################ # IMAP Mailboxes ################ - name: restore dovecot mailboxes hosts: imap_servers vars_files: ../../roles/dovecot/vars/main.yml vars: dovecot_temp_dir: /var/tmp/{{ backup_name }}-{{ inventory_hostname }}-mailboxes dovecot_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-mailboxes.tar.gz' dovecot_backup_sieve_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-sieve.tar.gz' tags: dovecot,imap tasks: - name: create temporary directory file: path: '{{ dovecot_temp_dir }}' owner: '{{ dovecot_vmail_user }}' group: '{{ dovecot_vmail_user }}' mode: 0770 state: directory - name: extract mailbox tarball unarchive: src: '{{ dovecot_backup_tarball }}' dest: '{{ dovecot_temp_dir }}' extra_opts: - --same-owner - --strip-components=1 - name: collect dovecot users command: doveadm user * register: dovecot_users changed_when: no - name: import mailboxes command: >- doveadm -o plugin/quota= sync -u {{ item | quote }} mdbox:{{ dovecot_temp_dir }}/{{ item | quote }}/mdbox loop: '{{ dovecot_users.stdout_lines }}' - name: drop FTS indexes command: doveadm fts rescan -A - name: reindex mailboxes command: doveadm index -A -q * - name: delete temporary directory file: path: '{{ dovecot_temp_dir }}' state: absent - name: extract sieve scripts unarchive: src: '{{ dovecot_backup_sieve_tarball }}' dest: '{{ dovecot_vmail_dir }}' extra_opts: - --same-owner ################## # Rspamd Databases ################## - name: restore rspamd databases hosts: rspamd_servers vars_files: - ../../roles/redis/vars/main.yml - ../../roles/rspamd/vars/main.yml vars: rspamd_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-rspamd.tar.gz' tags: rspamd tasks: - name: stop redis instances systemd: name: redis@{{ item }} state: stopped loop: - '{{ rspamd_redis_port }}' - '{{ rspamd_redis_bayes_port }}' - name: stop rspamd systemd: name: rspamd state: stopped - name: extract redis tarballs unarchive: src: '{{ rspamd_backup_tarball }}' dest: '{{ redis_home }}' extra_opts: - --strip-components=1 - --same-owner - name: start redis instances systemd: name: redis@{{ item }} state: started loop: - '{{ rspamd_redis_port }}' - '{{ rspamd_redis_bayes_port }}' - name: start rspamd systemd: name: rspamd state: started ################### # ZNC Configuration ################### - name: restore znc configuration hosts: znc_servers vars_files: ../../roles/znc/vars/main.yml vars: znc_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-znc.tar.gz' tags: znc tasks: - name: stop znc systemd: name: znc state: stopped - name: extract config tarball unarchive: src: '{{ znc_backup_tarball }}' dest: '{{ znc_home }}' extra_opts: - --strip-components=1 - --same-owner - name: start znc systemd: name: znc state: started ######################### # Syncthing Configuration ######################### - name: restore syncthing configuration hosts: syncthing_servers vars_files: ../../roles/syncthing/vars/main.yml vars: syncthing_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-syncthing.tar.gz' tags: syncthing tasks: - name: stop syncthing daemons command: systemctl stop syncthing-user@* - name: extract config tarball unarchive: src: '{{ syncthing_backup_tarball }}' dest: '{{ syncthing_home }}' extra_opts: - --strip-components=1 - --same-owner - name: collect syncthing users find: paths: '{{ syncthing_home }}' recurse: no file_type: directory register: syncthing_users - name: start syncthing daemons systemd: name: syncthing-user@{{ item }} state: started loop: "{{ syncthing_users.files | map(attribute='path') | map('basename') }}" ################## # Git Repositories ################## - name: restore git repositories hosts: git_servers vars_files: - ../../roles/gitolite/vars/main.yml - ../../roles/cgit/vars/main.yml vars: git_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-git.tar.gz' tags: git tasks: - name: extract git tarball unarchive: src: '{{ git_backup_tarball }}' dest: '{{ gitolite_home }}' extra_opts: - --strip-components=1 - --same-owner - name: clear cgit cache file: path: '{{ cgit_cache_dir }}' owner: apache mode: 0755 setype: _default state: '{{ item }}' loop: - absent - directory ###################### # PostgreSQL Databases ###################### - name: restore postgresql databases hosts: postgresql_servers vars_files: ../../roles/postgresql_server/vars/main.yml vars: postgresql_backup_gzip: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-pg_dumpall.sql.gz' postgresql_remote_gzip: /var/tmp/{{ postgresql_backup_gzip | basename }} tags: postgres,postgresql tasks: - name: copy backup gzip to remote host copy: src: '{{ postgresql_backup_gzip }}' dest: '{{ postgresql_remote_gzip }}' owner: '{{ postgresql_user }}' group: '{{ postgresql_user }}' mode: 0400 - name: import database backup shell: gunzip {{ postgresql_remote_gzip | quote }} --to-stdout | psql become: yes become_user: '{{ postgresql_user }}' - name: delete gzip file from remote host file: path: '{{ postgresql_remote_gzip }}' state: absent ######################## # Jellyfin Configuration ######################## - name: restore jellyfin configuration hosts: jellyfin_servers vars_files: ../../roles/jellyfin/vars/main.yml vars: jellyfin_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-jellyfin.tar.gz' tags: jellyfin tasks: - name: stop jellyfin systemd: name: jellyfin state: stopped - name: extract backup tarball unarchive: src: '{{ jellyfin_backup_tarball }}' dest: / extra_opts: - --same-owner - name: start jellyfin systemd: name: jellyfin state: started ################## # Mediawiki Images ################## - name: restore mediawiki images hosts: wiki_servers vars_files: ../../roles/mediawiki/vars/main.yml vars: mediawiki_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-mediawiki.tar.gz' tags: mediawiki,wiki tasks: - name: extract backup tarball unarchive: src: '{{ mediawiki_backup_tarball }}' dest: '{{ mediawiki_home }}/images' extra_opts: - --strip-components=1 - --same-owner ######################### # Photostructure Database ######################### - name: restore photostructure database hosts: photostructure_servers vars_files: - ../../roles/photostructure/vars/main.yml vars: photostructure_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-photostructure.tar' tags: photostructure tasks: - name: stop photostructure systemd: name: photostructure state: stopped - name: extract backup tarball unarchive: src: '{{ photostructure_backup_tarball }}' dest: '{{ photostructure_library }}' extra_opts: - --strip-components=1 - --same-owner - name: start photostructure systemd: name: photostructure state: started #################### # Cups Configuration #################### - name: restore cups configuration hosts: cups_servers vars: cups_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-cups.tar.gz' tags: cups tasks: - name: stop cups systemd: name: cups state: stopped - name: extract backup tarball unarchive: src: '{{ cups_backup_tarball }}' dest: /etc/cups extra_opts: - --same-owner - name: start cups systemd: name: cups state: started ############### # Asterisk Data ############### - name: restore asterisk data hosts: asterisk_servers vars_files: ../../roles/asterisk/vars/main.yml vars: asterisk_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-asterisk.tar.gz' tags: asterisk tasks: - name: stop asterisk systemd: name: asterisk state: stopped - name: extract backup tarball unarchive: src: '{{ asterisk_backup_tarball }}' dest: '{{ asterisk_data_dir }}' extra_opts: - --strip-components=1 - --same-owner - name: start asterisk systemd: name: asterisk state: started #################### # WebDAV Directories #################### - name: restore webdav directories hosts: dav_servers vars_files: ../../roles/sabredav/vars/main.yml vars: sabredav_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-webdav.tar.gz' tags: sabredav,dav,webdav tasks: - name: extract backup tarball unarchive: src: '{{ sabredav_backup_tarball }}' dest: '{{ sabredav_home }}/webdav' extra_opts: - --strip-components=1 - --same-owner ############### # Hastebin Data ############### - name: restore hastebin data hosts: pastebin_servers vars_files: ../../roles/hastebin/vars/main.yml vars: hastebin_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-hastebin.tar.gz' tags: hastebin,pastebin tasks: - name: extract backup tarball unarchive: src: '{{ hastebin_backup_tarball }}' dest: '{{ hastebin_data_dir }}' extra_opts: - --strip-components=1 - --same-owner ################## # Psitransfer Data ################## - name: restore psitransfer data hosts: filedrop_servers vars_files: ../../roles/psitransfer/vars/main.yml vars: psitransfer_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-psitransfer.tar.gz' tags: psitransfer tasks: - name: extract backup tarball unarchive: src: '{{ psitransfer_backup_tarball }}' dest: '{{ psitransfer_data_dir }}' extra_opts: - --strip-components=1 - --same-owner ################## # Apache WWW Files ################## - name: restore public apache files hosts: web_servers vars_files: ../../roles/apache/vars/main.yml vars: apache_backup_tarball: '{{ backup_path }}/{{ backup_name }}-{{ inventory_hostname }}-www.tar.gz' tags: apache,www tasks: - name: extract backup tarball unarchive: src: '{{ apache_backup_tarball }}' dest: '{{ apache_public_dir }}' extra_opts: - --same-owner ################ # FreeIPA Domain ################ - name: restore freeipa domain hosts: freeipa_master vars_files: ../../roles/freeipa_server/vars/main.yml vars: freeipa_backup_tarball: '{{ backup_path }}/{{ backup_name }}-ipa-{{ freeipa_realm }}.tar.gz' freeipa_remote_backup_path: '{{ freeipa_backup_dir }}/{{ backup_name }}' tags: ipa,freeipa tasks: # Only restore FreeIPA when explicitly requested - it is quite disruptive. - when: ansible_run_tags | intersect(['ipa','freeipa']) | length > 0 block: - name: create backup directory on remote host file: path: '{{ freeipa_remote_backup_path }}' state: directory mode: 0700 - name: extract backup tarball unarchive: src: '{{ freeipa_backup_tarball }}' dest: '{{ freeipa_remote_backup_path }}' extra_opts: - --strip-components=1 - --same-owner - name: restore freeipa domain from backup command: ipa-restore {{ backup_name | quote }} --unattended --password={{ freeipa_ds_password | quote }} - name: clear sssd cache command: sss_cache -E - name: delete backup files from remote host file: path: '{{ freeipa_remote_backup_path }}' state: absent