diff --git a/LICENSE b/LICENSE index ca30e77..8c60438 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021-2022 FollieHiyuki +Copyright (c) 2021-2023 Hoang Nguyen Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: diff --git a/TODO.md b/TODO.md index 1650455..04ac1f5 100644 --- a/TODO.md +++ b/TODO.md @@ -6,7 +6,7 @@ Stuff that are planned to be added/changed. - [ ] /etc/security/access.conf - [ ] Filesystem snapshot: - - [ ] sanoid / zrepl (rootfs=zfs) + - [ ] zrepl (rootfs=zfs) - [ ] Root on tmpfs - [ ] Filesystem backup (I don't have spare hard drives -_- so not supported for now): - [ ] Local incremental backups (to spare disk) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3b30aa3..77753eb 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -135,7 +135,6 @@ earlyoom: auditd_logrotate_daily: false # Configuration for filesystem snapshot tools ───────────────────────────────── -# NOTE: these are examples to take note of available options snapper: - name: home @@ -189,7 +188,23 @@ btrbk: snapshot_dir: '@snapshots' subvolumes: ['@'] +# See /etc/sanoid/sanoid.defaults.conf file for all config options sanoid: + templates: + production: + frequent_period: 30 + hourly: 16 + daily: 8 + weekly: 4 + monthly: 2 + autosnap: 'yes' + autoprune: 'yes' + datasets: + rpool/ALPINE/root: + use_template: production + rpool/ALPINE/home: + use_template: production + frequent_period: 15 zrepl: diff --git a/roles/dns/files/domains-blocklist-local-additions.txt b/roles/dns/files/domains-blocklist-local-additions.txt index 31bca2a..648d1a7 100644 --- a/roles/dns/files/domains-blocklist-local-additions.txt +++ b/roles/dns/files/domains-blocklist-local-additions.txt @@ -29,3 +29,5 @@ internetbrands.com # Ubuntu's motd script sends way too much information to Canonical motd.ubuntu.com + +*.zip diff --git a/roles/snapshot/tasks/sanoid.yml b/roles/snapshot/tasks/sanoid.yml index ed97d53..ebe7e89 100644 --- a/roles/snapshot/tasks/sanoid.yml +++ b/roles/snapshot/tasks/sanoid.yml @@ -1 +1,14 @@ --- +- name: sanoid | Install sanoid and syncoid packages + community.general.apk: + name: sanoid, syncoid + state: present + +# 'sanoid' APK package comes with a 15min cronjob, so we only need to modify the configuration file +- name: sanoid | Create configuration file + template: + src: sanoid.conf.j2 + dest: /etc/sanoid/sanoid.conf + mode: '644' + owner: root + group: root diff --git a/roles/snapshot/templates/sanoid.conf.j2 b/roles/snapshot/templates/sanoid.conf.j2 new file mode 100644 index 0000000..79f5ad4 --- /dev/null +++ b/roles/snapshot/templates/sanoid.conf.j2 @@ -0,0 +1,18 @@ +{% for dataset in (sanoid.datasets | dict2items) %} +[{{ dataset.key }}] +{% for option in (dataset.value | dict2items) %} + {{ option.key }} = {{ option.value }} +{% endfor %} + +{% endfor %} +############################# +# templates below this line # +############################# + +{% for template in (sanoid.templates | dict2items) %} +[template_{{ template.key }}] +{% for option in (template.value | dict2items) %} + {{ option.key }} = {{ option.value }} +{% endfor %} + +{% endfor %}