ansible-role-borgbackup/templates/config.yaml.j2
phil c6c4304d9e Remove repository label from borgmatic configuration
Only supported with borgmatic >= 1.7.10
We can still use it for borg key export.
2023-04-09 10:10:08 +02:00

176 lines
6.7 KiB
Django/Jinja

#jinja2: lstrip_blocks: "True", trim_blocks: "True"
---
# Managed by Ansible, please don't edit manually
# Full config: https://torsion.org/borgmatic/docs/reference/config.yaml
location:
{% if borg_source_directories is not defined or borg_source_directories | length == 0 %}
source_directories:
- /etc/hostname # prevent empty backupconfig
{% else %}
source_directories:
{% for dir in borg_source_directories %}
- {{ dir }}
{% endfor %}
{% endif %}
# Stay in same file system (do not cross mount points).
one_file_system: {{ borg_one_file_system }}
repositories:
{% for repo in borg_repository %}
- {{ repo.path }}
{% endfor %}
# Store atime into archive.
atime: {{ borgmatic_store_atime }}
# Store ctime into archive.
ctime: {{ borgmatic_store_ctime }}
{% if borg_exclude_patterns %}
# Any paths matching these patterns are excluded from backups. Globs and tildes
# are expanded. See the output of "borg help patterns" for more details.
exclude_patterns:
{% for dir in borg_exclude_patterns %}
- '{{ dir }}'
{% endfor %}
{% endif %}
{% if borg_exclude_from %}
# Read exclude patterns from one or more separate named files, one pattern per
# line. See the output of "borg help patterns" for more details.
exclude_from:
{% for dir in borg_exclude_from %}
- {{ dir }}
{% endfor %}
{% endif %}
# Exclude directories that contain a CACHEDIR.TAG file. See
# http://www.brynosaurus.com/cachedir/spec.html for details.
exclude_caches: true
# Exclude directories that contain a file with the given filename.
exclude_if_present: .nobackup
# Alternate Borg remote executable. Defaults to "borg".
# remote_path: borg1
{% if borg_remote_path %}
remote_path: {{ borg_remote_path }}
{% endif %}
# Repository storage options. See
# https://borgbackup.readthedocs.io/en/stable/usage.html#borg-create and
# https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables for
# details.
storage:
encryption_passphrase: {{ borg_encryption_passphrase }}
# The standard output of this command is used to unlock the encryption key. Only
# use on repositories that were initialized with passcommand/repokey encryption.
# Note that if both encryption_passcommand and encryption_passphrase are set,
# then encryption_passphrase takes precedence.
# encryption_passcommand: secret-tool lookup borg-repository repo-name
{% if borg_encryption_passcommand %}
encryption_passcommand: {{ borg_encryption_passcommand }}
{% endif %}
# Type of compression to use when creating archives. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-create for details.
# Defaults to no compression.
compression: auto,zstd
# Remote network upload rate limit in kiBytes/second.
{% if borg_remote_rate_limit %}
remote_rate_limit: {{ borg_remote_rate_limit }}
{% endif %}
# Command to use instead of just "ssh". This can be used to specify ssh options.
# ssh_command: ssh -i ~/.ssh/id_ed25519
{% if borg_ssh_command %}
ssh_command: {{ borg_ssh_command }}
{% endif %}
# Umask to be used for borg create.
umask: 0077
# Maximum seconds to wait for acquiring a repository/cache lock.
lock_wait: {{ borg_lock_wait_time }}
# Name of the archive. Borg placeholders can be used. See the output of
# "borg help placeholders" for details. Default is
# "{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}". If you specify this option, you must
# also specify a prefix in the retention section to avoid accidental pruning of
# archives with a different archive name format. And you should also specify a
# prefix in the consistency section as well.
archive_name_format: '{hostname}-{now:%Y-%m-%d-%H%M%S}'
# Bypass Borg error about a repository that has been moved.
relocated_repo_access_is_ok: {{ borgmatic_relocated_repo_access_is_ok }}
# Retention policy for how many backups to keep in each category. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-prune for details.
# At least one of the "keep" options is required for pruning to work.
retention:
{% if borg_retention_policy.keep_secondly is defined %}
# Number of secondly archives to keep.
keep_secondly: {{ borg_retention_policy.keep_secondly }}
{% endif %}
{% if borg_retention_policy.keep_minutely is defined %}
# Number of minutely archives to keep.
keep_minutely: {{ borg_retention_policy.keep_minutely }}
{% endif %}
{% if borg_retention_policy.keep_hourly is defined %}
# Number of hourly archives to keep.
keep_hourly: {{ borg_retention_policy.keep_hourly }}
{% endif %}
{% if borg_retention_policy.keep_daily is defined %}
# Number of daily archives to keep.
keep_daily: {{ borg_retention_policy.keep_daily }}
{% endif %}
{% if borg_retention_policy.keep_weekly is defined %}
# Number of weekly archives to keep.
keep_weekly: {{ borg_retention_policy.keep_weekly }}
{% endif %}
{% if borg_retention_policy.keep_monthly is defined %}
# Number of monthly archives to keep.
keep_monthly: {{ borg_retention_policy.keep_monthly }}
{% endif %}
{% if borg_retention_policy.keep_yearly is defined %}
# Number of yearly archives to keep.
keep_yearly: {{ borg_retention_policy.keep_yearly }}
{% endif %}
# Consistency checks to run after backups. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-check and
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-extract for details.
consistency:
# List of one or more consistency checks to run: "repository",
# "archives", "data", and/or "extract". Defaults to
# "repository" and "archives". Set to "disabled" to disable
# all consistency checks. "repository" checks the consistency
# of the repository, "archives" checks all of the archives,
# "data" verifies the integrity of the data within the
# archives, and "extract" does an extraction dry-run of the
# most recent archive. Note that "data" implies "archives".
checks:
{% for checks in borgmatic_checks %}
- {{ checks }}
{% endfor %}
# Restrict the number of checked archives to the last n. Applies only to the "archives" check.
check_last: {{ borgmatic_check_last }}
# Shell commands or scripts to execute before and after a backup or if an error has occurred.
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
# prevent potential shell injection or privilege escalation.
hooks:
{% for hook in borgmatic_hooks %}
{{ hook }}:
{{ borgmatic_hooks[hook] | to_nice_yaml(indent=2) | trim | indent(8) }}
{% endfor %}