revamp of bucket-related vars

2026-06-03 23:43:42 +02:00 · 2026-06-03 23:43:42 +02:00 · 2576de2e98
commit 2576de2e98
parent 620e7d87ee
3 changed files with 16 additions and 5 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,3 +1,14 @@
+- set_fact:
+    endpoint_without_bucket: "{{ cloudflare_r2_endpoint | urlsplit('scheme') ~ '://' ~ cloudflare_r2_endpoint | urlsplit('netloc') }}"
+    endpoint_path: "{{ cloudflare_r2_endpoint | urlsplit('path') }}"
+    restic_repository_name: "rclone:cloudflare-r2:backup-{{inventory_hostname}}"
+    bucket_name: >-
+      {{
+        (cloudflare_r2_endpoint | urlsplit('path') | default('', true) | regex_replace('^/', ''))
+        if (cloudflare_r2_endpoint | urlsplit('path') | default('') | length > 1)
+        else (backup_bucket_prefix ~ '-' ~ inventory_hostname)
+      }}
+
 - name: create the /backup-dirs file # this also runs on main in case someone doesn't run the backup.yml
  file:
    path: "/backup-dirs"
@ -58,12 +69,12 @@

 - name: "Create a bucket for the backups"
  amazon.aws.s3_bucket:
-    name: "{{ backup_bucket_prefix }}-{{ inventory_hostname }}"
+    name: "{{ bucket_name }}"
    state: present
    endpoint_url: "{{ cloudflare_r2_endpoint }}"
    access_key: "{{ cloudflare_r2_access_key }}"
    secret_key: "{{ cloudflare_r2_secret_key }}"
-  when: (cloudflare_r2_endpoint | urlsplit('path') | default('')) | length < 1
+  when: (cloudflare_r2_endpoint | urlsplit('path') | default('')) | length < 1 # if the endpoint does not have a path, it assumes we shold create the bucket and have a token that allows that

 - name: initiate restic repository
  command: "restic init --password-file=/backup-pwd"
@ -73,7 +84,7 @@
  until: "command_result.rc==0 or 'repository master key and config already initialized'  in command_result.stderr"
  failed_when: "command_result.rc!=0 and 'repository master key and config already initialized' not in command_result.stderr"
  environment:
-    RESTIC_REPOSITORY: "s3:{{ cloudflare_r2_endpoint }}{{ '' if ((cloudflare_r2_endpoint | urlsplit('path') | default('')) | length >1) else '/' ~  backup_bucket_prefix ~ '-' ~ inventory_hostname }}"
+    RESTIC_REPOSITORY: "{{ restic_repository }}"
    AWS_ACCESS_KEY_ID: "{{ cloudflare_r2_access_key }}"
    AWS_SECRET_ACCESS_KEY: "{{ cloudflare_r2_secret_key }}"
  tags:
--- a/templates/backup-vars.sh.j2
+++ b/templates/backup-vars.sh.j2
@ -1,3 +1,3 @@
-export RESTIC_REPOSITORY="rclone:cloudflare-r2:{{ backup_bucket_prefix }}-{{ inventory_hostname }}"
+export RESTIC_REPOSITORY="{{ restic_repository_name }}"
 export PWD_FILE=/backup-pwd
 export RESTIC=/usr/bin/restic
--- a/templates/rclone.conf.j2
+++ b/templates/rclone.conf.j2
@ -4,6 +4,6 @@ provider = Cloudflare
 access_key_id = {{ cloudflare_r2_access_key }}
 secret_access_key = {{ cloudflare_r2_secret_key }}
 region = auto
-endpoint = {{ cloudflare_r2_endpoint | urlsplit('scheme') ~ '://' ~ cloudflare_r2_endpoint | urlsplit('netloc') }}
+endpoint = {{ endpoint_without_bucket }}
 bucket_acl = private