From 6c214a23306098a2bfd4d5d37580f58d0037b670 Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Sun, 14 Mar 2021 00:02:06 +0100
Subject: [PATCH] add systemd timer for backups
---
defaults/main.yml | 10 ++++++++++
handlers/main.yml | 10 ++++++++++
tasks/main.yml | 17 +++++++++++++++++
templates/status-email-root.j2 | 4 ++++
templates/status-email-root@.service.j2 | 7 +++++++
templates/timer.j2 | 11 +++++++++++
6 files changed, 59 insertions(+)
create mode 100755 templates/status-email-root.j2
create mode 100644 templates/status-email-root@.service.j2
create mode 100644 templates/timer.j2
diff --git a/defaults/main.yml b/defaults/main.yml
index 2fdc183..93b4e8a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,4 +1,14 @@
backups:
+ jobs:
+ retention:
+ enabled: true
+ OnCalendar: "1:{{ 60|random(seed=(inventory_hostname + 'backups_jobs')) }}"
+ run:
+ enabled: true
+ OnCalendar: "3,11,19:{{ 60|random(seed=(inventory_hostname + 'backups_jobs')) }}"
+ check:
+ enabled: true
+ OnCalendar: "monday 5:{{ 60|random(seed=(inventory_hostname + 'backups_jobs')) }}"
backends:
restic:
url: /var/backup-client/restic
diff --git a/handlers/main.yml b/handlers/main.yml
index c8e1021..0e125d1 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,3 +1,13 @@
- name: reload systemd
systemd:
daemon_reload: True
+
+- name: enable timers
+ loop:
+ - check
+ - retention
+ - run
+ systemd:
+ name: "backup-{{ item }}.timer"
+ enabled: "{{ backups.jobs[item].enabled }}"
+ state: "{% if backups.jobs[item].enabled %}started{% else %}stopped{% endif %}"
diff --git a/tasks/main.yml b/tasks/main.yml
index 3674652..713d0c8 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -48,6 +48,7 @@
- backup-full
- backup-cronjob
- backup-check
+ - status-email-root
template:
src: "{{ item }}.j2"
dest: "/usr/local/bin/{{ item }}"
@@ -62,12 +63,28 @@
- backup-check
- backup-retention
- backup-run
+ - status-email-root@
template:
src: "{{ item }}.service.j2"
dest: "/etc/systemd/system/{{ item }}.service"
owner: root
group: root
mode: 0644
+# validate: /usr/bin/systemd-analyze verify %s
+ - name: copy timers
+ notify:
+ - reload systemd
+ - enable timers
+ loop:
+ - check
+ - retention
+ - run
+ template:
+ src: "timer.j2"
+ dest: "/etc/systemd/system/backup-{{ item }}.timer"
+ owner: root
+ group: root
+ mode: 0644
# validate: /usr/bin/systemd-analyze verify %s
- name: create data folder
file:
diff --git a/templates/status-email-root.j2 b/templates/status-email-root.j2
new file mode 100755
index 0000000..fe82c1a
--- /dev/null
+++ b/templates/status-email-root.j2
@@ -0,0 +1,4 @@
+#!/bin/bash
+set -euo pipefail
+
+systemctl status "$1" | mail -s "service $1 failed on $( hostname )" root || true
diff --git a/templates/status-email-root@.service.j2 b/templates/status-email-root@.service.j2
new file mode 100644
index 0000000..81e82e8
--- /dev/null
+++ b/templates/status-email-root@.service.j2
@@ -0,0 +1,7 @@
+[Unit]
+Description=Send a mail to root in case of a service failure
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/status-email-root %i
+
diff --git a/templates/timer.j2 b/templates/timer.j2
new file mode 100644
index 0000000..d1885e5
--- /dev/null
+++ b/templates/timer.j2
@@ -0,0 +1,11 @@
+[Unit]
+Description=Execute backup job
+
+[Timer]
+Persistent=true
+{% if "OnCalendar" in backups.jobs[item] %}
+OnCalendar={{ backups.jobs[item].OnCalendar }}
+{% endif %}
+
+[Install]
+WantedBy=timers.target
--
GitLab