ansible-role--duplicity/README.md
2024-07-12 13:08:55 +00:00

3.2 KiB

Ansible Role: duplicity

CI

Installs and configures Duplicity backup tool on Debian/Ubuntu servers.

Requirements

This role requires Ansible 2.9 or higher.

Python Dependencies:

  • librsync
  • gettext
  • python3-pip
  • gnupg

OVHcloud: This role is designed to work with OVHcloud Public Cloud Object Storage and Cold Archive. You'll need an active OVHcloud account and the necessary credentials.

Role Variables

Mandatory Variables:

  • duplicity_hostname: The hostname of the server being backed up.

  • duplicity_work_directory: The directory where Duplicity will store temporary files and caches.

  • duplicity_backends: A list of dictionaries, each defining a backend for both hot (Object Storage) and cold (Cold Archive) storage in OVHcloud.

    duplicity_backends:
      - project_domain_name: "your_project_domain_name"
        tenantid: "your_tenant_id"
        username: "your_username"
        password: "your_password"
        regionname: "GRA"
    
  • duplicity_gpg_passphrase: The passphrase used to encrypt/decrypt the GPG key. Provide this variable as a file path.

  • duplicity_gpg_key: The GPG secret key used for encryption. Provide this variable as a file path.

  • duplicity_gpg_pubkey: The GPG public key. Provide this variable as a file path.

Optional Variables:

  • duplicity_enable: Whether to enable actual backups (defaults to true). Set to false for a dry run.
  • duplicity_enable_dokku: Enable backups for Dokku applications (defaults to true).
  • duplicity_enable_folders: Enable backups for specific folders (defaults to false).
    • You'll need to configure the folders to back up within the role's tasks.

Dependencies

None

Example Playbook

- hosts: backup_servers
  vars_files:
    - vars/main.yml
  roles:
    - glenux.duplicity

Inside vars/main.yml:

duplicity_hostname: "your_server_hostname"
duplicity_work_directory: /mnt/duplicity
duplicity_enable: true

duplicity_backends:
  - project_domain_name: "your_project_domain_name"
    tenantid: "your_tenant_id"
    username: "your_username"
    password: "your_password"
    regionname: "GRA"

duplicity_gpg_passphrase: /path/to/gpg_passphrase.txt
duplicity_gpg_key: /path/to/gpg_secret.key
duplicity_gpg_pubkey: /path/to/gpg_public.key

Role Usage

  1. Configure Variables:

    • Set mandatory variables in your playbook or vars file as shown in the example.
    • Adjust optional variables as needed.
  2. GPG Key:

    • Create a GPG key pair for encryption.
    • Provide the passphrase, secret key, and public key file paths in the variables.
  3. OVHcloud Credentials:

    • Ensure you have the correct OVHcloud credentials for object storage and cold archive.
    • Update the duplicity_backends variable with your project details.
  4. Run the Playbook:

    • Execute the playbook to install, configure, and run Duplicity.

License

GPL-2.0-or-later

Author Information

This role was created by glenux.