ansible-roles/proxmox-backup
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: update README and templates for improved backup configuration and logging

Browse Source 
Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
Ludovic Cartier
2026-05-15 11:28:07 +02:00
parent 0ef6ae2bac
commit ea052ef0b9
4 changed files with 74 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+7 -10
View File
@@ -24,7 +24,7 @@ Role variables
---------------
| Variable | Type | Choices | Default | Comment |
|---------------------------|---------|------------------|--------------------------------------------------------------------------------------|-----------------|
|---------------------------|---------|------------------|--------------------------------------------------------------------------------------|-------------------|
| pbs_debian_release_name | string | | bookworm | |
| pbs_repo_key | string | | https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg | |
| pbs_repo_no_subscription | string | | deb http://download.proxmox.com/debian/pbs-client {{ pbs_debian_release_name }} main | |
@@ -36,13 +36,11 @@ Role variables
| backup_host_id | string | | | |
| backup_dir | string | | | mandatory |
| backup_local_retention | string | | | mandatory |
| backup_path_include | dict | | | |
| - path: /etc list | string | | | |
| - path: /var/www list | string | | | |
| fs_mount: true list | boolean | | | |
| backup_path_include | list | | | |
| backup_path_exclude | list | | | |
| backup_mysql_enabled | boolean | | | |
| backup_postgreslq_enabled | boolean | | | |
| backup_mysql_enabled | boolean | | | uses mysqldump |
| backup_mariadb_enabled | boolean | | | uses mariadb-dump |
| backup_pgsql_enabled | boolean | | | |
| backup_cron_minute | int | | | |
| backup_cron_hour | int | | | |
@@ -77,9 +75,8 @@ backup_dir: /backup
backup_local_retention: 2
backup_path_include:
- path: /etc
- path: /var/www
fs_mount: true
- /etc
- /var/www
backup_path_exclude:
- /var/backups
tasks/install.yml
+4 -1
View File
@@ -1,7 +1,10 @@
---
- name: proxmox backup client | get GPG key
apt_key:
get_url:
url: "{{ pbs_repo_key }}"
dest: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
mode: '0644'
become: yes
- name: proxmox backup client | add repository
become: yes
templates/brain_backup.j2
+47 -25
View File
@@ -16,7 +16,7 @@ export PBS_USER="{{ pbs_user }}"
export PBS_SERVER="{{ pbs_server }}"
export PBS_DATASTORE="{{ pbs_datastore }}"
export PBS_REPOSITORY="${PBS_USER}@${PBS_SERVER}:${PBS_DATASTORE}"
export PBS_LOG="{{ PBS_LOG_LEVEL | default('error') }}"
export PBS_LOG="{{ pbs_log_level | default('error') }}"
## PBS login ##
/usr/bin/proxmox-backup-client login
@@ -26,30 +26,35 @@ if [ $? -ne 0 ]; then
fi
## end of PBS login ##
## system ##
mkdir -p $backup_dir/$today/system
## today symlink ##
mkdir -p $backup_dir/$today
ln -sfn $backup_dir/$today $backup_dir/today
## end of today symlink ##
/usr/bin/tar cfz $backup_dir/$today/system/crontab.tgz -C /var/spool/cron/ crontabs/
/usr/bin/dpkg -l > $backup_dir/$today/system/dpkg.txt
[ -f /sbin/iptables ] && /sbin/iptables -L -n > $backup_dir/$today/system/firewall.txt
[ -f /sbin/iptables ] && /sbin/iptables -L -n -t nat > $backup_dir/$today/system/firewall_nat.txt
[ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n > $backup_dir/$today/system/firewall6.txt
[ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n -t nat > $backup_dir/$today/system/firewall6_nat.txt
[ -f /usr/bin/pstree ] && /usr/bin/pstree > $backup_dir/$today/system/pstree.txt
/bin/ps faux > $backup_dir/$today/system/ps.txt
/bin/systemctl list-units > $backup_dir/$today/system/systemctl_unit.txt
/usr/bin/getent passwd > $backup_dir/$today/system/users.txt
[ -f /usr/bin/pvs ] && /usr/sbin/pvs > $backup_dir/$today/system/pvs.txt
[ -f /usr/bin/vgs ] && /usr/sbin/vgs > $backup_dir/$today/system/vgs.txt
[ -f /usr/bin/lvs ] &&/ usr/sbin/lvs > $backup_dir/$today/system/lvs.txt
## audit ##
mkdir -p $backup_dir/$today/audit
/usr/bin/tar cfz $backup_dir/$today/audit/crontab.tgz -C /var/spool/cron/ crontabs/
/usr/bin/dpkg -l > $backup_dir/$today/audit/dpkg.txt
[ -f /sbin/iptables ] && /sbin/iptables -L -n > $backup_dir/$today/audit/firewall.txt
[ -f /sbin/iptables ] && /sbin/iptables -L -n -t nat > $backup_dir/$today/audit/firewall_nat.txt
[ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n > $backup_dir/$today/audit/firewall6.txt
[ -f /sbin/ip6tables ] && /sbin/ip6tables -L -n -t nat > $backup_dir/$today/audit/firewall6_nat.txt
[ -f /usr/bin/pstree ] && /usr/bin/pstree > $backup_dir/$today/audit/pstree.txt
/bin/ps faux > $backup_dir/$today/audit/ps.txt
/bin/systemctl list-units > $backup_dir/$today/audit/systemctl_unit.txt
/usr/bin/getent passwd > $backup_dir/$today/audit/users.txt
[ -f /usr/bin/pvs ] && /usr/sbin/pvs > $backup_dir/$today/audit/pvs.txt
[ -f /usr/bin/vgs ] && /usr/sbin/vgs > $backup_dir/$today/audit/vgs.txt
[ -f /usr/bin/lvs ] && /usr/sbin/lvs > $backup_dir/$today/audit/lvs.txt
for dev in /sys/block/*; do
dev=$(basename $dev)
if test -b /dev/$dev && file -s /dev/$dev | egrep -q 'partition table|boot sector'; then
/usr/sbin/sfdisk -d /dev/$dev >> $backup_dir/$today/system/partition-table_$dev.txt
/usr/sbin/sfdisk -d /dev/$dev >> $backup_dir/$today/audit/partition-table_$dev.txt
fi
done
## end of system ##
## end of audit ##
{% if backup_mysql_enabled is sameas true %}
## mysql ##
@@ -58,11 +63,23 @@ mysql_databases=`/usr/bin/mysql -e "SHOW DATABASES;" | grep -Ev "(Database|infor
mkdir -p $backup_dir/$today/mysql
for db in $mysql_databases;
do mysqldump -e -q -Q --lock-tables $db | gzip -c > $backup_dir/$today/mysql/dump_$db.sql.gz;
do mysqldump -e -q -Q --single-transaction $db | gzip -c > $backup_dir/$today/mysql/dump_$db.sql.gz;
done
## end of mysql ##
{% endif %}
{% if backup_mariadb_enabled is sameas true %}
## mariadb ##
mariadb_databases=`/usr/bin/mariadb -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema|performance_schema)"`
mkdir -p $backup_dir/$today/mariadb
for db in $mariadb_databases;
do mariadb-dump -e -q -Q --single-transaction $db | gzip -c > $backup_dir/$today/mariadb/dump_$db.sql.gz;
done
## end of mariadb ##
{% endif %}
{% if backup_pgsql_enabled is sameas true %}
## postgresql ##
pg_port={{ backup_pg_port | default('5432') }}
@@ -83,26 +100,31 @@ sudo su - postgres -c "/usr/bin/pg_dumpall --roles-only > $backup_dir/$today/pos
find $backup_dir -type d -ctime +$backup_local_retention -exec rm -rf {} \;
## send to PBS ##
/usr/bin/proxmox-backup-client backup slash.pxar:/ \
/usr/bin/proxmox-backup-client backup \
{% if backup_host_id is defined %}
--backup-id {{ backup_host_id }} \
{% endif %}
{% if backup_path_include is defined %}
{% for item in backup_path_include %}
{% if item.fs_mount is defined %}--include-dev {{ item.path }} \{% endif %}
{% endfor %}
{% endif %}
{% if backup_exclude is defined %}
{% for item in backup_exclude %}
--exclude {{ item }} \
{% endfor %}
{% endif %}
etc.pxar:/etc \
audit.pxar:$backup_dir/today/audit \
{% if backup_path_include is defined %}
{% for item in backup_path_include %}
{{ item | regex_replace('^/', '') | replace('/', '_') }}.pxar:{{ item }} \
{% endfor %}
{% endif %}
{% if backup_pgsql_enabled is sameas true %}
postgresql.pxar:$backup_dir/$today/postgresql \
{% endif %}
{% if backup_mysql_enabled is sameas true %}
mysql.pxar:$backup_dir/$today/mysql \
{% endif %}
{% if backup_mariadb_enabled is sameas true %}
mariadb.pxar:$backup_dir/$today/mariadb \
{% endif %}
--rate ${PBS_RATE}
## end of send to PBS ##
templates/pxarexclude.j2
+1 -1
View File
@@ -6,6 +6,6 @@
{% endif %}
{% if backup_path_include is defined %}
{% for item in backup_path_include %}
!{{ item.path }}
!{{ item }}
{% endfor %}
{% endif %}