50 lines
1.8 KiB
YAML
50 lines
1.8 KiB
YAML
---
|
|
# =============================================================================
|
|
# proxmox_config_backup.yml
|
|
# Backs up critical Proxmox configuration files from all nodes.
|
|
#
|
|
# Captures:
|
|
# /etc/pve — cluster config, VM configs, storage, users, certs
|
|
# /etc/network — network interfaces
|
|
# /etc/hosts — hostname resolution
|
|
# /etc/hostname — node name
|
|
# /etc/apt/ — apt sources (so repos can be restored)
|
|
#
|
|
# NOTE: /etc/pve contains sensitive files (SSL keys, shadow.cfg, API tokens).
|
|
# Local and SFTP destinations are supported. Git destination is a
|
|
# TODO pending a secure encryption strategy for sensitive files.
|
|
#
|
|
# Usage:
|
|
# # Backup all nodes (local)
|
|
# ansible-playbook proxmox_config_backup.yml
|
|
#
|
|
# # Backup to SFTP
|
|
# ansible-playbook proxmox_config_backup.yml \
|
|
# -e "backup_destination=sftp backup_sftp_host=backup.example.com backup_sftp_user=ansible"
|
|
#
|
|
# # Backup a single node
|
|
# ansible-playbook proxmox_config_backup.yml --limit pm-node-01
|
|
# =============================================================================
|
|
|
|
- name: "Proxmox | Config Backup"
|
|
hosts: proxmox_cluster
|
|
gather_facts: true
|
|
serial: 1 # Back up one node at a time to avoid SFTP conflicts
|
|
|
|
vars:
|
|
backup_destination: local
|
|
backup_local_dir: /var/backups/proxmox-config
|
|
backup_local_keep: 10
|
|
|
|
tasks:
|
|
- name: "Backup | Run config backup for {{ inventory_hostname }}"
|
|
ansible.builtin.include_role:
|
|
name: proxmox_config_backup
|
|
vars:
|
|
current_node: "{{ inventory_hostname }}"
|
|
|
|
- name: "Backup | All nodes complete"
|
|
ansible.builtin.debug:
|
|
msg: "✓ Config backup complete for all nodes in {{ client_name | default('cluster') }}."
|
|
run_once: true
|