er4z0r · July 1, 2022 13:06
diff --git a/ghostwriter_backup_restore.yml b/ghostwriter_backup_restore.yml
 ---
 - hosts: ghostwriter_servers
  become: yes
  gather_facts: yes
  become_user: root
  vars:
    backuptime: "{{ ansible_date_time.iso8601_basic }}"
    ghostwriter_home: /home/ghostwriter
    backupdir: "{{ ghostwriter_home }}/backups/{{ backuptime}}"
    do_restore: false
    do_backup: true

  tasks:

  - name: Make sure python pip is installed
    package:
      name: python3-pip
      state: latest

  - name: Install docker python package
    ansible.builtin.pip:
      name: docker

 ############## Backup #######################

  - name: Create a directory for backups if it does not exist
    ansible.builtin.file:
      path: "{{ backupdir }}"
      state: directory
      owner: ghostwriter
      group: ghostwriter    
      mode: '0750'
    when: do_backup

  # make sure all containers except ghostwriter-postgres-1 are stopped
  - name: Stop all containers except ghostwriter-postgres-1
    community.docker.docker_container:
      name: "{{ item }}"
      state: stopped
    loop:
      - ghostwriter-queue-1
      - ghostwriter-nginx-1
      - ghostwriter-graphql_engine-1
      - ghostwriter-django-1
      - ghostwriter-redis-1

  # make sure ghostwriter-postgres-1 is running so we can reach the DB
  - name: Make sure the ghostwriter-postgres-1 is running
    community.docker.docker_container:
      name: ghostwriter-postgres-1
      state: started


  - name: Execute pg_dump inside ghostwriter-postgres-1
    community.docker.docker_container_exec:
      container: ghostwriter-postgres-1
      argv:
        - pg_dump
        - "--format=t"
        - "--clean"
        - "--create"
        - "--file=pg_dump_ghostwriter.tar"
        - "ghostwriter"
      chdir: /tmp
      user: postgres
    when: do_backup    

  # copy backup file from container to host
  - name: copy backup file from container to host
    ansible.builtin.shell: docker cp ghostwriter-postgres-1:/tmp/pg_dump_ghostwriter.tar .
    args:
      chdir: "{{ backupdir }}"
    when: do_backup

  - name: Change Ghostwriter file permission
    file:
      path: "{{ backupdir }}/pg_dump_ghostwriter.tar"
      owner: ghostwriter
      group: ghostwriter
      mode: '0750'    

  # # download backup from server
  # - name: Download database backup from server
  #   ansible.builtin.fetch:
  #     src: "{{ backupdir }}/pg_dump_ghostwriter.tar"
  #     dest: ghostwriter-backups/database/
  #   when: do_backup

  # archive ghostwriter_production_data volume
  - name: Archive ghostwriter_production_data volume
    archive:
      path: /var/lib/docker/volumes/ghostwriter_production_data/_data
      dest: "{{ backupdir }}/ghostwriter_data_volume.tar" 
      owner: ghostwriter
      group: ghostwriter    
      mode: '0750'
    when: do_backup

  # Create final backup archive
  - name: Create final backup archive
    archive:
      path: "{{ backupdir }}/*"
      dest: "{{ ghostwriter_home }}/ghostwriter_backup_{{ backuptime}}.tar.gz" 
      format: gz
      owner: ghostwriter
      group: ghostwriter    
      mode: '0750'
    when: do_backup

  # download volume backup from server
  - name: Download data volume backup from server
    ansible.builtin.fetch:
      src: "{{ ghostwriter_home }}/ghostwriter_backup_{{ backuptime}}.tar.gz"  
      dest: ghostwriter-backups/database/
    when: do_backup

 ############## Restore #######################

  # upload backup to server
  - name: Upload {{ local_backup }} to server 
    ansible.builtin.copy:
      src: "{{ local_backup }}"
      dest: /tmp
      mode: '0600'
    when: do_restore

  - name: Create a directory for restore if it does not exist
    ansible.builtin.file:
      path: "{{ ghostwriter_home }}/restore/{{ backuptime }}"
      state: directory
      owner: ghostwriter
      group: ghostwriter    
      mode: '0750'
    when: do_restore


  # unpack backup archive
  - name: Extract backup archive
    ansible.builtin.unarchive:
      src: "/tmp/{{ local_backup | basename }}"
      dest: "{{ ghostwriter_home }}/restore/{{ backuptime }}"
      owner: ghostwriter
      group: ghostwriter
      mode: '0600'
      remote_src: yes
    when: do_restore

  # copy database backup file to ghostwriter-postgres-1 container
  - name: copy backup file from host to ghostwriter-postgres-1 container
    ansible.builtin.shell: docker cp {{ ghostwriter_home }}/restore/{{ backuptime }}/pg_dump_ghostwriter.tar ghostwriter-postgres-1:/tmp/
    args:
      chdir: /tmp/
    when: do_restore

  # Adjust permissions of the backup
  - name: Fix file permissions
    community.docker.docker_container_exec:
      container: ghostwriter-postgres-1
      argv:
        - chown
        - "postgres:postgres"
        - pg_dump_ghostwriter.tar
      chdir: /tmp/
    when: do_restore

  # drop current ghostwriter database
  - name: Drop current ghostwriter database
    community.docker.docker_container_exec:
      container: ghostwriter-postgres-1
      argv:
        - dropdb
        - "ghostwriter"
      user: postgres
      chdir: /tmp/      
    when: do_restore


  # recreate ghostwriter database using createdb
  - name: Recreate ghostwriter database
    community.docker.docker_container_exec:
      container: ghostwriter-postgres-1
      argv:
        - createdb
        - "ghostwriter"
      user: postgres
      chdir: /tmp/      
    when: do_restore


  # restore database contents from backup using pg_restore
  - name: Restore database contents from backup using pg_restore
    community.docker.docker_container_exec:
      container: ghostwriter-postgres-1
      argv:
        - pg_restore
        - "-d"
        - "ghostwriter"
        - pg_dump_ghostwriter.tar
      user: postgres
      chdir: /tmp
    when: do_restore

  # extract archive of docker data volume
  - name: Extract backup archive
    ansible.builtin.unarchive:
      src: "{{ ghostwriter_home }}/restore/{{ backuptime }}/ghostwriter_data_volume.tar"
      dest: /var/lib/docker/volumes/ghostwriter_production_data/
      remote_src: yes
    when: do_restore

  # make sure all containers are running again
  - name: Start all containers again
    community.docker.docker_container:
      name: "{{ item }}"
      state: started
    loop:
      - ghostwriter-postgres-1 
      - ghostwriter-django-1
      - ghostwriter-queue-1
      - ghostwriter-nginx-1
      - ghostwriter-graphql_engine-1
      - ghostwriter-redis-1
	---
	- hosts: ghostwriter_servers
	become: yes
	gather_facts: yes
	become_user: root
	vars:
	backuptime: "{{ ansible_date_time.iso8601_basic }}"
	ghostwriter_home: /home/ghostwriter
	backupdir: "{{ ghostwriter_home }}/backups/{{ backuptime}}"
	do_restore: false
	do_backup: true

	tasks:

	- name: Make sure python pip is installed
	package:
	name: python3-pip
	state: latest

	- name: Install docker python package
	ansible.builtin.pip:
	name: docker

	############## Backup #######################

	- name: Create a directory for backups if it does not exist
	ansible.builtin.file:
	path: "{{ backupdir }}"
	state: directory
	owner: ghostwriter
	group: ghostwriter
	mode: '0750'
	when: do_backup

	# make sure all containers except ghostwriter-postgres-1 are stopped
	- name: Stop all containers except ghostwriter-postgres-1
	community.docker.docker_container:
	name: "{{ item }}"
	state: stopped
	loop:
	- ghostwriter-queue-1
	- ghostwriter-nginx-1
	- ghostwriter-graphql_engine-1
	- ghostwriter-django-1
	- ghostwriter-redis-1

	# make sure ghostwriter-postgres-1 is running so we can reach the DB
	- name: Make sure the ghostwriter-postgres-1 is running
	community.docker.docker_container:
	name: ghostwriter-postgres-1
	state: started


	- name: Execute pg_dump inside ghostwriter-postgres-1
	community.docker.docker_container_exec:
	container: ghostwriter-postgres-1
	argv:
	- pg_dump
	- "--format=t"
	- "--clean"
	- "--create"
	- "--file=pg_dump_ghostwriter.tar"
	- "ghostwriter"
	chdir: /tmp
	user: postgres
	when: do_backup

	# copy backup file from container to host
	- name: copy backup file from container to host
	ansible.builtin.shell: docker cp ghostwriter-postgres-1:/tmp/pg_dump_ghostwriter.tar .
	args:
	chdir: "{{ backupdir }}"
	when: do_backup

	- name: Change Ghostwriter file permission
	file:
	path: "{{ backupdir }}/pg_dump_ghostwriter.tar"
	owner: ghostwriter
	group: ghostwriter
	mode: '0750'

	# # download backup from server
	# - name: Download database backup from server
	# ansible.builtin.fetch:
	# src: "{{ backupdir }}/pg_dump_ghostwriter.tar"
	# dest: ghostwriter-backups/database/
	# when: do_backup

	# archive ghostwriter_production_data volume
	- name: Archive ghostwriter_production_data volume
	archive:
	path: /var/lib/docker/volumes/ghostwriter_production_data/_data
	dest: "{{ backupdir }}/ghostwriter_data_volume.tar"
	owner: ghostwriter
	group: ghostwriter
	mode: '0750'
	when: do_backup

	# Create final backup archive
	- name: Create final backup archive
	archive:
	path: "{{ backupdir }}/*"
	dest: "{{ ghostwriter_home }}/ghostwriter_backup_{{ backuptime}}.tar.gz"
	format: gz
	owner: ghostwriter
	group: ghostwriter
	mode: '0750'
	when: do_backup

	# download volume backup from server
	- name: Download data volume backup from server
	ansible.builtin.fetch:
	src: "{{ ghostwriter_home }}/ghostwriter_backup_{{ backuptime}}.tar.gz"
	dest: ghostwriter-backups/database/
	when: do_backup

	############## Restore #######################

	# upload backup to server
	- name: Upload {{ local_backup }} to server
	ansible.builtin.copy:
	src: "{{ local_backup }}"
	dest: /tmp
	mode: '0600'
	when: do_restore

	- name: Create a directory for restore if it does not exist
	ansible.builtin.file:
	path: "{{ ghostwriter_home }}/restore/{{ backuptime }}"
	state: directory
	owner: ghostwriter
	group: ghostwriter
	mode: '0750'
	when: do_restore


	# unpack backup archive
	- name: Extract backup archive
	ansible.builtin.unarchive:
	src: "/tmp/{{ local_backup \| basename }}"
	dest: "{{ ghostwriter_home }}/restore/{{ backuptime }}"
	owner: ghostwriter
	group: ghostwriter
	mode: '0600'
	remote_src: yes
	when: do_restore

	# copy database backup file to ghostwriter-postgres-1 container
	- name: copy backup file from host to ghostwriter-postgres-1 container
	ansible.builtin.shell: docker cp {{ ghostwriter_home }}/restore/{{ backuptime }}/pg_dump_ghostwriter.tar ghostwriter-postgres-1:/tmp/
	args:
	chdir: /tmp/
	when: do_restore

	# Adjust permissions of the backup
	- name: Fix file permissions
	community.docker.docker_container_exec:
	container: ghostwriter-postgres-1
	argv:
	- chown
	- "postgres:postgres"
	- pg_dump_ghostwriter.tar
	chdir: /tmp/
	when: do_restore

	# drop current ghostwriter database
	- name: Drop current ghostwriter database
	community.docker.docker_container_exec:
	container: ghostwriter-postgres-1
	argv:
	- dropdb
	- "ghostwriter"
	user: postgres
	chdir: /tmp/
	when: do_restore


	# recreate ghostwriter database using createdb
	- name: Recreate ghostwriter database
	community.docker.docker_container_exec:
	container: ghostwriter-postgres-1
	argv:
	- createdb
	- "ghostwriter"
	user: postgres
	chdir: /tmp/
	when: do_restore


	# restore database contents from backup using pg_restore
	- name: Restore database contents from backup using pg_restore
	community.docker.docker_container_exec:
	container: ghostwriter-postgres-1
	argv:
	- pg_restore
	- "-d"
	- "ghostwriter"
	- pg_dump_ghostwriter.tar
	user: postgres
	chdir: /tmp
	when: do_restore

	# extract archive of docker data volume
	- name: Extract backup archive
	ansible.builtin.unarchive:
	src: "{{ ghostwriter_home }}/restore/{{ backuptime }}/ghostwriter_data_volume.tar"
	dest: /var/lib/docker/volumes/ghostwriter_production_data/
	remote_src: yes
	when: do_restore

	# make sure all containers are running again
	- name: Start all containers again
	community.docker.docker_container:
	name: "{{ item }}"
	state: started
	loop:
	- ghostwriter-postgres-1
	- ghostwriter-django-1
	- ghostwriter-queue-1
	- ghostwriter-nginx-1
	- ghostwriter-graphql_engine-1
	- ghostwriter-redis-1