansible.builtin.systemd:
+        name: borg-backup.timer
+        enabled: true
+        state: started
+      become: true
+
+    - name: Display Borg backup status
+      ansible.builtin.debug:
+        msg: "Borg backup is configured and will run daily at 2 AM. Logs available at /var/log/borg-backup.log"
+
+  tags:
+    - borg-backup
+    - borg
+    - backup