From cd39aa10ce6f01dc78ce6cb5b3a5b812bdad0ceb Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Sun, 16 Nov 2025 21:37:41 +0000 Subject: [PATCH 1/7] Add preliminary borg role Co-authored-by: ChrisJL Co-authored-by: GDWR --- ansible/roles/borg/meta/main.yml | 3 + ansible/roles/borg/tasks/main.yml | 109 ++++++++++++++ ansible/roles/borg/templates/borgmatic.env.j2 | 3 + .../roles/borg/templates/borgmatic.service.j2 | 66 +++++++++ .../roles/borg/templates/borgmatic.timer.j2 | 9 ++ ansible/roles/borg/templates/config.yaml.j2 | 140 ++++++++++++++++++ ansible/roles/borg/vars/main/keys.yml | 11 ++ ansible/roles/borg/vars/main/main.yml | 20 +++ 8 files changed, 361 insertions(+) create mode 100644 ansible/roles/borg/meta/main.yml create mode 100644 ansible/roles/borg/tasks/main.yml create mode 100644 ansible/roles/borg/templates/borgmatic.env.j2 create mode 100644 ansible/roles/borg/templates/borgmatic.service.j2 create mode 100644 ansible/roles/borg/templates/borgmatic.timer.j2 create mode 100644 ansible/roles/borg/templates/config.yaml.j2 create mode 100644 ansible/roles/borg/vars/main/keys.yml create mode 100644 ansible/roles/borg/vars/main/main.yml diff --git a/ansible/roles/borg/meta/main.yml b/ansible/roles/borg/meta/main.yml new file mode 100644 index 00000000..56e9b539 --- /dev/null +++ b/ansible/roles/borg/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - systemd diff --git a/ansible/roles/borg/tasks/main.yml b/ansible/roles/borg/tasks/main.yml new file mode 100644 index 00000000..856ae2bf --- /dev/null +++ b/ansible/roles/borg/tasks/main.yml @@ -0,0 +1,109 @@ +--- +- name: Install Borg Backup + package: + name: + - borgbackup2 + state: present + tags: + - role::borg + +- name: Create borg service user account + user: + state: present + system: true + name: "{{ borg_user }}" + home: "{{ borg_home }}" + shell: /usr/sbin/nologin + tags: + - role::borg + +- name: Create borgmatic virtual environment + command: + cmd: python3 -m venv {{ borg_virtualenv }} + creates: "{{ borg_virtualenv }}/bin/activate" + tags: + - role::borg + +- name: Install borgmatic into virtual environment + pip: + virtualenv: "{{ borg_virtualenv }}" + name: borgmatic + version: "{{ borg_version | default(omit) }}" + state: present + tags: + - role::borg + +- name: Template Borg environment variables + template: + src: borgmatic.env.j2 + dest: /etc/default/borgmatic + mode: "0444" + owner: root + group: root + tags: + - role::borg + +- name: Create borgmatic configuration directory + file: + state: directory + owner: borg + group: root + mode: "0755" + path: /etc/borgmatic + tags: + - role::borg + +- name: Template Borg configuration file + template: + src: config.yaml.j2 + dest: /etc/borgmatic/config.yaml + mode: "0444" + owner: borg + group: root + tags: + - role::borg + +- name: Create borgmatic service + template: + src: borgmatic.service.j2 + dest: /etc/systemd/system/borgmatic.service + owner: root + group: root + mode: "0444" + tags: + - role::borg + notify: + - Reload the systemd daemon + +- name: Create borgmatic timer + template: + src: borgmatic.timer.j2 + dest: /etc/systemd/system/borgmatic.timer + owner: root + group: root + mode: "0444" + tags: + - role::borg + notify: + - Reload the systemd daemon + +- name: Enable borgmatic timer + systemd: + name: borgmatic.timer + enabled: true + masked: false + tags: + - role::borg + notify: + - Reload the systemd daemon + +- name: Create borgmatic repositories + become_user: "{{ borg_user }}" + command: "{{ borg_virtualenv }}/bin/borgmatic repo-create --encryption=none" + environment: + POSTGRES_PASSWORD: "{{ vault_postgres_user_passwords.borg }}" + BORG_S3_KEY_ID: "{{ borg_s3_access_key_id }}" + BORG_S3_KEY_SECRET: "{{ borg_s3_access_key_secret }}" + # creates: "{{ borg_home }}/keys/repositories/borg2" + tags: + - role::borg diff --git a/ansible/roles/borg/templates/borgmatic.env.j2 b/ansible/roles/borg/templates/borgmatic.env.j2 new file mode 100644 index 00000000..05a6b085 --- /dev/null +++ b/ansible/roles/borg/templates/borgmatic.env.j2 @@ -0,0 +1,3 @@ +POSTGRES_PASSWORD="{{ vault_postgres_user_passwords.borg }}" +BORG_S3_KEY_ID="{{ borg_s3_access_key_id }}" +BORG_S3_KEY_SECRET="{{ borg_s3_access_key_secret }}" diff --git a/ansible/roles/borg/templates/borgmatic.service.j2 b/ansible/roles/borg/templates/borgmatic.service.j2 new file mode 100644 index 00000000..93b082df --- /dev/null +++ b/ansible/roles/borg/templates/borgmatic.service.j2 @@ -0,0 +1,66 @@ +[Unit] +Description=borgmatic backup +Wants=network-online.target +After=network-online.target +Documentation=https://torsion.org/borgmatic/ + +[Service] +User={{ borg_user }} +EnvironmentFile=/etc/default/borgmatic +Type=oneshot +RuntimeDirectory=borgmatic +StateDirectory=borgmatic + +# Security settings for systemd running as root, optional but recommended to improve security. You +# can disable individual settings if they cause problems for your use case. For more details, see +# the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +LockPersonality=true +# Certain borgmatic features like Healthchecks integration need MemoryDenyWriteExecute to be off. +# But you can try setting it to "yes" for improved security if you don't use those features. +MemoryDenyWriteExecute=no +NoNewPrivileges=yes +# Filesystem hooks like ZFS may not work unless PrivateDevices is disabled. +PrivateDevices=yes +PrivateTmp=yes +ProtectClock=yes +ProtectControlGroups=yes +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service @mount +SystemCallErrorNumber=EPERM +# To restrict write access further, change "ProtectSystem" to "strict" and +# uncomment "ReadWritePaths", "TemporaryFileSystem", "BindPaths" and +# "BindReadOnlyPaths". Then add any local repository paths to the list of +# "ReadWritePaths". This leaves most of the filesystem read-only to borgmatic. +ProtectSystem=full +# ReadWritePaths=-/mnt/my_backup_drive +# This will mount a tmpfs on top of /root and pass through needed paths +# TemporaryFileSystem=/root:ro +# BindPaths=-/root/.cache/borg -/root/.config/borg -/root/.borgmatic +# BindReadOnlyPaths=-/root/.ssh + +# May interfere with running external programs within borgmatic hooks. This +# includes, for instance, programs to snapshot filesystems (e.g. ZFS). +CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_RAW + +# Lower CPU and I/O priority. +Nice=19 +CPUSchedulingPolicy=batch +IOSchedulingClass=best-effort +IOSchedulingPriority=7 +IOWeight=100 + +Restart=no +# Prevent rate limiting of borgmatic log events. If you are using an older version of systemd that +# doesn't support this (pre-240 or so), you may have to remove this option. +LogRateLimitIntervalSec=0 + +ExecStartPre={{ borg_virtualenv }}/bin/borgmatic config validate +ExecStart={{ borg_virtualenv }}/bin/borgmatic --config /etc/borgmatic/config.yaml diff --git a/ansible/roles/borg/templates/borgmatic.timer.j2 b/ansible/roles/borg/templates/borgmatic.timer.j2 new file mode 100644 index 00000000..63ef7ea0 --- /dev/null +++ b/ansible/roles/borg/templates/borgmatic.timer.j2 @@ -0,0 +1,9 @@ +[Unit] +Description=Run borgmatic backup + +[Timer] +OnCalendar={{ borg_timer }} +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/ansible/roles/borg/templates/config.yaml.j2 b/ansible/roles/borg/templates/config.yaml.j2 new file mode 100644 index 00000000..d9e79308 --- /dev/null +++ b/ansible/roles/borg/templates/config.yaml.j2 @@ -0,0 +1,140 @@ +repositories: + - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://eu-central-1.linodeobjects.com/borg/backups + label: frankfurt + - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://us-east-1.linodeobjects.com/borg/backups + label: newark + - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://ap-south-1.linodeobjects.com/borg/backups + label: singapore + +# Path for storing temporary runtime data like streaming database +# dumps and bootstrap metadata. borgmatic automatically creates and +# uses a "borgmatic" subdirectory here. Defaults to $XDG_RUNTIME_DIR +# or or $TMPDIR or $TEMP or /run/user/$UID. +# user_runtime_directory: /run/user/1001 + +retries: {{ borg_borgmatic_retries }} +retry_wait: {{ borg_borgmatic_retry_wait }} + +working_directory: {{ borg_home }} + +temporary_directory: /tmp +borg_base_directory: /etc/borgmatic +borg_config_directory: /etc/borgmatic/config +borg_cache_directory: {{ borg_home }}/cache +borg_security_directory: {{ borg_home }}/security +borg_keys_directory: {{ borg_home }}/keys + +archive_name_format: '{hostname}-databases-{now}' + +keep_daily: {{ borg_borgmatic_keep_daily }} + +read_special: true + +local_path: borg2 + +# List of one or more shell commands or scripts to execute after +# creating a backup, run once per repository. +# after_backup: + # - echo Finished a backup. + +# List of one or more shell commands or scripts to execute when an +# exception occurs during a "create", "prune", "compact", or "check" +# action or an associated before/after hook. +# on_error: + # - echo Error during create/prune/compact/check. + +# List of one or more shell commands or scripts to execute after +# running all actions (if one of them is "create"). These are +# collected from all configuration files and then run once after all +# of them (after any action). +# after_everything: + # - echo Completed actions. + + +postgresql_databases: + # Database name (required if using this hook). Or "all" to + # dump all databases on the host. (Also set the "format" + # to dump each database to a separate file instead of one + # combined file.) Note that using this database hook + # implicitly enables read_special (see above) to support + # dump and restore streaming. + - name: all + username: borg + password: ${POSTGRES_PASSWORD} + format: custom + # Disabled since Borg has built-in compression + compression: none + + # SSL mode to use to connect to the database server. One + # of "disable", "allow", "prefer", "require", "verify-ca" + # or "verify-full". Defaults to "disable". + # ssl_mode: require + + # Path to a client certificate. + # ssl_cert: /root/.postgresql/postgresql.crt + + # Path to a private client key. + # ssl_key: /root/.postgresql/postgresql.key + + # Path to a root certificate containing a list of trusted + # certificate authorities. + # ssl_root_cert: /root/.postgresql/root.crt + + # Path to a certificate revocation list. + # ssl_crl: /root/.postgresql/root.crl + + +# mongodb_databases: + # - name: all + # hostname: database.example.org + + # Username with which to connect to the database. Skip it + # if no authentication is needed. Supports the + # "{credential ...}" syntax. + # username: dbuser + + # Password with which to connect to the database. Skip it + # if no authentication is needed. Supports the + # "{credential ...}" syntax. + # password: trustsome1 + + +# Configuration for a monitoring integration with Grafana Loki. You +# can send the logs to a self-hosted instance or create an account at +# https://grafana.com/auth/sign-up/create-user. See borgmatic +# monitoring documentation for details. +# loki: + # Grafana loki log URL to notify when a backup begins, + # ends, or fails. + # url: http://localhost:3100/loki/api/v1/push + + # Allows setting custom labels for the logging stream. At + # least one label is required. "__hostname" gets replaced by + # the machine hostname automatically. "__config" gets replaced + # by the name of the configuration file. "__config_path" gets + # replaced by the full path of the configuration file. + # labels: + # app: borgmatic + # config: __config + # hostname: __hostname + +# Configuration for a monitoring integration with Sentry. You can use +# a self-hosted instance via https://develop.sentry.dev/self-hosted/ +# or create a cloud-hosted account at https://sentry.io. See borgmatic +# monitoring documentation for details. +# sentry: + # Sentry Data Source Name (DSN) URL, associated with a + # particular Sentry project. Used to construct a cron URL, + # notified when a backup begins, ends, or errors. + # data_source_name_url: https://5f80ec@o294220.ingest.us.sentry.io/203069 + + # Sentry monitor slug, associated with a particular Sentry + # project monitor. Used along with the data source name URL to + # construct a cron URL. + # monitor_slug: mymonitor + + # List of one or more monitoring states to ping for: "start", + # "finish", and/or "fail". Defaults to pinging for all states. + # states: + # - start + # - finish diff --git a/ansible/roles/borg/vars/main/keys.yml b/ansible/roles/borg/vars/main/keys.yml new file mode 100644 index 00000000..64a21bca --- /dev/null +++ b/ansible/roles/borg/vars/main/keys.yml @@ -0,0 +1,11 @@ +$ANSIBLE_VAULT;1.1;AES256 +34326663643266306162376261383566646364376639613137646237313636303430363739646631 +3762303366303532386362356135313462613639323330630a333937623737366231656264623065 +66643731373537326437383465386139373539653030343930646434313262386565323637356539 +3962383331353331310a363163383538636133623137633930393632653930643664306663366363 +62613233383935633533343861343864363131313435383237333738343766306565353463653337 +35336632646538373539333563393433336532393137633062353265636533666134346464383961 +33323562643462646436366133333566653565613537326137393164306165386166633539383663 +38616462386432623531653564623032626632353561656431336634373530633038626665633230 +33636639643037366332613264356463633262653663393531643932636335353163396431393465 +3162666530626433313865656164613434626334353465333738 diff --git a/ansible/roles/borg/vars/main/main.yml b/ansible/roles/borg/vars/main/main.yml new file mode 100644 index 00000000..f08c5283 --- /dev/null +++ b/ansible/roles/borg/vars/main/main.yml @@ -0,0 +1,20 @@ +--- +borg_user: borg +borg_home: /var/lib/borg +borg_virtualenv: "{{ borg_home }}/borgmatic-venv" + +borg_version: "2.0.11" + +# see https://wiki.archlinux.org/title/Systemd/Timers +# or for more details https://www.freedesktop.org/software/systemd/man/latest/systemd.time.html +borg_timer: "*-*-* 09:00:00" + + +# Borgmatic config, see https://torsion.org/borgmatic/reference/configuration/ +borg_borgmatic_retries: "1" +borg_borgmatic_retry_wait: "3" +borg_borgmatic_keep_daily: "7" + + +borg_s3_access_key_id: "{{ vault_borg_s3_access_key_id }}" +borg_s3_access_key_secret: "{{ vault_borg_s3_access_key_secret }}" From 9c62a5184bfbd3a160b6e7eba4e7c0a2193518e5 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Sun, 16 Nov 2025 21:37:55 +0000 Subject: [PATCH 2/7] Update database credentials for Borg --- .../roles/postgres/vars/main/db_passwords.yml | 386 +++++++++--------- ansible/roles/postgres/vars/main/main.yml | 4 +- 2 files changed, 195 insertions(+), 195 deletions(-) diff --git a/ansible/roles/postgres/vars/main/db_passwords.yml b/ansible/roles/postgres/vars/main/db_passwords.yml index 638eee27..5eb781ed 100644 --- a/ansible/roles/postgres/vars/main/db_passwords.yml +++ b/ansible/roles/postgres/vars/main/db_passwords.yml @@ -1,194 +1,194 @@ $ANSIBLE_VAULT;1.1;AES256 -39333566636466636263356531613433356563306163333931666462643331653365376632363063 -3363373761636335633931353831336264363136323362310a643763323633393837616562313261 -62383263653366633165653638643564373162613138613862326461636339376466666133383466 -6331363238353634320a353737666338656532323930626135366335376630626338613338366136 -65333630363765633135386337386438373239303562333331323865616336363230636132613433 -61373937643530666637373035363466636234333765313565313464663536393365373635383633 -37626232616135656237653466336634656563303131626239386365393033326266643035663766 -64656533373831636336373738356262373065363932353938616163633137613539616362663266 -66383734353333333663393263303938663538666461353532616135333030376165343364363134 -38663563373137363964303830326432393331346631303965393164346666386136306561376335 -62313633343638343663666236313536346136383631346264613832643839363766623233616539 -36623061356630316535393036386637613561363764303863306337666564383334306235633663 -34646264336165303965623961633562616339346636663630636463336162663136373434353439 -38633765383763326238306462623537333139363032393764366432383434383738326335333536 -62616639373866323566623435306234393437643561306432366666393662613736643431636135 -30636664386633366164393037373337646161623932336237343061623137346537663063666337 -65653838326435373432356438326236663161643539326239656135396238646461623631303462 -39356463343837366561613934616662643534353930356639633436323333656263373365636333 -34376434366236363331376338343536383730373833613938643665396638303532643438623136 -34306639643763303565323336303635663964656130313433663161623937653663623965396337 -39616430366432623638373566653635653664656266303163373534346165633664626338666638 -34613237633230396662633065356434353430326566346234313164376638393563636563616337 -30616636626134346535383331323935383964376434353563306564396639343562623134663431 -61303330336134656439346537386439323134396461326335323134303864623462376239623534 -65623061663832646461663230356265383130333064396332396534633063306438343630616466 -61623432333539623538643563643235653462396531613439383234646430626162653536643632 -64336238636338613862653631393061376533346239333039363332626639353935643831366433 -64303238386336363738323230393436383930363338353639356664383537396132313732396361 -31633262636630326538613764393931366264323566663338363564353530666666663363393839 -33633736633863626439356437353063343435386131353866396635633930343564666531326535 -61613931656264616231353963666634366363333036336566303437623366326638323965633331 -64346165396265623932376662306332616161373137353762633164626463386231353632333730 -65336561363866356465663763323535396430653464396166333065363066346332393161303562 -62623665636636656162313762616134353438323663643838663663333036393061343031356265 -35643233643630396430623061363936356161363731323963396238316461643464353865363161 -36633461626138333933386434616636633161613462346462383365653034323039616537636634 -35396233653430636131333764366338633866303362623663333165363735316666366439653864 -37393235626563303734643031366161636465393764313730613837626537366564626161663963 -34333436326632646266663139656364653562633434356637373031313365333764313333353766 -37643163383836303761396565303763646365373536393534663464313565303139333264303363 -63356563303263323862343031343538613231353230353538613038303533383435376137633336 -38326537333537323938663332343431356632376262373232363362336639366132623430333066 -65303962393133623262626462643433636165363038656234393764353962363834663964666439 -64663366633638633466393363393464353235366462363231643666646637393230653834343839 -66636233303366323862656334346364623335323463633533633633343437623865386236316137 -61313530666565663834396466643530393837663734333039313362653537636336303761653039 -34383936303738613838653535396564316439623265333861643132653336646230326338656132 -37656362313132313533396533616635333131303865373132316438626332336638313033376462 -38343864626537643164333263373765356133366233336463316338663665383138303231393033 -35386439303335376363626337326663613034343939336136626231623630383464363436643063 -66343936316232356233333233313931643161363034323838376261613439643233366339326634 -66353837626664616336353837353962646539616434396137653534313838383930353035396166 -33306634373537373262663663643832393435323161613530356434336536306166653930373038 -65313961636162313338663062373363613535306638343239623466343262613930386233313339 -65623631303861356333373061353033646666386236393263336538616435623862373765656333 -30333235393262643061303531623231336564373964643965343434326534393462313661316337 -63393562383033336538323864623461653436363931626538663566343462373731326537623830 -35646131346530313531333436373364366532313963613538313334353034616635356363356134 -34373439386532343966623466363436343836313430353963393931623266376634353334626534 -37643635306561633862383565663133636135666138363265326538383863633865383366616338 -30616531313831333331353331623030316330336339616132363130623261656531653633376162 -37333263613564373936356262393634383637373166613961393764656630323439623963326533 -38663965316230343738363339656139653531613730326337613733643633623165383931346162 -65363366323934333231626537663439303636666134333739383039363537633931613664653062 -35333738316265663361306365306335383636613834366433663736626666376435373463316531 -62343035383965363731343332613234386532383163333762336333333463346361626631393364 -62613938366664326636613936643637616531373131336539373639303264633831663634643233 -38653734393534656261396538366634613664336234316662336133656535343661643830376430 -62306330666363376132393935616164663362303266373862306434616431666663383266303630 -63383562376561616132616266646338343835653366376464633739623234666665656134393536 -34306233666230666635356434653464326366383836336336343332346562626639366230613931 -66623336393236386162623536366137623762653361623335306238323763333834333937353164 -62636232323831663862393039376334663337333031643839376339346339613961393639656536 -37653337313461646464613337303837623734313739643434373933396161663637386530643837 -35383665346236616339333630313663663736633065363031626331663732663562353235336364 -65363632663363353336326132383935653339363362666234626336396138633031353264643133 -61303232396437396337363335313065323833376263363265376262653436613134363033393731 -35653535646335383264626338656239306230333538303033383237303264353962373535353666 -32346263343365653938366332393338653733303633646333616565633636303932656134643336 -36306335356630663166316162616230306130383031663266343631393366306565386435383234 -31396337313233316334616261353638326636363666306539316365643939633737396638636233 -33333934303066663764633435623763303237396163303938653765323331363031326130393639 -66306361656439333634333536303230636164306636616136616136356132616262663038353434 -36313930366561653633653366316431393733356566366263383666616131306432383565306236 -38613261653561613339623263363737363730333537336165323138356665623561383032313866 -66343566666630373863643030353730313731363935336634356131383131356266313161336537 -30383962653733343337373166663333333033623030636233393934313936663563353130366365 -30613833326336656463393630653133343530386162323432366333323239396563643866313366 -39303365366466343832653535396238306134313662336439633033353663373239373135303065 -31323966313363656663613065393236393938386233383337623032626531653630373964636430 -31663132363266633235633839663765316538656337333365393932356435383235313430613563 -63616563633938643531363732663231396265623266373937613362343061363263623436653638 -35373465343662333438646530333866363066353738383439353033396365623131633131633136 -64376661646337646138613364623834303234393639623463656566653430373665373262346434 -61666338663438636462383139626635383964353331623765303636663434646135333736316338 -36353939633165646135653464336131376336313634343131386335323965323634396431303638 -33343532353138666665313734383966633537393235336434653263646138666432633662646430 -32636533653639623266356335323939623134376462643038303638376363303932376434376538 -33386665376662616339663638383938623639386662373865393762623464346336633165366430 -63653966323265366461316165313533313832326366323932323266326266666163303135393032 -38633965633938343366313138643662656530356433303566316339366136303461313437333963 -66633262613039663331653934393638363536383736653966613861396165646461353937383361 -61306661336466353961323432653662356666386130373637373366613266663566373632356135 -34363562316562386337633835633165383331303735633362313333363031333931333939626162 -39636666303239613561323261356332376230313661636234656264623964323533353734656439 -65373931666435646461626463623764343962336332623361663834616232333261333437396330 -65393532323864306230366434383836393265396437616563346633323466626665323234343737 -30366437336361333762323163333461383762323631613965303437653135336534336331653461 -32313332353038366662353534353564383336316137633663343330633266386162613935363261 -65633565396533326130356131303035646135636138303033366263636364663361656261643263 -62626533396331393834393364336139633633356562646235373463663164306365343462653035 -37306430396631343338613932666361393132383865633961663837656239323832353433373635 -65653030646331623630386337363533376630356162646531353430356133323337353330383230 -38643363373939613431626538313064303665663061616339306331323735616539346366393639 -65353133623737623333333832373133336130613862333666643266626563343634306430626564 -33373366323766653363366461663665646435323463656330316639333030306630633666336261 -39303364393435383562633438643738343062663463333137363164643263373339373062323932 -30356436313231633934373834646338616237326263663930383837646136643965353935653537 -61396137643533663462306339616661356233663434386131636465346163313039663963666231 -36343039343736663734316130303361353431623364316630363564393036646635376636313837 -39353130393236656566393138346237663432396639343865323263663864623135313961663934 -65333362353361666266393333323236316636353663303162343430346136623865653533306237 -32373639313631653032363762396263383733383565313730366561633230653239613864376131 -66306663373338366130393065646238303863393933656131343265376335646137646534323865 -33366434303733663566656630353730666632353239343936363535316238313533663162333364 -36376330316562623830353164386432646265373337383837373964633536636231366264656632 -30613366613035323336323338363237363662373966666333316265653865643430356431323836 -39303636383832666533323135353736613436623037306436303162323534336134356433666337 -34336461346163623739306231646435643436636137346136363131663762393532313934333436 -65643230663237303236623833313766646561646136346461363735313533653235636663306135 -33666535643732633235396239353865343130636138633132333430316666396562336337633032 -33633135323834396230313131313536373737306662363331633333343033323632383934316433 -62646436656232653430393464393038383864323936326261386163343938623864616363393931 -63373237366365396630393733653431616266353539646565393737373033353632386362616161 -38663834303238656137376564633530663332363865353333316538393261386335346433396463 -31383962366132396661383438306639633638663131316532666235316232626363363963633664 -38303062306366646333303834313966316338333832653237653030366536316461396164623835 -65323431663037653664663335613737633438633639393232343532376439346531376461353930 -61643031663639643664646432623530313161366537666439373536643235303563623062313462 -63313963303732623235623166636533323362356662636339646561303061323834656165636334 -65356430613465363065336237623461643161396464313666376162326330316331393631343539 -61356134303133396565636265616663356665393566333362376466303464356235353336393038 -39626335613962616432333335396138613238356461623539623564353961383137623232376131 -63626134656333643465663139333765373339656662646439633163346563613738623131663432 -63366337326561353065643431333530383531656339383732396538383861643137363762303734 -37396237303535636164363461666633303834313362343465333237336261353463626466383137 -37613531373961623332333438373264653836326466383137646361343962383334646138643439 -61646465313562346539623834383631643461326630613039656362666539353434656466323563 -66623465623761613831643463303866613337356230633235376538656132366630623339613836 -62343335666635373964373065366661333438366162656137353966373831353465303435653332 -33316664366333366666353037333138643233343364623532333038373636376663306264303935 -32393561666262326564336562643666313363396665646362653039303330636232623338363565 -63333464303330386234313937343430363539313265616661323063323338323330353230666234 -36366632366562376135666233653835383239393365633836623264333932323337313465336631 -63383963373631643433326536393932653763393863316263386330626437366230626664353163 -39666336373734303464333431366236353965623834326232376463393730316466373965353131 -36663135353634366666336538653339333865656663343238383136633033313264646132373064 -62343934363536333431623337383262386364346430393038343431653231356134616437646437 -64366166373466356433373764653031643861633339343133653633363431613536353430373439 -66613261373861306138393665346338386263313435393163626430393262663763636235663332 -66643838656366643434303936353163343965356231323032623031623934333535616234383037 -31323234313431326461653065643532616662333366633736643861333937376339303663313736 -37653536366138333636386264643661356130376366636535393236313932306235326366313261 -31616136616563363962313865393136616535313933663166383965306331656665323732316132 -37353066376566363437623336313531383732366331363633346333646535373065383363613331 -37393365653431663431343562306236663837613164623961393035636637633834663334623230 -31333064343364616234366138343434636639386135383731313663313834373535353634643365 -30633337623034613737383135333661333461376633303931323364343363316330343764383431 -64316535386665323734326466643431376436363565653262343536636231623837396438346232 -66653432626431326233633036306561636262616366393431656165313766353462666639336337 -62323839623339656563363237303339633961336266613738303433663738316338643964343330 -37633138643733313463363063343762333735393834336363306237333931306132363032643731 -36383235633139313036313031376332353932363734653533363562396632633562353162383663 -39313039303830323830666636626161393433313961653836346331636263376338363965323163 -63346334663133316237396261373261316165633939353633646434666138616631656338396534 -31663437646135316561383830353734343935356133646165343734633636326433636434373638 -36643332356233646534353532333039663962613033366261663131336135343366396431303761 -36623939333561646334663739343363613562633163613838313339353731333763306339633661 -34626331663638386661323666613662356137316166666435326133613266626137383261313733 -38393332626466313166356636366131656439633434643562613136383838373963313762396537 -31656661633063343637316337656134643939343132343862343462373562313933323337336539 -35636562363865356332393730323661313033636530393465316336343261343863353163656136 -30653234623264323262646631363834363963386332653934623233663133366437643233626665 -61303537393263363734613837303735653530393762653139323432306464303834316136323966 -31363832656363626165323832396635363734623735393865303136663937343862396563633861 -32323037376665316262363737656566393564383332366530353836326431323839353238303430 -31623138363739353131373663336431356435346235613936333035306364303333363039623765 -35313630616430663161323934363038343932363134393732326464383266313532376661386164 -61323262646234313333396464363030346534313435333034623230323163353039303134333039 -65623966316137353464363233326531306332653738326135336539323632646430383635373162 -37636266346434383761633637313535656439626364386563656234623333616139663761366631 -63316637626461653834663836356632383834626632643662643734316430363533643432633338 -62303837333935326265313464303835323064643036303164363963373261393062 +31323263346631373435343365356532343933306432663765396262613362646462633863653861 +6436313433653136623963383162663366666636396466330a356163386337363239643335653266 +65313038616639343761653363373234316162623065393366316464666565353134623139333835 +6561306532636265330a653966363334313963633736306439316333333365643535316234633866 +63643734396332353361363536626162383034303237646633316265613664346564346335363232 +39373836383934626131376463303238356238376263376234366136323534343964616164393335 +32333537623133663464393966306266613433373063386336636161333830623666626333616633 +35323931373265336437663961633038333534646330303431663165383866633939303639613035 +36383335363937313933393362373235366239613433633864613664636537303435623638666538 +61316230303336653330313037393061636266386639323933633030323031343735333962376635 +38623839303331616534353366646333316434363836646432363864353038323836663134636434 +63366162346538376334303862326533626532636265653732313963383966396131313332616263 +35386239316130363335383764383635646439646231626537376132323566333637363633346236 +30393666303836303235643831376336313137633866303866346666633534336531616566616230 +64303039393338653531306364343061313439306536303434326566353561396233343836363263 +61646264366435393665303163333637636336666563623337366538636665373133643664313964 +36653334356261333565643266636433613763333831633764336332383437333439393538653865 +30623035383937633561366563313530306564373066646533333438306534663663313364343639 +63396438306338353337333133613838353464623161326538393264363838313962383561303736 +66383635343239613939333533383338386363326663653866376531303538663265366166666564 +63396663643333343733653436353738316330313532313231313666636465383936393461636536 +61343432376166623566303461323339376634373038326635613561323330386332663531666334 +35393264393664363865646362386431663761396465656331396666633833663232326461323139 +62383536396466643365333838313630303463303837653435653964643433363931666263356334 +65376166376266363339343136626539646365336461353735386631363236323933353762653230 +63666263613862616664346236616663373239633636613163393938353062396234326637383833 +61383164656132663862623066313935396333306662363635613563393837643364393861316635 +34656231343135626265396665613432343135616231633939303461356135366237323966333331 +62333566613961366238363833313031623366346230666233313166313162383664343566356330 +61383063376335373366396436313764353939373330653166613335343231626664356566393062 +65626238313333626131396133333265646565363039616636633834396461396236346665303162 +65333163346137663733343366303134313563333031623031336531613330323634326335626131 +66303836613934653031666339363639326630633331663264353535666261376237303132633338 +62373639393139376630373930326165363134366633363963343465653331336561303537303137 +65346130326438376532333836616265353463636237363834643362396635303332633637383130 +66373537383134633632633635383439386666366364643361656237643565373536373633376135 +31373765386337393234663631326134633730613066303832633832643435653430623835373232 +65633034653663623231653566376632326431383336303733653365336565653939333535616534 +64653735333963363733303735646235613136623332333866356231316163316366366234643864 +36313165666264393031616635326231663263613333313731393533656130633561643761316131 +63363762346531393764643435623034323435346639623333306531353965643130643232643334 +37663138653237303638376238383932323862366236393963363133306366663636346661373231 +35333565323735386538636631393732306262393537653538366634613330376264616536323961 +38363831336236323739346635666531643262303863643430363263626637326234393731366631 +33616666363365663432653538663831303734343037316334333063396539343366316163373533 +37383332313464346135333063303532616261396535646437396466363839303562643361323463 +37363361653539653635363461323534623637356539636439633866333037306632663932373239 +30646261346333313131353534383463366136613661383631373964373561356637373631613366 +34343063383161396439313565626139313636643565616639666236646663623433306336633833 +34336263643337333664623836346138633637643566333061333431303466383630646463383333 +36326263613163653662663537393037303634306461386231663736666333636165626162373838 +63343038393063353833393632646233653039346235636663666330376438353566353838646339 +61633862326136383139393963653131303337333833623261626164316530373665356162373562 +34643564333165353636633163613934306139633431636564666162316661313662613062646562 +34326235326335373765306665636430303132306536363834333065666635613265643232313839 +64623333343737636666643262653931326465613331383163396363306466326166663638323834 +33386638633430313037386662636537633161356531613936626231386261646563643637323163 +39653864383861333165353761343435336265636365666166666532316135386335626431373935 +39636638636539646633336162316262636238323332613239636335666236366464393939326331 +30356635363262366335313266626439376437343363656333333062633930326661353961396165 +39306338643034323766363663663665346233343264663362333162643561353466313231333436 +64373561313566306238646336343031333562363863393833656361643031356661386133366433 +38373535643661356166383764653038313266336239373237613433393466373934333031366537 +63396137303065396533373731313962646539643332666563613531326231663530626664343364 +34326530336239653964306439373337316133646239323036663466656132626238626661333133 +35353932376234383763323561393331613732633534396630396339653237303535306366333030 +62666533356566663334363439623161363937386431303538343932656131363130343565623964 +62313239613637653063333361633638663738333365346631306461643363623137346462303932 +30343636303965653434373035306165366132373439616635666531303461623939663265653064 +37393962346663643431383232616566623032356136393838386463643931366266623130323834 +33356433386331373761363663623437343366636165623133653037346262363262653339303966 +32633037663138376437303665353463373563316131653063363765613664643263636637396435 +30323066326331333239366636636132316435656464623639626635386432633734343264373661 +65306136336466303132303664626537613562316238376330633638343734623237353062363362 +30346365626563656163366463336536343164346565376233353335633739616561353630326530 +61306361366634346533333136623430356130643762366161313964353363346464303537356366 +35323565336363376464386635303733383162336238343337333138393237333230333131333161 +38613962306564323432353232363535663938663539666566623062353132636662633133643436 +65393661333930313034363631303461396533363163633963366232326666313331303064366636 +30666636393638376238636266303937626365353464356364616162333462643165623938346233 +37343163383562646137616136643534383732336565626134373166616234636136353662666637 +38363336626564383239373935363039356438323433326336653566643766393132373936356331 +35323963353663303832363364653266396439636134353434353534323737306238366561613531 +30393230643734663564663232633931626637333465616566376337323134346533346561316533 +30656461343335653132313438313839623838343335393539653234616633623239356639623035 +64316564653664626533313139633035313330653938306232333565393161313061643433366463 +33383563646539643964376366383463653165616364303131346437666537353732653139643134 +66613732303266363833303738663333396336626130666661626662356532663035313234333939 +62303637653230366539326633386165643461613437626339323239353938393764633532306233 +33646262643630663362613664666266393834353033343039666365396637353035333335383063 +37343130353530636262396361316463306462386664626264633135656535366363373233393730 +30646131303764643535656465613230343836636662356134363532326361363365333266663565 +30333830316534383666383835623932653536383634373039623839633439323330626463656132 +30613731646231643065333261656634353739383330616134366233396433393231306434633230 +65643365333036633865303265383835306137633966653137643132393362376365366563653331 +36636335643531363566393464623533363266333261616630323165643932613934346266666264 +36333333316134626132633632393064353234313162343233663939623133643662616162393534 +66343261663830613734313366323466326661303639336237383766393530653739396365343636 +63393366653534613934393932613035333564386531346661313736633064613166663433313966 +62626330633265316664353064666633336264326230643263646564306633343632313934643263 +65623637623731373537643432383265646266353832363563353432633430353336396661323034 +38336265356232393236633836303064326433363461633739366139303865376437613363323231 +63616162613432356262663061633338623735643336633162323161643636383533353032386465 +30386262366333303638663563626238306331633739343931666234303238383930373935303165 +39633665353861383736653235613833313136313936343164313938636330363830613039373762 +66323163373765363637393766313062336231363765643862333763316236656531386533613639 +37646331343732303430663865666634343432663264316133386663373332316266383738633966 +37336264316635636332386433643731386230646333313935393365626639323939653634666262 +62653238366634663062393035396231313936323037386136646538663335363231663336623030 +31633736363030663233343864383764386634623039363338363938623662353131393536396430 +31316130353230303536623537643161616636623162653662333863316133323663376432666563 +37653739646438623464383031353435636361336637393764636334316665393538376565366662 +66313066373035373735316565343466353838633538643161643164336163306662323637653732 +36353161326236306231376439653562626362313936393237303533363331626363333337313731 +35363461386532633335363466366634616366363038623362653035393435353066396362346461 +36363236633631313433386436306631616665386232303464643937343533633966613036613136 +36393834316364623763626463376261333837666161646361633637356663376134653865356166 +66613763373636396330646434623533366430633764623839353265356331326162343164373863 +61646338336665333233323763353532616230366431303365373033306132613961346666333737 +39616661396634666530643632656363343039656338353936636132646538353036313735376262 +34323932373233613333666666306133353164383931616134666239656634373139616635653463 +30366236663239376530656162626132373961663665623739343836383131636539623936363931 +64623839356630663430306365616363643565323562633962363838346235393039366134333062 +64306136623630376332646135316133383061353737353237343030343030653766373762366164 +36363364656336323937396331366433666533313236373134323737636435663434353663646636 +62363330653264383465306339363136663839346166306335663765613530636233663434646439 +37356162366262616561313762373638383464663837643439343235376430326336316533383832 +37653333326165353937363563653035613761626234306232643564363832656133393563363132 +34383838346633343339376364356630323466313836636336333139633834303065636566373130 +32626636666132633838633738346664396638333036373665323839643862396531646565333932 +32643437633230656363356333613030353566346664316138613939633065306534656638336637 +66646339623462626465356463616366303936333938633962616563643338353230663735646562 +65363265623564316635626534643464356465633163303563313936633166623538326537643432 +38323362653630303962666236333663326538616365363230383032356263306238663234653066 +36336136323763373261353234336366393764376661666237663762613566393833336561653364 +34306331633432666531366665373964343935343163666432643633326330623936333234633032 +64303534636530653635346261313733353430313263386437373165383639663938363439313561 +65633934373633656337346432613863383562383332396564316663633361363639373930313236 +66373664626161313466646663316237356663623931326363623437616463366431643938303439 +32376464613439333763646261636438643962643239393665663239393436393061356533383330 +35316639356234303336363433323634316339636163373762333161346637303839363438323930 +63313331306534616535623831643438306536613238383663656134313631653264653931616135 +36626635663966613538333265656538323465343065663430626562646538343165356538343364 +37633864653062386337633139393033303865626337363936653130366561333734613465613865 +30616239653863346437376365316536316662653538626439646665386165653939353963383838 +35343332663139376465363238373561633965623637356135386231373836646434376335666630 +65366163376637306236623133623839613961643839386230633637316538313432656666373339 +38376565323333313932663162343635653334373462353933393462376564386437376333303763 +34316231363263356634346666663330303833636234643937333161633633356436353566373835 +34623836626133376136366336656331656237636339643461383133336564393532356532333238 +34633161663531666635613638383862383336313235313839313635396664346333663265363063 +36303366383830343439336466656438613136383333613839613561376434333732353032336134 +33363932363063303263646438363639303936663034323461643866326238653330663663316538 +62393533303438633634303830366561653636343462613364323733306633313033623338663861 +63323664366266623536326137343639303630323333376663356534636539343435336430626132 +35303331663438393134313362306365383233353739636334326533373832353635363937343037 +35626364313662323031653464616666383632313666653563343730626230396334333064346532 +32656637336432623536333830636565393564623433346236666539626337306365373338653062 +38636530353439383464656238623535666337623332636666666239346461353465646364366565 +61346437333362346337383838613036366661346237616438653933326662363664366433633161 +64623333333433626236366332303962626661363433313830393933663636393065396365623831 +39333130313732633464663666383737383434326661656432313337363461653035633530613931 +37656538323932643961386164363935613633393836373032313135613832303365613733646565 +65386163343632666262623236313165663764616665356264633164393662616361343330386233 +37363632613131386438636566626538613162336662363838636238643330316562626264373232 +35356139643036343830663735623730316235306330643963623538666437346234356437383232 +61383966633165383039353031633031353432636130616531386438656165336431346535663539 +64613731643063306631646364323965326634353735343431626166326338393036653863346533 +64356233666464626166376439333732386165613638343935313765333862643431346661393262 +34306630363137626166653936326537346236343233313635626165663834333466363962373763 +35633864353435653633313035326631366537626133323961303661303134373131643666366633 +62626339326339643230616563396238383165383034653764383938663765653037356164336462 +38303338633831656162323433396464623432343932643139346661356665626463393863353861 +33613562626632376463626334663239383562303364306338626334653963643838373230626165 +34346132663433343962626239333163306230336466323734393037346231653964363031663035 +38363839663139636133663134326134646430366339373961663261623330356165616566323238 +30356638636337636135646164386138636264346138306462656632313537613035376332353938 +65633264643665353435393231633631356636336337303062336530343064333736353561626338 +35633365636164333561393134633635663266663766646132313537343663353634303631313039 +63376364616534303738623836333437643237643039653634366638383939336161323638666162 +34383866616133373438303636326331333939373062313538376234393432323330616436636462 +31356235386639363038316236346431396539613961373262643031656133356133343034626330 +37663964366334643361393664353635306436646433653138643632663566373833373337373537 +62386332613834383335376637306337626536663333653935326131616339623734373437386537 +33643334326263376433396565646331333535376262363939613030323762383034376362356536 +63656265333565633637303266616363326433396433346333643639656332343438643432353935 +35616336343630646263393531633161303437666339636537376236386634386636363232336563 +38626334636135323163393365383430373233356635646263323661643162643762383236323136 +35633661386364616438656433613532653065616632326434316638363962366331643666663766 +33383832303361383332323065633533393236633531653364646339303730346364656136303537 +39373961373362613232306535323465353763353861396666323937376638613862326135396531 +65653538666136313634633862366662316364393535316563303036643965396562313336386233 +63353034613733633339626630636632373331376638386237303037323139653662 diff --git a/ansible/roles/postgres/vars/main/main.yml b/ansible/roles/postgres/vars/main/main.yml index d91a3906..4cf742e1 100644 --- a/ansible/roles/postgres/vars/main/main.yml +++ b/ansible/roles/postgres/vars/main/main.yml @@ -18,8 +18,8 @@ postgres_users: password: "{{ vault_postgres_user_passwords.pinnwand }}" roles: - - name: blackbox - password: "{{ vault_postgres_user_passwords.blackbox }}" + - name: borg + password: "{{ vault_postgres_user_passwords.borg }}" roles: - pg_read_all_data From 9b307688589ce352f9efd00fa4a63cf2907b48a3 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Sun, 16 Nov 2025 21:38:01 +0000 Subject: [PATCH 3/7] Run borg role on database hosts --- ansible/playbook.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/playbook.yml b/ansible/playbook.yml index f2859eb0..d54ce014 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -68,6 +68,7 @@ - postgres - prometheus-postgres-exporter - mongodb + - borg - name: Deploy our LDAP server environment to the LDAP host hosts: ldap From ad35c6ef3a6fb61a60f879ed7c5e84790a516258 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 17 Nov 2025 01:39:10 +0000 Subject: [PATCH 4/7] Install borgbackup from source for S3 functionality --- ansible/roles/borg/tasks/main.yml | 17 ++++++++++++----- ansible/roles/borg/vars/main/main.yml | 4 +++- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/ansible/roles/borg/tasks/main.yml b/ansible/roles/borg/tasks/main.yml index 856ae2bf..1a3a0fbd 100644 --- a/ansible/roles/borg/tasks/main.yml +++ b/ansible/roles/borg/tasks/main.yml @@ -1,8 +1,14 @@ --- -- name: Install Borg Backup +- name: Install borg dependencies package: name: - - borgbackup2 + - liblz4-dev + - liblz4-1 + - libzstd-dev + - libzstd1 + - libacl1-dev + - libacl1 + - libxxhash0 state: present tags: - role::borg @@ -24,11 +30,12 @@ tags: - role::borg -- name: Install borgmatic into virtual environment +- name: Install borg & dependencies to virtual environment pip: virtualenv: "{{ borg_virtualenv }}" - name: borgmatic - version: "{{ borg_version | default(omit) }}" + name: + - borgbackup[s3] @ git+https://github.com/borgbackup/borg.git@{{ borg_git_version }} + - borgmatic=={{ borgmatic_version }} state: present tags: - role::borg diff --git a/ansible/roles/borg/vars/main/main.yml b/ansible/roles/borg/vars/main/main.yml index f08c5283..558fb73f 100644 --- a/ansible/roles/borg/vars/main/main.yml +++ b/ansible/roles/borg/vars/main/main.yml @@ -3,7 +3,9 @@ borg_user: borg borg_home: /var/lib/borg borg_virtualenv: "{{ borg_home }}/borgmatic-venv" -borg_version: "2.0.11" +# Pinned to a specific commit for S3 compatibility. +borg_git_version: "1373b30ba8e6b88f6264dc57f6a8da46d8b2e80f" +borgmatic_version: "2.0.11" # see https://wiki.archlinux.org/title/Systemd/Timers # or for more details https://www.freedesktop.org/software/systemd/man/latest/systemd.time.html From 73e640b77b7e0b565c0e10bf06056f3475870cfe Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 17 Nov 2025 01:39:24 +0000 Subject: [PATCH 5/7] Use virtualenv version of borg --- ansible/roles/borg/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/borg/templates/config.yaml.j2 b/ansible/roles/borg/templates/config.yaml.j2 index d9e79308..3bcba341 100644 --- a/ansible/roles/borg/templates/config.yaml.j2 +++ b/ansible/roles/borg/templates/config.yaml.j2 @@ -30,7 +30,7 @@ keep_daily: {{ borg_borgmatic_keep_daily }} read_special: true -local_path: borg2 +local_path: {{ borg_virtualenv }}/bin/borg # List of one or more shell commands or scripts to execute after # creating a backup, run once per repository. From af80edd593662e3c8942a84eb90607325ab28c08 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 17 Nov 2025 01:39:39 +0000 Subject: [PATCH 6/7] Update S3 paths to compatible URLs --- ansible/roles/borg/templates/config.yaml.j2 | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ansible/roles/borg/templates/config.yaml.j2 b/ansible/roles/borg/templates/config.yaml.j2 index 3bcba341..482bb424 100644 --- a/ansible/roles/borg/templates/config.yaml.j2 +++ b/ansible/roles/borg/templates/config.yaml.j2 @@ -1,10 +1,8 @@ repositories: - - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://eu-central-1.linodeobjects.com/borg/backups + - path: b2:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://eu-central-1.linodeobjects.com/borg/database-backups/ label: frankfurt - - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://us-east-1.linodeobjects.com/borg/backups + - path: b2:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://us-east-1.linodeobjects.com/borg/database-backups/ label: newark - - path: s3:${BORG_S3_KEY_ID}:${BORG_S3_KEY_SECRET}@https://ap-south-1.linodeobjects.com/borg/backups - label: singapore # Path for storing temporary runtime data like streaming database # dumps and bootstrap metadata. borgmatic automatically creates and From be42f07f73900b9ec561404cd4b4c86d130a1ad0 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 17 Nov 2025 01:55:49 +0000 Subject: [PATCH 7/7] Ensure the borgmatic timer is started --- ansible/roles/borg/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/roles/borg/tasks/main.yml b/ansible/roles/borg/tasks/main.yml index 1a3a0fbd..d8fc25f6 100644 --- a/ansible/roles/borg/tasks/main.yml +++ b/ansible/roles/borg/tasks/main.yml @@ -97,6 +97,7 @@ - name: Enable borgmatic timer systemd: name: borgmatic.timer + state: started enabled: true masked: false tags: