aboutsummaryrefslogtreecommitdiffstats
path: root/playbooks/util/restore.yml
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/util/restore.yml')
-rw-r--r--playbooks/util/restore.yml477
1 files changed, 477 insertions, 0 deletions
diff --git a/playbooks/util/restore.yml b/playbooks/util/restore.yml
new file mode 100644
index 0000000..3a0154c
--- /dev/null
+++ b/playbooks/util/restore.yml
@@ -0,0 +1,477 @@
+################
+# IMAP Mailboxes
+################
+- name: restore dovecot mailboxes
+ hosts: imap_servers
+ vars_files: ../../roles/dovecot/vars/main.yml
+ vars:
+ dovecot_temp_dir: /var/tmp/{{ backup_name }}-{{ inventory_hostname }}-mailboxes
+ dovecot_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-mailboxes.tar.gz'
+ dovecot_backup_sieve_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-sieve.tar.gz'
+ tags: dovecot,imap
+ tasks:
+ - name: create temporary directory
+ file:
+ path: '{{ dovecot_temp_dir }}'
+ owner: '{{ dovecot_vmail_user }}'
+ group: '{{ dovecot_vmail_user }}'
+ mode: 0770
+ state: directory
+
+ - name: extract mailbox tarball
+ unarchive:
+ src: '{{ dovecot_backup_tarball }}'
+ dest: '{{ dovecot_temp_dir }}'
+ extra_opts:
+ - --same-owner
+ - --strip-components=1
+
+ - name: collect dovecot users
+ command: doveadm user *
+ register: dovecot_users
+ changed_when: no
+
+ - name: import mailboxes
+ command: >-
+ doveadm -o plugin/quota= sync -u {{ item | quote }}
+ mdbox:{{ dovecot_temp_dir }}/{{ item | quote }}/mdbox
+ loop: '{{ dovecot_users.stdout_lines }}'
+
+ - name: drop FTS indexes
+ command: doveadm fts rescan -A
+
+ - name: reindex mailboxes
+ command: doveadm index -A -q *
+
+ - name: delete temporary directory
+ file:
+ path: '{{ dovecot_temp_dir }}'
+ state: absent
+
+ - name: extract sieve scripts
+ unarchive:
+ src: '{{ dovecot_backup_sieve_tarball }}'
+ dest: '{{ dovecot_vmail_dir }}'
+ extra_opts:
+ - --same-owner
+
+
+##################
+# Rspamd Databases
+##################
+- name: restore rspamd databases
+ hosts: rspamd_servers
+ vars_files:
+ - ../../roles/redis/vars/main.yml
+ - ../../roles/rspamd/vars/main.yml
+ vars:
+ rspamd_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-rspamd.tar.gz'
+ tags: rspamd
+ tasks:
+ - name: stop redis instances
+ systemd:
+ name: redis@{{ item }}
+ state: stopped
+ loop:
+ - '{{ rspamd_redis_port }}'
+ - '{{ rspamd_redis_bayes_port }}'
+
+ - name: stop rspamd
+ systemd:
+ name: rspamd
+ state: stopped
+
+ - name: extract redis tarballs
+ unarchive:
+ src: '{{ rspamd_backup_tarball }}'
+ dest: '{{ redis_home }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: start redis instances
+ systemd:
+ name: redis@{{ item }}
+ state: started
+ loop:
+ - '{{ rspamd_redis_port }}'
+ - '{{ rspamd_redis_bayes_port }}'
+
+ - name: start rspamd
+ systemd:
+ name: rspamd
+ state: started
+
+
+###################
+# ZNC Configuration
+###################
+- name: restore znc configuration
+ hosts: znc_servers
+ vars_files: ../../roles/znc/vars/main.yml
+ vars:
+ znc_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-znc.tar.gz'
+ tags: znc
+ tasks:
+ - name: stop znc
+ systemd:
+ name: znc
+ state: stopped
+
+ - name: extract config tarball
+ unarchive:
+ src: '{{ znc_backup_tarball }}'
+ dest: '{{ znc_home }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: start znc
+ systemd:
+ name: znc
+ state: started
+
+
+#########################
+# Syncthing Configuration
+#########################
+- name: restore syncthing configuration
+ hosts: syncthing_servers
+ vars_files: ../../roles/syncthing/vars/main.yml
+ vars:
+ syncthing_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-syncthing.tar.gz'
+ tags: syncthing
+ tasks:
+ - name: stop syncthing daemons
+ command: systemctl stop syncthing-user@*
+
+ - name: extract config tarball
+ unarchive:
+ src: '{{ syncthing_backup_tarball }}'
+ dest: '{{ syncthing_home }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: collect syncthing users
+ find:
+ paths: '{{ syncthing_home }}'
+ recurse: no
+ file_type: directory
+ register: syncthing_users
+
+ - name: start syncthing daemons
+ systemd:
+ name: syncthing-user@{{ item }}
+ state: started
+ loop: "{{ syncthing_users.files | map(attribute='path') | map('basename') }}"
+
+
+##################
+# Git Repositories
+##################
+- name: restore git repositories
+ hosts: git_servers
+ vars_files:
+ - ../../roles/gitolite/vars/main.yml
+ - ../../roles/cgit/vars/main.yml
+ vars:
+ git_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-git.tar.gz'
+ tags: git
+ tasks:
+ - name: extract git tarball
+ unarchive:
+ src: '{{ git_backup_tarball }}'
+ dest: '{{ gitolite_home }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: clear cgit cache
+ file:
+ path: '{{ cgit_cache_dir }}'
+ owner: apache
+ mode: 0755
+ setype: _default
+ state: '{{ item }}'
+ loop:
+ - absent
+ - directory
+
+
+######################
+# PostgreSQL Databases
+######################
+- name: restore postgresql databases
+ hosts: postgresql_servers
+ vars_files: ../../roles/postgresql_server/vars/main.yml
+ vars:
+ postgresql_backup_gzip: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-pg_dumpall.sql.gz'
+ postgresql_remote_gzip: /var/tmp/{{ postgresql_backup_gzip | basename }}
+ tags: postgres,postgresql
+ tasks:
+ - name: copy backup gzip to remote host
+ copy:
+ src: '{{ postgresql_backup_gzip }}'
+ dest: '{{ postgresql_remote_gzip }}'
+ owner: '{{ postgresql_user }}'
+ group: '{{ postgresql_user }}'
+ mode: 0400
+
+ - name: import database backup
+ shell: gunzip {{ postgresql_remote_gzip | quote }} --to-stdout | psql
+ become: yes
+ become_user: '{{ postgresql_user }}'
+
+ - name: delete gzip file from remote host
+ file:
+ path: '{{ postgresql_remote_gzip }}'
+ state: absent
+
+
+########################
+# Jellyfin Configuration
+########################
+- name: restore jellyfin configuration
+ hosts: jellyfin_servers
+ vars_files: ../../roles/jellyfin/vars/main.yml
+ vars:
+ jellyfin_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-jellyfin.tar.gz'
+ tags: jellyfin
+ tasks:
+ - name: stop jellyfin
+ systemd:
+ name: jellyfin
+ state: stopped
+
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ jellyfin_backup_tarball }}'
+ dest: /
+ extra_opts:
+ - --same-owner
+
+ - name: start jellyfin
+ systemd:
+ name: jellyfin
+ state: started
+
+
+##################
+# Mediawiki Images
+##################
+- name: restore mediawiki images
+ hosts: wiki_servers
+ vars_files: ../../roles/mediawiki/vars/main.yml
+ vars:
+ mediawiki_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-mediawiki.tar.gz'
+ tags: mediawiki,wiki
+ tasks:
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ mediawiki_backup_tarball }}'
+ dest: '{{ mediawiki_home }}/images'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+
+#########################
+# Photostructure Database
+#########################
+- name: restore photostructure database
+ hosts: photostructure_servers
+ vars_files:
+ - ../../roles/photostructure/vars/main.yml
+ vars:
+ photostructure_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-photostructure.tar'
+ tags: photostructure
+ tasks:
+ - name: stop photostructure
+ systemd:
+ name: photostructure
+ state: stopped
+
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ photostructure_backup_tarball }}'
+ dest: '{{ photostructure_library }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: start photostructure
+ systemd:
+ name: photostructure
+ state: started
+
+
+####################
+# Cups Configuration
+####################
+- name: restore cups configuration
+ hosts: cups_servers
+ vars:
+ cups_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-cups.tar.gz'
+ tags: cups
+ tasks:
+ - name: stop cups
+ systemd:
+ name: cups
+ state: stopped
+
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ cups_backup_tarball }}'
+ dest: /etc/cups
+ extra_opts:
+ - --same-owner
+
+ - name: start cups
+ systemd:
+ name: cups
+ state: started
+
+
+###############
+# Asterisk Data
+###############
+- name: restore asterisk data
+ hosts: asterisk_servers
+ vars_files: ../../roles/asterisk/vars/main.yml
+ vars:
+ asterisk_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-asterisk.tar.gz'
+ tags: asterisk
+ tasks:
+ - name: stop asterisk
+ systemd:
+ name: asterisk
+ state: stopped
+
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ asterisk_backup_tarball }}'
+ dest: '{{ asterisk_data_dir }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: start asterisk
+ systemd:
+ name: asterisk
+ state: started
+
+
+####################
+# WebDAV Directories
+####################
+- name: restore webdav directories
+ hosts: dav_servers
+ vars_files: ../../roles/sabredav/vars/main.yml
+ vars:
+ sabredav_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-webdav.tar.gz'
+ tags: sabredav,dav,webdav
+ tasks:
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ sabredav_backup_tarball }}'
+ dest: '{{ sabredav_home }}/webdav'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+
+###############
+# Hastebin Data
+###############
+- name: restore hastebin data
+ hosts: pastebin_servers
+ vars_files: ../../roles/hastebin/vars/main.yml
+ vars:
+ hastebin_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-hastebin.tar.gz'
+ tags: hastebin,pastebin
+ tasks:
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ hastebin_backup_tarball }}'
+ dest: '{{ hastebin_data_dir }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+
+##################
+# Psitransfer Data
+##################
+- name: restore psitransfer data
+ hosts: filedrop_servers
+ vars_files: ../../roles/psitransfer/vars/main.yml
+ vars:
+ psitransfer_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-psitransfer.tar.gz'
+ tags: psitransfer
+ tasks:
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ psitransfer_backup_tarball }}'
+ dest: '{{ psitransfer_data_dir }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+
+##################
+# Apache WWW Files
+##################
+- name: restore public apache files
+ hosts: web_servers
+ vars_files: ../../roles/apache/vars/main.yml
+ vars:
+ apache_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-www.tar.gz'
+ tags: apache,www
+ tasks:
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ apache_backup_tarball }}'
+ dest: '{{ apache_public_dir }}'
+ extra_opts:
+ - --same-owner
+
+
+################
+# FreeIPA Domain
+################
+- name: restore freeipa domain
+ hosts: freeipa_master
+ vars_files: ../../roles/freeipa_server/vars/main.yml
+ vars:
+ freeipa_backup_tarball: '{{ backup_path }}/{{ backup_name }}-ipa-{{ freeipa_realm }}.tar.gz'
+ freeipa_remote_backup_path: '{{ freeipa_backup_dir }}/{{ backup_name }}'
+ tags: ipa,freeipa
+ tasks:
+ # Only restore FreeIPA when explicitly requested - it is quite disruptive.
+ - when: ansible_run_tags | intersect(['ipa','freeipa']) | length > 0
+ block:
+ - name: create backup directory on remote host
+ file:
+ path: '{{ freeipa_remote_backup_path }}'
+ state: directory
+ mode: 0700
+
+ - name: extract backup tarball
+ unarchive:
+ src: '{{ freeipa_backup_tarball }}'
+ dest: '{{ freeipa_remote_backup_path }}'
+ extra_opts:
+ - --strip-components=1
+ - --same-owner
+
+ - name: restore freeipa domain from backup
+ command: ipa-restore {{ backup_name | quote }} --unattended --password={{ freeipa_ds_password | quote }}
+
+ - name: clear sssd cache
+ command: sss_cache -E
+
+ - name: delete backup files from remote host
+ file:
+ path: '{{ freeipa_remote_backup_path }}'
+ state: absent
generated by cgit (git 2.34.1) at 2024-09-18 21:44:57 -0400