Set up scheduled (cronjob) backups using the Duplicity backup tool, which supports incremental encrypted backups to local filesystem mounts and various cloud storage locations, e.g. Dropbox.
Note that Duplicity and various Python3 modules for backend support will be installed from PyPI into a virtualenv at
/opt/duplicity_venv
: see the install_duplicity
option for ways to change that.
None.
Required Variables
duplicity_target_paths:
- path: /opt/my-awesome-config
name: awesome-config
- path: /etc/nginx
- path: /opt/other-data
backup_url_stem: file:///some-other-location-for-just-this-path
A list of paths to back up, and optional names for the backups. If no name is given, the full path is used. A
backup_url_stem
may also be specified, to override the default set below.
backup_url_stem: dpbx:///my_folder
Default start of the backup path, to which the name
or path
above will be appended. See the
Duplicity manpage for how to use various backends.
Can be overidden per-path with the backup_url_stem
var.
Optional Variables
gpg_key: duplicity
Passphrase to use for backup encryption: you probably want to set this in a vault file!
backup_env_vars:
DPBX_ACCESS_TOKEN=ABC123ImNotARealDropboxToken
List of environment variables to set for the backup tool. Empty by default, but the example above is for Dropbox.
backup_schedule: 0 3 * * *
full_backup_after: 1W
delete_backups_after: 1Y
Backup schedule controls. backup_schedule
is a cron line defining how often to run Duplicity, which will run an
incremental backup if it can, unless the period in full_backup_after
has passed, in which case it will run a full
backup. Finally, old backups are deleted after delete_backups_after
if they aren't referenced by newer incremental
backups. See the manpage for valid time range values.
run_backup_now: true
Should we run a full backup immediately as well as the cronjob?
install_duplicity: true
duplicity_install_package: duplicity
duplicity_venv_path: /opt/duplicity_venv
duplicity_binary: "/usr/local/bin/duplicity"
Should we install Duplicity, and if so, where (a Python3 virtualenv will be created for it). We'll also write a wrapper
script to duplicity_binary
to execute it.
duplicity_install_name: duplicity
Customise the name of this backup installation in cronjobs and files, to allow the role to be used multiple times on a host.
None
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: backup_targets
roles:
- role: ansible-schedule-duplicity
duplicity_target_paths:
- name: user-data
path: /opt/user-data
backup_url_stem: dpbx:///duplicity-backups
MIT
Sam Mesterton-Gibbons sam@samn.co.uk