diff --git a/ansible-create_backup_script.yml b/ansible-create_backup_script.yml
new file mode 100644
index 0000000..5a459db
--- /dev/null
+++ b/ansible-create_backup_script.yml
@@ -0,0 +1,74 @@
+---
+- name: Setup Backup Script
+ hosts: all
+ become: yes
+ vars_files:
+ - vault.yml
+ tasks:
+ - name: Erstelle Backup-Verzeichnis
+ file:
+ path: /mnt/docker/backup
+ state: directory
+ mode: '0755'
+
+ - name: Erstelle Backup-Skript
+ copy:
+ dest: /usr/local/src/backup-to-s3.sh
+ mode: '0750'
+ owner: root
+ group: root
+ content: |
+ #!/bin/bash
+ EMAIL_FROM="mail@notifications.asmodee.de"
+ EMAIL_TO="it-admin@asmodee.de"
+ ARCHIV_NAME="docker05"
+ ARCHIV_PASS="{{ backup_archive_password }}"
+ ARCHIV_PATH="/mnt/docker/backup"
+ ARCHIV_TIME="$(date +%Y-%m-%d_%H-%M-%S)"
+ AWS_BUCKET="de.asmodee.docker05.backup"
+ AWS_SETUP_CP="--storage-class GLACIER"
+ AWS_EXEC="docker run --rm -v /root/.aws:/root/.aws -v ${ARCHIV_PATH}:/aws amazon/aws-cli"
+ BACKUP_DATAS[0]="unifi-backups|/mnt/docker/unifi-controller/data/data/backup/"
+
+ # Testings
+ test -f /root/.aws/config || exit 1
+ test -f /root/.aws/credentials || exit 1
+ test -d "${ARCHIV_PATH}" || exit 1
+ test -x "$(which 7z)" || exit 1
+ test -x "$(which docker)" || exit 1
+
+ # CleanUp previews Backups
+ find "${ARCHIV_PATH}" -maxdepth 1 -type f -name "*.7z" -delete
+
+ # Backup Attachements (only on Sunday!)
+ if [[ $(date +%u) -eq 7 ]]; then
+ for BACKUP_DATA in "${BACKUP_DATAS[@]}"; do
+ mapfile -td \| ENV_MAPFILE <<<"$BACKUP_DATA"
+ DATA_NAME=$(echo ${ENV_MAPFILE[0]})
+ DATA_PATH=$(echo ${ENV_MAPFILE[1]})
+ 7z a -p"${ARCHIV_PASS}" -mhe=on "${ARCHIV_PATH}/${ARCHIV_NAME}_${ARCHIV_TIME}_${DATA_NAME}-data.7z" "${DATA_PATH}"
+ if [ $? -eq 0 ]; then
+ $AWS_EXEC s3 cp "${ARCHIV_NAME}_${ARCHIV_TIME}_${DATA_NAME}-data.7z" s3://${AWS_BUCKET}/ ${AWS_SETUP_CP}
+ else
+ rm "${ARCHIV_PATH}/${ARCHIV_NAME}_${ARCHIV_TIME}_${DATA_NAME}-data.7z"
+ echo "ERROR: ${DATA_NAME} Backup failed!"; exit 1; fi
+ done
+ fi
+
+ # Email Notification
+ echo "Subject:[$ARCHIV_NAME] Cloud Backup
+ From:$ARCHIV_NAME <$EMAIL_FROM>
+ To: $EMAIL_TO
+ Mime-Version: 1.0
+ Content-Type: text/html
+ Charset: UTF-8
+
+ Backup Files:
+ $(ls -lh "${ARCHIV_PATH}" | sed "s/$/
/")
+
+ Service Log:
+ $(journalctl -u backup-to-s3.service --since today --output short | sed "s/$/
/")
+ " | docker exec -i mail-relay sendmail -f $EMAIL_FROM $EMAIL_TO
+
+ # Clean Exit
+ exit 0
diff --git a/setups/docker-compose.yml b/setups/docker-compose.yml
index 618f6df..fe9846c 100644
--- a/setups/docker-compose.yml
+++ b/setups/docker-compose.yml
@@ -42,6 +42,7 @@ services:
- ./inventory/:/inventory:ro
- ./authorized-keys/:/authorized-keys:ro
- ./config/:/etc/semaphore:rw
+ # - ./ansible.cfg:/etc/ansible/ansible.cfg
restart: unless-stopped
depends_on:
- mysql
diff --git a/setups/setup_vault.yml b/setups/setup_vault.yml
new file mode 100644
index 0000000..f68af62
--- /dev/null
+++ b/setups/setup_vault.yml
@@ -0,0 +1,10 @@
+# Erzeugen der Vault:
+# ansible-vault create vault.yml
+# hier muss dann das Passwort für den Zugriff auf die Vault eingegeben werden
+# Anschließend werden die benötigten Daten in der folgenden Form eingegeben:
+# backup_archive_password: IhrPasswortHier
+#
+# Erzeugen des Passwortfiles im Verzeichnis von root:
+# echo "IhrVaultPasswort" > /root/pw-file.txt
+# chown root:root /root/pw-file.txt
+# chmod 600 /root/pw-file.txt