Backup_Rsync
This ansible role allows you to back up remote files to some place on your machine.
you need to customise this a bit before it works for you.
Usage
This assumes you have ssh access to the server with a user that has sudo capabilities.
What to edit before running
Ansible inventory
Adjust the content of the inventories/ directory according to The documentation.
The file here contains a single group server with a single host.
You can rename the file and adjust the content to your servers host name. If your hostname is my.example.com:
mv inventories/torbridge inventories/my.example.com
cat inventories/my.example.com
[server]
my.example.com
This file is used with the --inventory parameter when running, if you renamed the file, you have to adjust the ansible-playbook run command accordingly.
Ansible variables
There are two variables in site.yml and restore.yml that you need to adjust:
user_name
this is the remote user.
backup_target
this is the target of the backup (on your local machine).
Careful with trailing / (see manpages)
rsync config
backup_source
This file lists all files/directories you want to back up and is used as the --files-from parameter value for rsync (see manpages)
Careful with trailing / (see manpages)
rsync-excludes.txt
This file lists all files/file patterns you want to exclude from the backup and is used as the --exclude-from parameter value for rsync (see manpages)
A good starting point might be rsync-homedir-excludes
How to run
Backup
Depending on your inventory, you have to adjust the parameter for --inventory.
This asks for your remote user sudo password.
ansible-playbook --inventory inventories/torbridge --ask-become-pass site.yml
Restore
Depending on your inventory, you have to adjust the parameter for --inventory.
This asks for your remote user sudo password.
ansible-playbook --inventory inventories/torbridge --ask-become-pass restore.yml
Details
How it works
This role temporarily places a file into /etc/sudoers.d/ that enables password less sudo rsync (only sudo rsync) on the remote machine.
Then it runs rsync on the local machine with some flags (see manpages) - some of them mentioned here:
--files-from=backup_sourcereads which files to back up frombackup_source--exclude-from=rsync-excludes.txtreads which files to exclude fromrsync-excludes.txt--log-file=/tmp/rsync_log.txtlogs rsync to/tmp/rsync_log.txt--fake-superstores privileged file properties
After rsync, the file in /etc/sudoers.d/ is removed again (so password-less sudo rsync is disabled again).
Backup
The rsync command (with variable $user, $remote and $backup_target) is
rsync -arq --delete --fake-super --rsync-path="sudo rsync" --files-from=backup_source --exclude-from=rsync-excludes.txt --log-file=/tmp/rsync_log.txt $user@$remote:/ $backup_target
Restore
The rsync command (with variable $user, $remote and $backup_target) is
rsync -arq --delete --fake-super --rsync-path="sudo rsync" --files-from=backup_source --exclude-from=rsync-excludes.txt --log-file=/tmp/rsync_log.txt $backup_target $user@$remote:/
Files
backup_sourceconfigures which files to back upinventories/the ansible inventoryREADME.mdthis fileroles/backup_rsync/the ansible role filesrsync-excludes.txtconfigures which files/file patterns to exclude with rsyncsite.ymlthe main ansible filerestore.ymlthe restore ansible file