initial commit

2024-12-11 17:58:34 +01:00
parent 554e08edb5
commit 9ea5639efa
6 changed files with 167 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -0,0 +1,4 @@
 ---
 pbs_debian_release_name: "bookworm"
 pbs_repo_key: "https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg"
 pbs_repo_no_subscription: "deb http://download.proxmox.com/debian/pbs-client {{ pbs_debian_release_name }} main"
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -0,0 +1,9 @@
 ---
 galaxy_info:
  author: Ludovic Cartier
  description: Custom bash backup script which send data to Proxmox Backup Server
  company: brainsys
  license: MIT
  min_ansible_version: 2.8
  issue_tracker_url: https://git.brainsys.io/ansible-roles/prometheus/issues
  github_branch: main
--- a/tasks/asserts.yml
+++ b/tasks/asserts.yml
@@ -0,0 +1,11 @@
 ---
 - name: assert | check OS
  assert:
    that:
      - ansible_distribution == 'Debian'
 - name: assert | check vars
  assert:
    that:
      - backup_dir is defined
      - backup_retention is defined 
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -0,0 +1,37 @@
 ---
 - name: proxmox backup client | get GPG key
  apt_key:
    url: "{{ pbs_repo_key }}"
 - name: proxmox backup client | add repository
  become: yes
  apt_repository:
    repo: "{{ pbs_repo_no_subscription }}"
    filename: pbs-client.list
 - name: proxmox backup client | update APT Cache
  apt:
    update_cache: yes
    cache_valid_time: 3600
 - name: proxmox backup client | install
  apt:
    name:
      - proxmox-backup-client
    state: present
 - name: proxmox backup client | copy backup script
  template:
    src: brain_backup.j2
    dest: /usr/local/bin/brain_backup
    owner: root
    group: root
    mode: 0755
 - name: proxmox backup client | install crontab
  cron:
    name: brain backup
    minute: "{{ backup_cron_minute | default('0') }}"
    hour: "{{ backup_cron_hour | default('2') }}"
    user: root
    job: "/usr/local/bin/brain_backup"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,6 @@
 ---
 - name: asserts
  include_tasks: asserts.yml
 - name: install
  include_tasks: install.yml
--- a/templates/brain_backup.j2
+++ b/templates/brain_backup.j2
@@ -0,0 +1,100 @@
 # {{ ansible_managed }}
 #!/bin/bash
 [ ! -f /usr/bin/proxmox-backup-client ] && echo "proxmox-backup-client is not installed: exiting." && exit 1
 today=`date +%Y-%m-%d`
 backup_dir={{ backup_dir | default('/backup') }}
 backup_retention={{ backup_retention | default('7') }}
 ### PBS ####
 PBS_RATE={{ pbs_rate | default('60000000') }}
 export PBS_FINGERPRINT="{{ pbs_fingerprint }}"
 export PBS_PASSWORD="{{ pbs_password }}"
 export PBS_USER="{{ pbs_user }}"
 export PBS_SERVER="{{ pbs_server }}"
 export PBS_DATASTORE="{{ pbs_datastore }}"
 export PBS_REPOSITORY="${PBS_USER}@${PBS_SERVER}:${PBS_DATASTORE}"
 export PBS_LOG="{{ PBS_LOG_LEVEL | default('error') }}"
 ## PBS login ##
 /usr/bin/proxmox-backup-client login
 if [ $? -ne 0 ]; then
    echo "Error on PBS login - exiting."
    exit 1
 fi
 ## end of PBS login ##
 ## system ##
 mkdir -p $backup_dir/$today/system
 /usr/bin/tar cfz $backup_dir/$today/system/crontab.tgz -C /var/spool/cron/ crontabs/
 /usr/bin/dpkg -l > $backup_dir/$today/system/dpkg.txt
 [ -f /sbin/iptables ] && /sbin/iptables -L -n > $backup_dir/$today/system/firewall.txt
 [ -f /sbin/iptables ] && /sbin/iptables -L -n -t nat > $backup_dir/$today/system/firewall_nat.txt
 [ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n > $backup_dir/$today/system/firewall6.txt
 [ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n -t nat > $backup_dir/$today/system/firewall6_nat.txt
 [ -f /usr/bin/pstree ] && /usr/bin/pstree > $backup_dir/$today/system/pstree.txt
 /bin/ps faux > $backup_dir/$today/system/ps.txt
 /bin/systemctl list-units > $backup_dir/$today/system/systemctl_unit.txt
 /usr/bin/getent passwd > $backup_dir/$today/system/users.txt
 [ -f /usr/bin/pvs ] && /usr/sbin/pvs > $backup_dir/$today/system/pvs.txt
 [ -f /usr/bin/vgs ] && /usr/sbin/vgs > $backup_dir/$today/system/vgs.txt
 [ -f /usr/bin/lvs ] &&/ usr/sbin/lvs > $backup_dir/$today/system/lvs.txt
 for dev in /sys/block/*; do
    dev=$(basename $dev)
    if test -b /dev/$dev && file -s /dev/$dev | egrep -q 'partition table|boot sector'; then
        /usr/sbin/sfdisk -d /dev/$dev >> $backup_dir/$today/system/partition-table_$dev.txt
    fi
 done
 ## end of system ##
 {% if backup_mysql_enabled is sameas true %}
 ## mysql ##
 mysql_databases=`/usr/bin/mysql -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema)"`
 mkdir -p $backup_dir/$today/mysql
 for db in $mysql_databases;
    do mysqldump -e -q -Q --lock-tables $db | gzip -c > $backup_dir/$today/mysql/dump_$db.sql.gz;
 done
 ## end of mysql ##
 {% endif %}
 {% if backup_pgsql_enabled is sameas true %}
 ## postgresql ##
 pg_port={{ backup_pg_port | default('5432') }}
 pg_databases=`sudo su - postgres -c "/usr/bin/psql -p $pg_port -t -c 'SELECT datname FROM pg_database'"|grep -v "template0"`
 mkdir -p $backup_dir/$today/postgresql
 chown -R postgres: $backup_dir/$today/postgresql
 for db in $pg_databases;
    do sudo su - postgres -c "/usr/bin/pg_dump -p $pg_port -Z9 -Fc -b -f $backup_dir/$today/postgresql/dump_$db.sql $db";
 done
 sudo su - postgres -c "/usr/bin/pg_dumpall --roles-only > $backup_dir/$today/postgresql/role.sql"
 ## end of postresql ##
 {% endif %}
 # purge old backups
 find $backup_dir -type d -ctime +$backup_retention -exec rm -rf {} \;
 ## send to PBS ##
 # TODO : this need to be templified !
 /usr/bin/proxmox-backup-client backup system.pxar:$backup_dir/$today/system --rate ${PBS_RATE} 
 /usr/bin/proxmox-backup-client backup etc.pxar:/etc/ --rate ${PBS_RATE} 
 /usr/bin/proxmox-backup-client backup var_www.pxar:/var/www/ --rate ${PBS_RATE} --exclude 'html' --exclude 'lost+found' --exclude='*.sock' --exclude='*.log' --exclude='.cache/'
 /usr/bin/proxmox-backup-client backup opt.pxar:/opt/ --rate ${PBS_RATE} 
 /usr/bin/proxmox-backup-client backup mysql.pxar:$backup_dir/$today/mysql --rate ${PBS_RATE}
 /usr/bin/proxmox-backup-client backup postgresql.pxar:$backup_dir/$today/postgresql --rate ${PBS_RATE}
 /usr/bin/proxmox-backup-client backup slash.pxar:/ --rate ${PBS_RATE} --include-dev /opt/docker-compose --include-dev /home
 ## end of send to PBS ##
 ## PBS logout ##
 /usr/bin/proxmox-backup-client logout
 ## end of PBS logout ##