ansible role to cleanup restic backup at the writeonly restic rest-server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
L3D 0c96ce2b90
Merge pull request #18 from roles-ansible/dependabot/github_actions/robertdebock/galaxy-action-1.2.1
10 months ago
.github Bump robertdebock/galaxy-action from 1.2.0 to 1.2.1 10 months ago
defaults Archiv settings expanded 1 year ago
files implement logrotate 2 years ago
handlers introducing systemd timer 1 year ago
meta updating... 1 year ago
tasks update linting 1 year ago
templates improve pruning 1 year ago
vars update linting 1 year ago
.gitignore improve prune settings 2 years ago
.yamllint improve linting 2 years ago
LICENSE start preparing role for archiv cleanup functions 2 years ago improve prune settings 2 years ago


ansible role to "archive" restic backups.

The scenario for this role is:

  • You have the restic rest server running in write-only mode
  • you send backups from other servers to your restic backup server

Now you don't want to store all backups indefinitely, but only for the last days a daily backup and otherwise weekly, monthly, yearly a few... just like you do it.

Of course you don't want to give access to others, so you solve the whole thing with a local cronjob. And this cronjob is built with this Ansible role.

As a bonus feature, you can optionally transfer the backups to another disk (even with a different password). Which is also a very charming backup concept from a security point of view.

this role does not install restic. For that, we recommend this ansible role. We have had good experience with this role for the restic rest server.


# which repos should we cleanup by default
restic_archiver__repos: {}
#  - name: example_server:
#    location: /srv/restic/example_server_repo
#    password: securepassword4eXaMpleSserver
#  - name: other_server
#    location: /srv/restic/other_server_repo
#    password: xtrasecuredifferentpassword4other
#    archive: true
#    archive_location: /mnt/archive/other_server_repo
#    archive_password: archive4other_server_password
#    archive_cleanup: true
#    keep_last: 5
#    keep_hourly: 4
#    keep_daily: 1
#    keep_weekly: 1
#    keep_monthly: 1
#    keep_yearly: 1
#    keep_within: 1
#    prune: true

# how long should we store all backups by default
restic_archiver__keep: 5
restic_archiver__keep_hourly: 16
restic_archiver__keep_daily: 14
restic_archiver__keep_weekly: 8
restic_archiver__keep_monthly: 16
restic_archiver__keep_yearly: 12

# owner and user of all restic stuff
restic_archiver__owner: 'root'
restic_archiver__group: 'root'

# shedule restic cronjob
restic_archiver__hour: '3'
restic_archiver__minute: '32'

# validate if disk is mounted
restic_archiver__mount_required: false
# which disk have to be mounted
restic_archiver__mount_disk: '/mnt/'
# umount after use?
restic_archiver__umount_after_usage: false

# required packages
  - cron

  restic_archiver__log_output: true
  restic_archiver__logrotate: true

  restic_archiver__mailsummary: false
  restic_archiver__mail_on_error: false
  restic_archiver__mailaddress: 'root@localhost'

# restic default options
restic_archiver__default_opt: ''

# additional msgs
restic_archiver__additional_mail_msg: ''
# version check for this playbook (true is recomended)
submodules_versioncheck: false

restic_archiver__cache_config: false
restic_archiver__cache_dir: '~/.cache/restic'
restic_archiver__prune: false