From e7d5a2cbc7b20c31b7adb97a9bd50d41615c815f Mon Sep 17 00:00:00 2001
From: Julian Rother <julian@cccv.de>
Date: Sat, 11 Dec 2021 02:28:02 +0100
Subject: [PATCH] post_run and pre_run hook support

---
 README.md                      |  8 +++++++
 defaults/main.yml              |  3 +++
 templates/backup-standalone.j2 | 41 ++++++++++++++++++++++++----------
 3 files changed, 40 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 0b0d5d7..0763607 100644
--- a/README.md
+++ b/README.md
@@ -100,4 +100,12 @@ exclude_files: {}
 # Only supportet in restic based backups
 # Ignored in vm-via-hypervisor mode
 include_files: {}
+
+# Run one or more hooks before and after each (standalone) backup run
+# Items are executed in bash in their own subshell
+hooks:
+  pre_run:
+  - mysqldump --all-databases > /var/backups/mysql-backup.sql
+  post_run:
+  - rm /var/backups/mysql-backup.sql
 ```
diff --git a/defaults/main.yml b/defaults/main.yml
index f8db1ff..6bdfbf1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -48,3 +48,6 @@ backups:
     '/root/.ansible/*': true
   include_files:
     '/': true
+  hooks:
+    pre_run: []
+    post_run: []
diff --git a/templates/backup-standalone.j2 b/templates/backup-standalone.j2
index bd5dd65..375a965 100755
--- a/templates/backup-standalone.j2
+++ b/templates/backup-standalone.j2
@@ -3,21 +3,38 @@ set -euo pipefail
 
 test -f "/etc/backup-client/enabled" || { echo "Standalone backup is disabled"; exit 0; }
 
-{% if backup_backend == 'restic' %}
-# restic backend
-source /etc/backup-client/restic.env
-
-restic backup \
-	{{ restic_combined_flags }} \
-	--verbose \
-	--exclude-caches \
-	--one-file-system \
-	--exclude "${RESTIC_REPOSITORY}" \
-	--exclude-file "/etc/backup-client/exclude_files" \
-	--files-from "/etc/backup-client/include_files"
+{% if backups.hooks.pre_run %}
+echo "Running pre_run hooks"
+{% for cmd in backups.hooks.pre_run %}
+( {{ cmd }} )
+{% endfor %}
+echo "Hooks done"
+{% endif %}
 
+{% if backup_backend == 'restic' %}
+# Run restic in subshell to avoid leaking environment to post_run hooks
+(
+	# restic backend
+	source /etc/backup-client/restic.env
 
+	restic backup \
+		{{ restic_combined_flags }} \
+		--verbose \
+		--exclude-caches \
+		--one-file-system \
+		--exclude "${RESTIC_REPOSITORY}" \
+		--exclude-file "/etc/backup-client/exclude_files" \
+		--files-from "/etc/backup-client/include_files"
+)
 {% endif %}
 {% if not backup_backend %}
 echo "Noop, backup is handled external"
 {% endif %}
+
+{% if backups.hooks.post_run %}
+echo "Running post_run hooks"
+{% for cmd in backups.hooks.post_run %}
+( {{ cmd }} )
+{% endfor %}
+echo "Hooks done"
+{% endif %}
-- 
GitLab