Ansible role providing restic functionality for backups to Backblaze B2.
- This role makes use of anisble-vault to store sensitive data. You can use inline vault strings for the variables noted as sensitive below.
Make sure you don't lose the passphrase otherwise you will not be able to run the playbook until you recreate the vault.
vault_restic_account_id
('') - account id string from b2vault_restic_account_key
('') - account key string from b2vault_restic_encryption_key
('') - encryption key for data stored in cloud
To generate encrypted strings for these variables run the following:
ansible-vault encrypt_string 'account_id' --name 'vault_restic_account_id'
ansible-vault encrypt_string 'account_key' --name 'vault_restic_account_key'
ansible-vault encrypt_string 'encryption_key' --name 'vault_restic_encryption_key'
restic_cron_email
([email protected]) used for cron notificationsrestic_path
(/opt/restic) - path to install restic scriptsrestic_log_file
(/var/log/restic.log) - path to install restic scriptsrestic_repository
('b2:Revenni-Bucket:{{ ansible_fqdn }}') - b2:bucket:directoryrestic_cron_schedule
(0 */12 * * *) - crontab(5) style schedulerestic_retention
(30d) - number of days to store snapshots
We backup / by default not traversing mountpoints. If you have additional mount points you would like backed up they can be specified in the following variable.
restic_additional_mounts
(string) space delimited string of additional mounts to backup
- None
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
become: true
roles:
- { role: revenni.restic, tags: restic }
MIT