snapshot: add support for btrbk
Also simplify `use_polkit` check everwhere.
This commit is contained in:
parent
40ac02c67e
commit
4007998edf
1
TODO.md
1
TODO.md
|
@ -6,7 +6,6 @@ Stuff that are planned to be added/changed.
|
|||
|
||||
- [ ] /etc/security/access.conf
|
||||
- [ ] Filesystem snapshot:
|
||||
- [ ] btrbk (rootfs=btrfs)
|
||||
- [ ] sanoid / zrepl (rootfs=zfs)
|
||||
- [ ] Filesystem backup (I don't have spare hard drives -_- so not supported for now):
|
||||
- [ ] Local incremental backups (to spare disk)
|
||||
|
|
|
@ -90,7 +90,7 @@ disable_uefi_access: false
|
|||
|
||||
# Should polkit be used
|
||||
# NOTE: have no effect when seat_manager == 'elogind'
|
||||
polkit: false
|
||||
use_polkit: false
|
||||
|
||||
# Should be a file name existed inside /usr/share/consolefonts/
|
||||
console_font: ter-h22b.psf.gz
|
||||
|
@ -165,7 +165,26 @@ snapper:
|
|||
timeline:
|
||||
cleanup_enabled: false
|
||||
|
||||
# NOTE: some caveats to reduce config complexity
|
||||
# - use the same targets for all subvolumes in each volume definition
|
||||
# - use the same global retention policy for snapshot/backup/archive
|
||||
# - there's only 1 global ssh config
|
||||
btrbk:
|
||||
options:
|
||||
lockfile: /var/lock/btrbk.lock
|
||||
logfile: /var/log/btrbk.log
|
||||
syslog: cron
|
||||
timestamp_format: long
|
||||
snapshot:
|
||||
min_age: 6h
|
||||
policy: 16h 8d 4w 2m
|
||||
volumes:
|
||||
- path: /mnt/root
|
||||
snapshot_dir: '@snapshots'
|
||||
subvolumes: ['@home', '@']
|
||||
- path: /mnt/media
|
||||
snapshot_dir: '@snapshots'
|
||||
subvolumes: ['@']
|
||||
|
||||
sanoid:
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
# Note: Add the normal user to polkitd group afterward
|
||||
- name: fstab | Configure /proc restriction
|
||||
vars:
|
||||
proc_group: '{{ use_polkit | ternary("polkitd", "wheel") }}'
|
||||
proc_group: '{{ (use_polkit or (seat_manager == "elogind")) | ternary("polkitd", "wheel") }}'
|
||||
block:
|
||||
# Busybox's mount doesn't interpret group name in GID, so check it
|
||||
# wheel group on Alpine by default has GID=10
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
regexp: '^#?{{ item[1] | regex_replace(" =.*$", "") }}'
|
||||
line: '{{ item[1] }}'
|
||||
loop: '{{ libvirt_daemons | product(libvirt_daemons_conf) | list }}'
|
||||
when: not use_polkit
|
||||
when: (not use_polkit) and (seat_manager != 'elogind')
|
||||
|
||||
- name: libvirt | Start modular services on runlevel 'default'
|
||||
service:
|
||||
|
|
|
@ -1,7 +1,14 @@
|
|||
---
|
||||
- name: Create .snapshots subvolumes manually
|
||||
- name: Create snapshots btrfs subvolumes manually
|
||||
debug:
|
||||
msg: >
|
||||
Please create .snapshots/ directories and corresponding mounted subvolumes
|
||||
under {{ snapper | map(attribute='subvolume') | join(', ') }} targets
|
||||
manually.
|
||||
msg: |
|
||||
{% if snapshot_tool == 'snapper' %}
|
||||
Please create .snapshots/ directories and corresponding mounted subvolumes under {{ snapper | map(attribute='subvolume') | join(', ') }} paths manually.
|
||||
{% elif snapshot_tool == 'btrbk' %}
|
||||
Please create corresponding subvolumes:
|
||||
{% for volume in btrbk.volumes %}
|
||||
{% if volume.snapshot_dir is defined %}
|
||||
* {{ volume.snapshot_dir }} inside {{ volume.path }} path.
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
|
|
@ -1 +1,15 @@
|
|||
---
|
||||
- name: btrbk | Install btrbk package
|
||||
community.general.apk:
|
||||
name: btrbk
|
||||
state: present
|
||||
|
||||
- name: btrbk | Copy config btrbk.conf
|
||||
template:
|
||||
src: btrbk.conf.j2
|
||||
dest: /etc/btrbk/btrbk.conf
|
||||
mode: '644'
|
||||
owner: root
|
||||
group: root
|
||||
notify:
|
||||
- Create snapshots btrfs subvolumes manually
|
||||
|
|
|
@ -23,4 +23,4 @@
|
|||
owner: root
|
||||
group: root
|
||||
notify:
|
||||
- Create .snapshots subvolumes manually
|
||||
- Create snapshots btrfs subvolumes manually
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
# btrbk.conf
|
||||
# See btrbk.conf(5) for more details.
|
||||
|
||||
{% if btrbk.options.logfile is defined %}
|
||||
transaction_log {{ btrbk.options.logfile }}
|
||||
{% endif %}
|
||||
|
||||
{% if btrbk.options.syslog is defined %}
|
||||
transaction_syslog {{ btrbk.options.syslog }}
|
||||
{% endif %}
|
||||
|
||||
{% if btrbk.options.lockfile is defined %}
|
||||
lockfile {{ btrbk.options.lockfile }}
|
||||
{% endif %}
|
||||
|
||||
{% if btrbk.options.ssh.remote_user is defined %}
|
||||
ssh_user {{ btrbk.options.ssh.remote_user }}
|
||||
{% endif %}
|
||||
{% if btrbk.options.ssh.private_key_path is defined %}
|
||||
ssh_identity {{ btrbk.options.ssh.private_key_path }}
|
||||
{% endif %}
|
||||
|
||||
{% for type in ['snapshot', 'target', 'archive'] %}
|
||||
|
||||
{% if btrbk.options[type].policy is defined %}
|
||||
{{ type }}_preserve {{ btrbk.options[type].policy }}
|
||||
{% endif %}
|
||||
{% if btrbk.options[type].min_age is defined %}
|
||||
{{ type }}_preserve_min {{ btrbk.options[type].min_age }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
timestamp_format {{ btrbk.options.timestamp_format }}
|
||||
|
||||
compat busybox
|
||||
|
||||
backend_local_user btrfs-progs-doas
|
||||
backend_remote btrfs-progs-doas
|
||||
|
||||
stream_compress zstd
|
||||
|
||||
{% if btrbk.options.stream_buffer.local is defined %}
|
||||
stream_buffer {{ btrbk.options.stream_buffer.local }}
|
||||
{% endif %}
|
||||
{% if btrbk.options.stream_buffer.remote is defined %}
|
||||
stream_buffer_remote {{ btrbk.options.stream_buffer.remote }}
|
||||
{% endif %}
|
||||
|
||||
{% for volume in btrbk.volumes %}
|
||||
|
||||
volume {{ volume.path }}
|
||||
snapshot_dir {{ volume.snapshot_dir }}
|
||||
{% if volume.archive_exclude_pattern is defined %}
|
||||
archive_exclude {{ archive_exclude_pattern }}
|
||||
{% endif %}
|
||||
{% if volume.subvolumes is defined %}
|
||||
{% for subvolume in volume.subvolumes %}
|
||||
subvolume {{ subvolume }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if volume.targets is defined %}
|
||||
{% for target in volume.targets %}
|
||||
target {{ target }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
|
@ -35,7 +35,7 @@
|
|||
append: true
|
||||
groups:
|
||||
- polkitd
|
||||
when: use_polkit
|
||||
when: use_polkit or (seat_manager == 'elogind')
|
||||
|
||||
- name: user | Add the user to seat group
|
||||
user:
|
||||
|
|
|
@ -6,8 +6,6 @@
|
|||
# Determine the fstype of root filesystem
|
||||
# PERF: a shorter version but requires `py3-jmespath`: '{{ ansible_mounts | json_query("[?mount == `/`].fstype") | first }}'
|
||||
rootfs: '{{ ansible_mounts | selectattr("mount", "equalto", "/") | map(attribute="fstype") | first }}'
|
||||
# elogind needs polkit to function
|
||||
use_polkit: '{{ (seat_manager == "elogind") | ternary("True", polkit) }}'
|
||||
pre_tasks:
|
||||
- name: Sanity checks
|
||||
tags: always
|
||||
|
|
Reference in New Issue