infrastructure/roles/backup/vars/main.yml

60 lines
1.7 KiB
YAML

---
backup_image: "{{ (container_registry.public, 'services/backup') | path_join }}"
backup_svc:
name: backup
backup_volumes_list: "{{ all_services | my_service_attributes(host_services, 'volumes_backup') }}"
backup_volumes_service: "{{ backup_volumes_list | map_backup_volumes_service }}"
backup_env:
HC_UID: "{{ host_backup.hc_uid }}"
UPTIME_KUMA_TOKEN: "{{ host_backup.uptime_kuma_token }}"
RESTIC_REPOSITORY: "{{ vault_backup.restic.s3.repository }}"
RESTIC_PASSWORD: "{{ vault_backup.restic.s3.password }}"
AWS_ACCESS_KEY_ID: "{{ vault_backup.restic.s3.access_key_id }}"
AWS_SECRET_ACCESS_KEY: "{{ vault_backup.restic.s3.secret_access_key }}"
#RESTIC_S3_REPOSITORY: "{{ vault_backup.restic.s3.repository }}"
#RESTIC_S3_PASSWORD: "{{ vault_backup.restic.s3.password }}"
#RESITC_S3_ACCESS_KEY_ID: "{{ vault_backup.restic.s3.access_key_id }}"
#RESITC_S3_SECRET_ACCESS_KEY: "{{ vault_backup.restic.s3.secret_access_key }}"
#RESTIC_BORGBASE: "{{ vault_backup.restic.borgbase }}"
backup_compose:
watchtower: false
image: "{{ backup_image }}"
volumes: "{{ backup_volumes_service }}"
file:
services:
app:
build:
context: .
entrypoint:
- /usr/bin/restic
- --retry-lock=1m
restart: never
hostname: "{{ ansible_facts.hostname }}"
mount:
build:
context: .
image: "{{ backup_image }}"
restart: never
hostname: "{{ ansible_facts.hostname }}"
env_file:
- service.env
entrypoint:
- /usr/bin/restic
- --retry-lock=1m
command:
- mount
- /mnt
privileged: true
devices:
- /dev/fuse
volumes: "{{ backup_volumes_list | map_backup_volumes }}"