align borg and burp folders to backup, switch to systemd for scheduling

README.md

@@ -16,8 +16,7 @@ Role Variables
 
 Defaults set in defaults/main.yml
 
-borg_dirs - list of directories to backup - default to [ "/root", "/etc" ]
+borg_dirs - list of directories to backup - default to "{{ burp_folders }}"
-borg_release - default to 1.1.4
 borg_server - default to maison.opendoor.fr
 borg_account - default to backup_borg
 borg_remote_dir - remote base directory for repos - default to /media/Backups/

defaults/main.yml

@@ -1,9 +1,6 @@
 ---
 # defaults file for borg_client
-borg_release: 1.2.9
+borg_dirs: "{{ burp_folders }}"
-borg_dirs:
-  - /etc
-  - /root
 borg_remote_dir: /media/Backups/
 borg_account: backup_borg
 borg_server: maison.opendoor.fr

tasks/cron.yml

@@ -1,10 +1,16 @@
-- name: Deploy cronjob backup_tout_court
+- name: Deploy systemd service and timer unit files
-  vars:
+  ansible.builtin.template:
-    minutes: "{{ 59 | random(seed=inventory_hostname) }}"
+    src: "{{ item }}"
-  cron:
+    dest: /etc/systemd/system/
-    name: backup
+  notify: reload systemd
-    cron_file: backup
+  loop:
-    user: root
+  - borg_backup.service
-    hour: "2"
+  - borg_backup.timer
-    minute: "{{ minutes }}"
+
-    job: "{{ borg_script_dir }}/borg.sh"
+- ansible.builtin.meta: flush_handlers
+
+- name: enable and start timer
+  ansible.builtin.systemd:
+    name: borg_backup.timer
+    state: started
+    enabled: true

tasks/install.yml

@@ -6,7 +6,7 @@
       path: /root/.ssh
       mode: 0700
       state: directory
-  - name: .ssh/confi 
+  - name: .ssh/config 
     ansible.builtin.copy:
       dest: /root/.ssh/config
       content: |
@@ -14,11 +14,9 @@
           Port 2222
 
 - name: get borg binary
-  get_url:
+  ansible.builtin.package:
-    dest: /usr/bin/borg
+    name: borgbackup
-    owner: root
+    state: present
-    mode: "0755"
-    url: https://github.com/borgbackup/borg/releases/download/{{ borg_release }}/borg-linuxnew64
 
 - name: ensure /root/bin exists
   ansible.builtin.file:

tasks/repo.yml

@@ -14,7 +14,7 @@
     path: "{{ borg_remote_dir }}{{ inventory_hostname }}"
     state: directory
     owner: "{{ borg_account }}"
-    group:  "{{ borg_account }}"
+    group:  "backup"
   delegate_to: "{{ borg_server }}"
 
 - name: get public key
@@ -32,7 +32,7 @@
     line: 'command="borg serve --restrict-to-path {{ borg_remote_dir }}" {{ public_key }} from {{ inventory_hostname }}'
     create: true
     owner: "{{ borg_account }}"
-    group: "{{ borg_account }}"
+    group: "backup"
     mode: 0600
   delegate_to: "{{ borg_server }}"
 
@@ -49,5 +49,4 @@
   ansible.builtin.command: "/usr/bin/borg init --encryption=keyfile {{ borg_account }}@{{ borg_server }}:{{ borg_remote_dir }}{{ inventory_hostname }}"
   environment:
     BORG_PASSPHRASE: "{{ borg_passphrase }}"
-    
 

templates/borg_backup.service

@@ -0,0 +1,9 @@
+# {{ansible_managed}}
+# this file was created from the role: {{ ansible_role_name }}
+[Unit]
+Description = get installed packages list
+
+[Service]
+Type = oneshot
+ExecStart = {{ borg_script_dir }}/borg.sh
+User = tom

templates/borg_backup.timer

@@ -0,0 +1,8 @@
+# {{ansible_managed}}
+# this file was created from the role: {{ ansible_role_name }}
+[Unit]
+Description= daily borg backup
+[Timer]
+OnCalendar=*-*-* 22:{{ 59|random( seed=inventory_hostname ) }}:0
+[Install]
+WantedBy=multi-user.target