Move borgmatic template to a git-crypt file
This commit is contained in:
Benoit S
parent
6bf3843489
commit
13f3ccf78d
5 changed files with 5 additions and 10 deletions
1
.gitattributes
vendored
1
.gitattributes
vendored
|
|
@ -1 +1,2 @@
|
||||||
files/sasl_passwd filter=git-crypt diff=git-crypt
|
files/sasl_passwd filter=git-crypt diff=git-crypt
|
||||||
|
files/borgmatic.yaml filter=git-crypt diff=git-crypt
|
||||||
|
|
|
||||||
BIN
files/borgmatic.yaml
Normal file
BIN
files/borgmatic.yaml
Normal file
Binary file not shown.
|
|
@ -4,7 +4,7 @@ location:
|
||||||
|
|
||||||
one_file_system: false
|
one_file_system: false
|
||||||
repositories:
|
repositories:
|
||||||
- quv7z6k8@quv7z6k8.repo.borgbase.com:repo
|
- <repo>
|
||||||
|
|
||||||
exclude_patterns:
|
exclude_patterns:
|
||||||
- ~/*/.cache
|
- ~/*/.cache
|
||||||
|
|
@ -14,7 +14,7 @@ location:
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
compression: auto,zstd
|
compression: auto,zstd
|
||||||
encryption_passphrase: '{{ host.data.borg_passphrase }}'
|
encryption_passphrase: '<passphrase>'
|
||||||
archive_name_format: '{hostname}-{now}'
|
archive_name_format: '{hostname}-{now}'
|
||||||
|
|
||||||
retention:
|
retention:
|
||||||
|
|
@ -43,4 +43,4 @@ hooks:
|
||||||
after_backup:
|
after_backup:
|
||||||
- echo "`date` - Finished backup"
|
- echo "`date` - Finished backup"
|
||||||
|
|
||||||
healthchecks: {{ host.data.borg_healthchecks }}
|
healthchecks: <healthchecks>
|
||||||
|
|
@ -6,12 +6,6 @@ password = getpass('Please provide the secret password: ')
|
||||||
def get_secret(crypted_value):
|
def get_secret(crypted_value):
|
||||||
return privy.peek(crypted_value, password)
|
return privy.peek(crypted_value, password)
|
||||||
|
|
||||||
b_borg_passphrase = get_secret(b'1$2$o9juQh0wvpWhOsXHhh-xyimKIpWAUOk9MgLeSHiM_NA=$Z0FBQUFBQmdGb3U0RmNfaDdYYkVfU1pvdW9SbXFJMC1GN2FsSXJoTVpkVENaRlN1V2ZiOVNpalk2Z28zS3R5bFRWMkh3VnQ4cFhIZVhtWVphWDhwQi00ejJsWS1pMkZMSGhvTnlVTi15aTBLejdTTHVjdGZLYUtqRUY0Wm9Lc19ISTZ3Wkc1SHJFLWNIMUNtekFXMzFBV1BMN1hNZlludG5xMU9WdkNPM3lwaDZfWFpESExaVHdFPQ==')
|
|
||||||
borg_passphrase = b_borg_passphrase.decode('utf-8')
|
|
||||||
|
|
||||||
b_borg_healthchecks = get_secret(b'1$2$qCFfK9b1A2D-xf3oEJ5uwOt1r3QOm0DJGsi_hKKjk0Q=$Z0FBQUFBQmdVeFFnZ0c1SUhhSzNBQ3h3MzRxLXd1b1luSjl6NjcxdzdxdjBFU3pncG1jSVYySFNlV0dZdU5VaU0wRVkxSEJveU01RU9Oby1uU1U5dXExQXlKNG9xNmxMeDRfNW9tUXprSzVFaWFYdWlya0V0TmlWQ1ZDdk5JRUhrdVFXdW5LOFh4ODNnak1RcGJIOVI5SDFtN3g1T1pWMkh3PT0=')
|
|
||||||
borg_healthchecks = b_borg_healthchecks.decode('utf-8')
|
|
||||||
|
|
||||||
b_zfs_healthchecks = get_secret(b'1$2$Km9O6WZsSvCsvwcPxl0v27FXK6ZiI05OOThCLGmp0iI=$Z0FBQUFBQmdVVmRQS1F4SllzWWxkLU9UYjNQMXBaYmZIUFAxN0Q2dmh6S2M0ZHQwMUxra1R2aTZEbWVqeG9jRGZYeUtla1FncEFMMFc0VHg1ZXZoeDl6WWgzdUFMMHNiQ3J5Y1hmTzFXTlg4bVFGQjVUVndyNWt3VUZ2ZUI5OGU1UzlVQkhaSlFhc2pna3dCLTNzT051cGw0a1MyNWRqM1Z3PT0=')
|
b_zfs_healthchecks = get_secret(b'1$2$Km9O6WZsSvCsvwcPxl0v27FXK6ZiI05OOThCLGmp0iI=$Z0FBQUFBQmdVVmRQS1F4SllzWWxkLU9UYjNQMXBaYmZIUFAxN0Q2dmh6S2M0ZHQwMUxra1R2aTZEbWVqeG9jRGZYeUtla1FncEFMMFc0VHg1ZXZoeDl6WWgzdUFMMHNiQ3J5Y1hmTzFXTlg4bVFGQjVUVndyNWt3VUZ2ZUI5OGU1UzlVQkhaSlFhc2pna3dCLTNzT051cGw0a1MyNWRqM1Z3PT0=')
|
||||||
zfs_healthchecks = b_zfs_healthchecks.decode('utf-8')
|
zfs_healthchecks = b_zfs_healthchecks.decode('utf-8')
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -51,7 +51,7 @@ if not host.fact.command('mount | grep databases || true'):
|
||||||
|
|
||||||
files.template(
|
files.template(
|
||||||
name='Push borgmatic config',
|
name='Push borgmatic config',
|
||||||
src='templates/borgmatic.yaml.j2',
|
src='files/borgmatic.yaml',
|
||||||
dest='/etc/borgmatic/config.yaml',
|
dest='/etc/borgmatic/config.yaml',
|
||||||
mode='600',
|
mode='600',
|
||||||
user='root',
|
user='root',
|
||||||
|
|
|
||||||
Reference in a new issue