commit b62df04415323c0295b59d28ce879f60f5630dfc
Author: angristan <angristan@pm.me>
Date:   Thu Mar 21 08:51:17 2019 +0100

    Initial commit

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c7f571c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+journalctl -u restic-backup
+
+--extra-vars restic_install=true
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..82c4230
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,25 @@
+---
+
+restic_install: false
+restic_version: 0.9.4
+restic_script_path: /root/restic-backup.sh
+
+restic_repository_name: restic
+restic_default_folders:
+  - {path: '/etc'}
+  - {path: '/var/log'}
+  - {path: '/root', exclude: '--exclude .cache --exclude .local'}
+restic_folders: []
+restic_databases: []
+restic_forget: true
+restic_forget_keep_within: 30d
+restic_prune: true
+
+restic_ssh_host: backup
+restic_ssh_port: 22 
+restic_ssh_private_key_path: '~/.ssh/backup'
+restic_ssh_public_key_path: '~/.ssh/backup.pub'
+
+restic_user: root
+restic_systemd_timer_on_calender: '*-*-* 03:00:00'
+restic_systemd_timer_randomized_delay_sec: 0
diff --git a/tasks/install.yml b/tasks/install.yml
new file mode 100644
index 0000000..17e9dca
--- /dev/null
+++ b/tasks/install.yml
@@ -0,0 +1,30 @@
+---
+- name: Install fuse
+  apt:
+    name: fuse
+
+- name: Install bzip2
+  apt:
+    name: bzip2
+
+- name: Download restic
+  get_url:
+    url: 'https://github.com/restic/restic/releases/download/v{{ restic_version }}/restic_{{ restic_version }}_linux_amd64.bz2'
+    dest: '/tmp/restic_{{ restic_version }}_linux_amd64.bz2'
+
+- name: Extract restic
+  command: 'bzip2 -d /tmp/restic_{{ restic_version }}_linux_amd64.bz2'
+  args:
+    creates: '/tmp/restic_{{ restic_version }}_linux_amd64'
+
+- name: Install restic
+  copy:
+    remote_src: true
+    src: '/tmp/restic_{{ restic_version }}_linux_amd64'
+    dest: /usr/local/bin/restic
+    mode: 0755
+
+- name: Remove downloaded file
+  file:
+    path: '/tmp/restic_{{ restic_version }}_linux_amd64'
+    state: absent
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..a088588
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,58 @@
+---
+
+- name: Check if restic is installed
+  stat: 
+    path: /usr/local/bin/restic
+  register: restic_binary
+
+
+- include_tasks: install.yml
+  when: not restic_binary.stat.exists or restic_install
+
+- name: Add SSH config
+  template:
+    src: ssh_config.j2
+    dest: /root/.ssh/config
+    owner: root
+    group: root
+    mode: 0600
+
+- name: Add SSH private key
+  template:
+    src: ssh_private_key.j2
+    dest: '{{ restic_ssh_private_key_path }}'
+    mode: 0600
+  when: restic_ssh_private_key is defined
+
+- name: Add restic-env
+  template:
+    src: restic-env.j2
+    dest: /root/.restic-env
+    owner: root
+    group: root
+    mode: 0600
+
+- name: Add restic-backup.sh
+  template:
+    src: restic-backup.sh.j2
+    dest: /root/restic-backup.sh
+    owner: root
+    group: root
+    mode: 0700
+  vars:
+    restic_folders_combined: '{{ restic_default_folders + restic_folders }}'
+
+- name: Add systemd service for restic
+  template:
+    src: restic-backup.service.j2
+    dest: /etc/systemd/system/restic-backup.service
+
+- name: Add systemd timer for restic
+  template:
+    src: restic-backup.timer.j2
+    dest: /etc/systemd/system/restic-backup.timer
+
+- name: Enable restic timer
+  systemd:
+    name: restic-backup.timer
+    enabled: true
diff --git a/templates/restic-backup.service.j2 b/templates/restic-backup.service.j2
new file mode 100644
index 0000000..9b6f814
--- /dev/null
+++ b/templates/restic-backup.service.j2
@@ -0,0 +1,7 @@
+[Unit]
+Description=Restic backup
+
+[Service]
+Type=oneshot
+ExecStart={{ restic_script_path }}
+User={{ restic_user }}
diff --git a/templates/restic-backup.sh.j2 b/templates/restic-backup.sh.j2
new file mode 100644
index 0000000..c095501
--- /dev/null
+++ b/templates/restic-backup.sh.j2
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+source ~/.restic-env
+
+echo -e "\n`date` - Starting backup...\n"
+
+{% for folder in restic_folders_combined %}
+restic backup --verbose {{ folder.path }} {{ folder.exclude if folder.exclude is defined else '' }}
+{% endfor %}
+
+{% for database in restic_databases %}
+{{ database.dump_command}} | restic backup --verbose --stdin --stdin-filename {{ database.name }}.sql
+{% endfor -%}
+
+echo -e "\n`date` - Running forget and prune...\n"
+
+{% if restic_forget %}
+restic forget --keep-within {{ restic_forget_keep_within }}
+{% endif %}
+
+{% if restic_prune %}
+restic prune
+{% endif %}
+
+echo -e "\n`date` - Backup finished.\n"
+
diff --git a/templates/restic-backup.timer.j2 b/templates/restic-backup.timer.j2
new file mode 100644
index 0000000..a4168aa
--- /dev/null
+++ b/templates/restic-backup.timer.j2
@@ -0,0 +1,9 @@
+[Unit]
+Description=Restic backup
+
+[Timer]
+OnCalendar={{ restic_systemd_timer_on_calender }}
+RandomizedDelaySec={{ restic_systemd_timer_randomized_delay_sec }}
+
+[Install]
+WantedBy=timers.target
diff --git a/templates/restic-env.j2 b/templates/restic-env.j2
new file mode 100644
index 0000000..0c06b6c
--- /dev/null
+++ b/templates/restic-env.j2
@@ -0,0 +1,2 @@
+export RESTIC_REPOSITORY="sftp:{{ restic_ssh_host }}:{{ restic_repository_name }}"
+export RESTIC_PASSWORD="{{ restic_password}}"
diff --git a/templates/ssh_config.j2 b/templates/ssh_config.j2
new file mode 100644
index 0000000..9f88fc2
--- /dev/null
+++ b/templates/ssh_config.j2
@@ -0,0 +1,5 @@
+Host {{ restic_ssh_host }}
+	User {{ restic_ssh_user }}
+	HostName {{ restic_ssh_hostname }}
+	IdentityFile {{ restic_ssh_private_key_path }}
+	Port {{ restic_ssh_port }}
diff --git a/templates/ssh_private_key.j2 b/templates/ssh_private_key.j2
new file mode 100644
index 0000000..f4dc3f3
--- /dev/null
+++ b/templates/ssh_private_key.j2
@@ -0,0 +1 @@
+{{ restic_ssh_private_key }}