diff --git a/playbook.yml b/playbook.yml index 3f358b6..25a3e0e 100644 --- a/playbook.yml +++ b/playbook.yml @@ -9,6 +9,7 @@ - rpg roles: - role: scripts + - role: daily-backup - role: murmur-docker - role: searx-docker - role: wiki-docker @@ -25,4 +26,4 @@ # prompt: "Sudo password" # private: yes vars_files: - - "passwords.yml" \ No newline at end of file + - "passwords.yml" diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index 114755e..395cc76 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -10,4 +10,6 @@ - rsync - ufw - vim - - wget \ No newline at end of file + - wget + - borg + diff --git a/roles/daily-backup/files/daily-backup.service b/roles/daily-backup/files/daily-backup.service new file mode 100644 index 0000000..f598057 --- /dev/null +++ b/roles/daily-backup/files/daily-backup.service @@ -0,0 +1,7 @@ +[Unit] +Description=Full server backup + +[Service] +Type=simple +ExecStart=/root/fullBackup.sh + diff --git a/roles/daily-backup/files/daily-backup.timer b/roles/daily-backup/files/daily-backup.timer new file mode 100644 index 0000000..39fde35 --- /dev/null +++ b/roles/daily-backup/files/daily-backup.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Timer for daily backup + +[Timer] +OnCalendar=*-*-* 04:00:00 +Persistent=true + +[Install] +WantedBy=timers.target + diff --git a/roles/daily-backup/tasks/main.yml b/roles/daily-backup/tasks/main.yml new file mode 100644 index 0000000..d6a922c --- /dev/null +++ b/roles/daily-backup/tasks/main.yml @@ -0,0 +1,23 @@ +--- +- name: Create fullBackup.sh + template: + src: fullBackup.sh + dest: /root/fullBackup.sh + mode: 0700 +- name: Copy daily-backup.service + copy: + src: daily-backup.service + dest: /etc/systemd/system/ + mode: 0700 +- name: Copy daily-backup.timer + copy: + src: daily-backup.timer + dest: /etc/systemd/system/ + mode: 0700 +- name: Enable and start daily-backup + systemd: + name: daily-backup.timer + state: started + enabled: yes + daemon_reload: yes + diff --git a/roles/scripts/templates/fullBackup.sh b/roles/daily-backup/templates/fullBackup.sh similarity index 79% rename from roles/scripts/templates/fullBackup.sh rename to roles/daily-backup/templates/fullBackup.sh index 20e5773..da228ae 100755 --- a/roles/scripts/templates/fullBackup.sh +++ b/roles/daily-backup/templates/fullBackup.sh @@ -23,13 +23,16 @@ echo 'Starting Borg backup' borg create -v --stats --compression lz4 \ ${REPOSITORY}::'{hostname}-{now:%Y-%m-%d}' \ /root \ + /home \ + /media \ /etc \ - /var \ + /var/lib/deluge \ + /var/lib/mailu \ + /var/lib/matrix/media_store \ + /var/lib/nextcloud \ + /var/lib/wiki \ /backups \ - --exclude '/var/lib/nextcloud/db' \ - --exclude '/var/lib/plex/transcode' \ - --exclude '/var/lib/prometheus' \ - --exclude '/var/lib/gitlab/data' + --exclude '/var/lib/nextcloud/db' # Route the normal process logging to journalctl 2>&1 diff --git a/roles/emby-docker/files/emby/docker-compose.yml b/roles/emby-docker/files/emby/docker-compose.yml index 70671cd..b2c4b05 100644 --- a/roles/emby-docker/files/emby/docker-compose.yml +++ b/roles/emby-docker/files/emby/docker-compose.yml @@ -11,6 +11,7 @@ services: volumes: - ./config:/config - /media:/media:ro + - /etc/localtime:/etc/localtime:ro environment: - PUID=33 - PGID=33 diff --git a/roles/gitlab-docker/files/gitlab/docker-compose.yml b/roles/gitlab-docker/files/gitlab/docker-compose.yml index c89792c..fe059dc 100644 --- a/roles/gitlab-docker/files/gitlab/docker-compose.yml +++ b/roles/gitlab-docker/files/gitlab/docker-compose.yml @@ -22,6 +22,7 @@ services: - /var/log/gitlab:/var/log/gitlab - /var/lib/gitlab:/var/opt/gitlab - /backups/gitlab:/var/opt/gitlab/backups + - /etc/localtime:/etc/localtime:ro networks: - proxy-tier restart: always @@ -31,4 +32,5 @@ services: volumes: - ./runner-config:/etc/gitlab-runner - /var/run/docker.sock:/var/run/docker.sock + - /etc/localtime:/etc/localtime:ro restart: always diff --git a/roles/mailu-docker/files/mailu/docker-compose.yml b/roles/mailu-docker/files/mailu/docker-compose.yml index 062c5df..a0b5de8 100644 --- a/roles/mailu-docker/files/mailu/docker-compose.yml +++ b/roles/mailu-docker/files/mailu/docker-compose.yml @@ -28,6 +28,7 @@ services: - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem" - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem" - "$ROOT/overrides:/overrides" + - /etc/localtime:/etc/localtime:ro smtp: image: mailu/postfix:$VERSION @@ -42,6 +43,7 @@ services: - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem" - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem" - "$ROOT/overrides:/overrides" + - /etc/localtime:/etc/localtime:ro milter: image: mailu/rmilter:$VERSION @@ -51,6 +53,7 @@ services: - "$ROOT/filter:/data" - "$ROOT/dkim:/dkim" - "$ROOT/overrides:/overrides" + - /etc/localtime:/etc/localtime:ro antispam: image: mailu/rspamd:$VERSION @@ -58,6 +61,7 @@ services: env_file: .env volumes: - "$ROOT/filter:/var/lib/rspamd" + - /etc/localtime:/etc/localtime:ro antivirus: image: mailu/clamav:$VERSION @@ -65,6 +69,7 @@ services: env_file: .env volumes: - "$ROOT/filter:/data" + - /etc/localtime:/etc/localtime:ro webdav: image: mailu/$WEBDAV:$VERSION @@ -72,6 +77,7 @@ services: env_file: .env volumes: - "$ROOT/dav:/data" + - /etc/localtime:/etc/localtime:ro admin: image: mailu/admin:$VERSION @@ -90,6 +96,7 @@ services: - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem" - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem" - /var/run/docker.sock:/var/run/docker.sock:ro + - /etc/localtime:/etc/localtime:ro networks: - proxy-tier @@ -106,3 +113,4 @@ services: env_file: .env volumes: - "$ROOT/data:/data" + - /etc/localtime:/etc/localtime:ro diff --git a/roles/matrix-docker/files/matrix/docker-compose.yml b/roles/matrix-docker/files/matrix/docker-compose.yml index 5702b96..930295b 100644 --- a/roles/matrix-docker/files/matrix/docker-compose.yml +++ b/roles/matrix-docker/files/matrix/docker-compose.yml @@ -9,6 +9,7 @@ services: volumes: - /var/lib/matrix/db:/var/lib/postgresql/data - /backups/matrix:/backups + - /etc/localtime:/etc/localtime:ro environment: - POSTGRES_PASSWORD=synapse - POSTGRES_USER=synapse @@ -29,6 +30,7 @@ services: - /var/lib/matrix/media_store:/data/media_store - /var/log/synapse:/data/log - ./synapse:/data + - /etc/localtime:/etc/localtime:ro networks: - matrix - proxy-tier diff --git a/roles/murmur-docker/files/murmur/docker-compose.yml b/roles/murmur-docker/files/murmur/docker-compose.yml index ee167e2..5b7aa1d 100644 --- a/roles/murmur-docker/files/murmur/docker-compose.yml +++ b/roles/murmur-docker/files/murmur/docker-compose.yml @@ -6,6 +6,7 @@ services: volumes: - ./murmur.ini:/etc/murmur.ini - /var/lib/murmur/murmur.sqlite:/data/murmur.sqlite + - /etc/localtime:/etc/localtime:ro ports: - 64738:64738 - 64738:64738/udp diff --git a/roles/nextcloud-docker/files/nextcloud/docker-compose.yml b/roles/nextcloud-docker/files/nextcloud/docker-compose.yml index f089f6c..ca4c7ea 100644 --- a/roles/nextcloud-docker/files/nextcloud/docker-compose.yml +++ b/roles/nextcloud-docker/files/nextcloud/docker-compose.yml @@ -10,6 +10,7 @@ services: image: nginx volumes: - ./config/nginx.conf:/etc/nginx/nginx.conf:ro + - /etc/localtime:/etc/localtime:ro links: - app - collabora @@ -34,6 +35,7 @@ services: - ./config:/var/www/html/config - /var/lib/nextcloud/data:/var/www/html/data - /media:/media + - /etc/localtime:/etc/localtime:ro networks: - proxy-tier restart: always @@ -43,6 +45,7 @@ services: volumes: - /var/lib/nextcloud/db:/var/lib/mysql - /backups/nextcloud:/backups + - /etc/localtime:/etc/localtime:ro environment: - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - MYSQL_DATABASE=${MYSQL_DATABASE} diff --git a/roles/plex-docker/files/plex/docker-compose.yml b/roles/plex-docker/files/plex/docker-compose.yml index 010ab9c..44c2140 100644 --- a/roles/plex-docker/files/plex/docker-compose.yml +++ b/roles/plex-docker/files/plex/docker-compose.yml @@ -14,6 +14,7 @@ services: - /media:/data - /var/lib/plex/transcode:/transcode - /tmp:/tmp + - /etc/localtime:/etc/localtime:ro environment: - VIRTUAL_HOST=${PLEX_DOMAIN} - VIRTUAL_NETWORK=nginx-proxy diff --git a/roles/scripts/tasks/main.yml b/roles/scripts/tasks/main.yml index 4329c57..cdf5b87 100644 --- a/roles/scripts/tasks/main.yml +++ b/roles/scripts/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: Create fullBackup.sh - template: - src: fullBackup.sh - dest: /root/fullBackup.sh - mode: 0700 - name: Create dockerComposeAll.sh template: src: dockerComposeAll.sh @@ -18,4 +13,4 @@ template: src: updateAll.sh dest: /root/updateAll.sh - mode: 0700 \ No newline at end of file + mode: 0700 diff --git a/roles/wiki-docker/files/wiki/docker-compose.yml b/roles/wiki-docker/files/wiki/docker-compose.yml index bf67429..2e0587c 100644 --- a/roles/wiki-docker/files/wiki/docker-compose.yml +++ b/roles/wiki-docker/files/wiki/docker-compose.yml @@ -16,6 +16,7 @@ services: - VIRTUAL_PORT=80 volumes: - '/var/lib/wiki/rpg:/bitnami' + - /etc/localtime:/etc/localtime:ro networks: - proxy-tier restart: always