Skip to content

Latest commit

 

History

History
100 lines (84 loc) · 4.37 KB

File metadata and controls

100 lines (84 loc) · 4.37 KB

Description

Make incremental backups securely using rsnapshot.

Why should backups always be pulled instead of being pushed?

Because pushing backups is highly insecure.

Requirements

Yannik/rsnapshot-remote-host must be installed on the hosts that should be backed up.

Role Variables

  • rsnapshot_enable_cron: whether to run backups automatically
    • Default: true
  • rsnapshot_mailto: where email reports should go to
  • rsnapshot_custom_options: set custom rsnapshot.conf options (list of dicts as some options can be used multiple times)
  • rsnapshot_backups: List of backup sets
    • name: unique lowercase alphanumeric name (required)
    • enabled: yes/no
    • interval: how often should the data be synced (required)
      • options: every30min, every1h, every3h, every6h, every12h, every24h
    • snapshot_root: unique path where the backups will be saved (required)
    • backup_host: backupro@host from where the backups should be pulled from
    • retain_settings: list of backups that should be kept (required)
    • maxdowntime: maximum time a host is allowed to be down (format: 6h, 12d)
    • custom_options: custom options (list of dicts as some options can be used multiple times)
    • backup_directives: the actual list of directories that should be backed up (required)
      • src: Source directory (required)
      • dest: destination directory, by default the src path appended to snapshot_root/ (optional)
      • args: optional arguments
        • Example: exclude=logs,exclude=vendor,+rsync_long_args=--bwlimit=625

Example Playbook

- hosts: all
  roles:
     - role: yannik.rsnapshot-backup-host
       rsnapshot_enable_cron: True
       rsnapshot_mailto: [email protected]
       rsnapshot_custom_directives:
         - rsync_long_args: --delete --numeric-ids --relative --delete-excluded --bwlimit=625
       rsnapshot_backups:
         - name: backups1
           interval: every30min
           snapshot_root: /var/rsnapshot-backups/backups1
           backup_host: [email protected]
           retain_settings:
             - { name: every1h, keep: 12 }
             - { name: every1d, keep: 3 }
             - { name: every1w, keep: 4 }
           backup_directives:
             - src: /etc
             - src: /var/www
               args: exclude=logs,exclude=vendor,+rsync_long_args=--bwlimit=625
             - src: "sudo /etc/rsnapshot/backup-scripts/backup-mysql.sh"
               type: ssh
             - src: /var/rsnapshot-backup/mysqldump.sql.gz
         - name: backups2
           interval: every6h
           snapshot_root: /var/rsnapshot-backups/backups2
           backup_host: [email protected]
           retain_settings:
             - { name: every1d, keep: 3 }
             - { name: every1w, keep: 4 }
           backup_directives:
             - src: /etc
               dest: myetc

Debugging

  • ssh -F /home/backuppuller/.ssh/config backupro@host test
  • rsync -a --rsh="/usr/bin/ssh -F /home/backuppuller/.ssh/config" backupro@host:/path-to-dir .

Inspired by

License

GPLv2

Author Information

Yannik Sembritzki