More sane dir backup list management

2025-10-16 16:29:51 +02:00 · 2025-10-16 16:29:51 +02:00 · b509ca1dff
commit b509ca1dff
parent 61bac7d661
7 changed files with 34 additions and 23 deletions
--- a/README.md
+++ b/README.md
@ -29,10 +29,20 @@ Then in your playbook run:
    - setup-backups
  vars:
    backup_bucket_prefix: "backup"
-    all_backup_paths:
+    extra_backup_paths: # most sealcode-roles automatically register their backup dirs in the /backup-dirs txt file, but we can add anything not covered by that here
      - /var/homebox/data
    cloudflare_r2_access_key: "cloudflare R2 Access key (for S3-type API)"
    cloudflare_r2_secret_key: "cloudflare R2 secret key (for S3-type API)"
    cloudflare_r2_endpoint: https://some_endpoint.r2.cloudflarestorage.com
    BACKUP_PASSWORD: password
 ```
+
+
+If you are implementing a role that has to register a directory for
+automatic backups, add a task in your role's `tasks/backup.yml`:
+
+```yml
+- ansible.builtin.lineinfile:
+    path: "/backup-dirs"
+    line: "{{juice_sqlite_path}}"
+```
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1 +1,2 @@
 backup_bucket_prefix: backup
+extra_backup_paths: []
--- a/tasks/backup.yml
+++ b/tasks/backup.yml
@ -0,0 +1,15 @@
+## The playbook first runs the 'backup.yml' from each role
+- name: create the /backup-dirs file
+  file:
+    path: "/backup-dirs"
+    state: "touch"
+    mode: "0400"
+  changed_when: "true" # we always want ti give roles a chance to register dirs
+
+- name: Ensure file contains lines from array
+  lineinfile:
+    path: /backup-dirs
+    line: "{{ item }}"
+    create: yes
+    state: present
+  loop: "{{ extra_backup_paths }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,14 +1,6 @@
 - debug:
    var: group_names

- set_fact:
-    all_backup_paths: "{{ all_backup_paths | default([]) + (lookup('file', 'inventory/group_vars/' + item + '.yml') | from_yaml | dict2items | selectattr('key', 'equalto', 'backup_paths') | map(attribute='value') | list | first | default([])) }}"
-  loop: "{{ group_names }}"
-  when: all_backup_paths is not defined
-
- debug:
-    var: all_backup_paths
-
 - name: make sure restic is installed
  apt: state=latest pkg=restic

@ -21,7 +13,7 @@
    content: "{{ BACKUP_PASSWORD }}"
    mode: "0400"

- name: Install boto3 and botocore using apt
+- name: Install rclone
  become: yes
  apt:
    name:
--- a/templates/backup-is-restore-needed.sh.j2
+++ b/templates/backup-is-restore-needed.sh.j2
@ -1,13 +1,10 @@
 #!/bin/bash

 # returns code 0 if backup is necessary, 1 otherwise
-
-eval "$DIRS_TO_BACKUP_STR"
-
-for file in "${DIRS_TO_BACKUP[@]}"; do
-    if [ ! -e "$file" ]; then
-        exit 0
-    fi
-done
+while IFS= read -r file; do
+	if [ ! -e "$file" ]; then
+		exit 0
+	fi
+done </backup-dirs

 exit 1
--- a/templates/backup-send.sh.j2
+++ b/templates/backup-send.sh.j2
@ -7,9 +7,7 @@ $RESTIC --password-file=$PWD_FILE unlock
 date
 echo "Sending the backup to the destination..."

-eval "$DIRS_TO_BACKUP_STR" # turn the string into an array
-
-$RESTIC --password-file=$PWD_FILE backup "${DIRS_TO_BACKUP[@]}"
+cat /backup-dirs | xargs -d '\n' $RESTIC --password-file=$PWD_FILE backup 

 date
 echo "Pruning the backup on the destination..."
--- a/templates/backup-vars.sh.j2
+++ b/templates/backup-vars.sh.j2
@ -1,5 +1,3 @@
-declare -a DIRS_TO_BACKUP=({% for item in all_backup_paths %}"{{ item }}"{% if not loop.last %} {% endif %}{% endfor %})
-export DIRS_TO_BACKUP_STR=$(declare -p DIRS_TO_BACKUP)
 export RESTIC_REPOSITORY="rclone:cloudflare-r2:{{ backup_bucket_prefix }}-{{ inventory_hostname }}"
 export PWD_FILE=/backup-pwd
 export RESTIC=/usr/bin/restic