Add backup config and fix timezone in containers

2025-12-25 13:46:59 +01:00 · 2018-01-07 20:22:21 +01:00 · 2018-01-07 20:22:21 +01:00 · fe296230a8
commit fe296230a8
parent 9f7679c7aa
15 changed files with 73 additions and 13 deletions
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@ -10,4 +10,6 @@
    - rsync
    - ufw
    - vim
-    - wget
+    - wget
+    - borg
+
--- a/roles/daily-backup/files/daily-backup.service
+++ b/roles/daily-backup/files/daily-backup.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Full server backup
+
+[Service]
+Type=simple
+ExecStart=/root/fullBackup.sh
+
--- a/roles/daily-backup/files/daily-backup.timer
+++ b/roles/daily-backup/files/daily-backup.timer
@ -0,0 +1,10 @@
+[Unit]
+Description=Timer for daily backup
+
+[Timer]
+OnCalendar=*-*-* 04:00:00
+Persistent=true
+
+[Install]
+WantedBy=timers.target
+
--- a/roles/daily-backup/tasks/main.yml
+++ b/roles/daily-backup/tasks/main.yml
@ -0,0 +1,23 @@
+---
+- name: Create fullBackup.sh
+  template:
+    src: fullBackup.sh
+    dest: /root/fullBackup.sh
+    mode: 0700
+- name: Copy daily-backup.service
+  copy:
+    src: daily-backup.service
+    dest: /etc/systemd/system/
+    mode: 0700
+- name: Copy daily-backup.timer
+  copy:
+    src: daily-backup.timer
+    dest: /etc/systemd/system/
+    mode: 0700
+- name: Enable and start daily-backup
+  systemd:
+    name: daily-backup.timer
+    state: started
+    enabled: yes
+    daemon_reload: yes
+
--- a/roles/daily-backup/templates/fullBackup.sh
+++ b/roles/daily-backup/templates/fullBackup.sh
@ -23,13 +23,16 @@ echo 'Starting Borg backup'
 borg create -v --stats --compression lz4           \
    ${REPOSITORY}::'{hostname}-{now:%Y-%m-%d}'     \
    /root                                          \
+    /home                                          \
+    /media                                         \
    /etc                                           \
-    /var                                           \
+    /var/lib/deluge                                \
+    /var/lib/mailu                                 \
+    /var/lib/matrix/media_store                    \
+    /var/lib/nextcloud                             \
+    /var/lib/wiki                                  \
    /backups                                       \
-    --exclude '/var/lib/nextcloud/db'              \
-    --exclude '/var/lib/plex/transcode'            \
-    --exclude '/var/lib/prometheus'                \
-    --exclude '/var/lib/gitlab/data'
+    --exclude '/var/lib/nextcloud/db'

 # Route the normal process logging to journalctl
 2>&1
--- a/roles/emby-docker/files/emby/docker-compose.yml
+++ b/roles/emby-docker/files/emby/docker-compose.yml
@ -11,6 +11,7 @@ services:
    volumes:
        - ./config:/config
        - /media:/media:ro
+        - /etc/localtime:/etc/localtime:ro
    environment:
      - PUID=33
      - PGID=33
--- a/roles/gitlab-docker/files/gitlab/docker-compose.yml
+++ b/roles/gitlab-docker/files/gitlab/docker-compose.yml
@ -22,6 +22,7 @@ services:
      - /var/log/gitlab:/var/log/gitlab
      - /var/lib/gitlab:/var/opt/gitlab
      - /backups/gitlab:/var/opt/gitlab/backups
+      - /etc/localtime:/etc/localtime:ro
    networks:
      - proxy-tier
    restart: always
@ -31,4 +32,5 @@ services:
    volumes:
      - ./runner-config:/etc/gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
+      - /etc/localtime:/etc/localtime:ro
    restart: always
--- a/roles/mailu-docker/files/mailu/docker-compose.yml
+++ b/roles/mailu-docker/files/mailu/docker-compose.yml
@ -28,6 +28,7 @@ services:
      - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem"
      - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem"
      - "$ROOT/overrides:/overrides"
+      - /etc/localtime:/etc/localtime:ro

  smtp:
    image: mailu/postfix:$VERSION
@ -42,6 +43,7 @@ services:
      - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem"
      - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem"
      - "$ROOT/overrides:/overrides"
+      - /etc/localtime:/etc/localtime:ro

  milter:
    image: mailu/rmilter:$VERSION
@ -51,6 +53,7 @@ services:
      - "$ROOT/filter:/data"
      - "$ROOT/dkim:/dkim"
      - "$ROOT/overrides:/overrides"
+      - /etc/localtime:/etc/localtime:ro

  antispam:
    image: mailu/rspamd:$VERSION
@ -58,6 +61,7 @@ services:
    env_file: .env
    volumes:
      - "$ROOT/filter:/var/lib/rspamd"
+      - /etc/localtime:/etc/localtime:ro

  antivirus:
    image: mailu/clamav:$VERSION
@ -65,6 +69,7 @@ services:
    env_file: .env
    volumes:
      - "$ROOT/filter:/data"
+      - /etc/localtime:/etc/localtime:ro

  webdav:
    image: mailu/$WEBDAV:$VERSION
@ -72,6 +77,7 @@ services:
    env_file: .env
    volumes:
      - "$ROOT/dav:/data"
+      - /etc/localtime:/etc/localtime:ro

  admin:
    image: mailu/admin:$VERSION
@ -90,6 +96,7 @@ services:
      - "../proxy/nginx/certs/${DOMAIN}.crt:/certs/cert.pem"
      - "../proxy/nginx/certs/${DOMAIN}.key:/certs/key.pem"
      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /etc/localtime:/etc/localtime:ro
    networks:
      - proxy-tier

@ -106,3 +113,4 @@ services:
    env_file: .env
    volumes:
      - "$ROOT/data:/data"
+      - /etc/localtime:/etc/localtime:ro
--- a/roles/matrix-docker/files/matrix/docker-compose.yml
+++ b/roles/matrix-docker/files/matrix/docker-compose.yml
@ -9,6 +9,7 @@ services:
    volumes:
      - /var/lib/matrix/db:/var/lib/postgresql/data
      - /backups/matrix:/backups
+      - /etc/localtime:/etc/localtime:ro
    environment:
      - POSTGRES_PASSWORD=synapse
      - POSTGRES_USER=synapse
@ -29,6 +30,7 @@ services:
      - /var/lib/matrix/media_store:/data/media_store
      - /var/log/synapse:/data/log
      - ./synapse:/data
+      - /etc/localtime:/etc/localtime:ro
    networks:
      - matrix
      - proxy-tier
--- a/roles/murmur-docker/files/murmur/docker-compose.yml
+++ b/roles/murmur-docker/files/murmur/docker-compose.yml
@ -6,6 +6,7 @@ services:
    volumes:
      - ./murmur.ini:/etc/murmur.ini
      - /var/lib/murmur/murmur.sqlite:/data/murmur.sqlite
+      - /etc/localtime:/etc/localtime:ro
    ports:
      - 64738:64738
      - 64738:64738/udp
--- a/roles/nextcloud-docker/files/nextcloud/docker-compose.yml
+++ b/roles/nextcloud-docker/files/nextcloud/docker-compose.yml
@ -10,6 +10,7 @@ services:
    image: nginx
    volumes:
      - ./config/nginx.conf:/etc/nginx/nginx.conf:ro
+      - /etc/localtime:/etc/localtime:ro
    links:
      - app
      - collabora
@ -34,6 +35,7 @@ services:
      - ./config:/var/www/html/config
      - /var/lib/nextcloud/data:/var/www/html/data
      - /media:/media
+      - /etc/localtime:/etc/localtime:ro
    networks:
      - proxy-tier
    restart: always
@ -43,6 +45,7 @@ services:
    volumes:
      - /var/lib/nextcloud/db:/var/lib/mysql
      - /backups/nextcloud:/backups
+      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
      - MYSQL_DATABASE=${MYSQL_DATABASE}
--- a/roles/plex-docker/files/plex/docker-compose.yml
+++ b/roles/plex-docker/files/plex/docker-compose.yml
@ -14,6 +14,7 @@ services:
      - /media:/data
      - /var/lib/plex/transcode:/transcode
      - /tmp:/tmp
+      - /etc/localtime:/etc/localtime:ro
    environment:
      - VIRTUAL_HOST=${PLEX_DOMAIN}
      - VIRTUAL_NETWORK=nginx-proxy
--- a/roles/scripts/tasks/main.yml
+++ b/roles/scripts/tasks/main.yml
@ -1,9 +1,4 @@
 ---
- name: Create fullBackup.sh
-  template:
-    src: fullBackup.sh
-    dest: /root/fullBackup.sh
-    mode: 0700
 - name: Create dockerComposeAll.sh
  template:
    src: dockerComposeAll.sh
@ -18,4 +13,4 @@
  template:
    src: updateAll.sh
    dest: /root/updateAll.sh
-    mode: 0700
+    mode: 0700
--- a/roles/wiki-docker/files/wiki/docker-compose.yml
+++ b/roles/wiki-docker/files/wiki/docker-compose.yml
@ -16,6 +16,7 @@ services:
      - VIRTUAL_PORT=80
    volumes:
      - '/var/lib/wiki/rpg:/bitnami'
+      - /etc/localtime:/etc/localtime:ro
    networks:
      - proxy-tier
    restart: always