Authelia: add backup for storage database

2025-12-14 18:10:59 +03:00
parent 78bee84061
commit bdd74bdf2e
5 changed files with 50 additions and 2 deletions
--- a/files/authelia/backup.template.sh
+++ b/files/authelia/backup.template.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+set -eu
+set -o pipefail
+
+echo "{{ app_name }}: backup data with gobackups"
+
+(cd "{{ base_dir }}" && gobackup perform --config "{{ gobackup_config }}")
+
+echo "{{ app_name }}: done."
--- a/files/authelia/configuration.template.yml
+++ b/files/authelia/configuration.template.yml
@@ -1026,7 +1026,7 @@ storage:
  ##
  local:
    ## Path to the SQLite3 Database.
-    path: '/config/authelia_storage.sqlite3'
+    path: '/data/authelia_storage.sqlite3'

  ##
  ## MySQL / MariaDB (Storage Provider)
--- a/files/authelia/docker-compose.template.yml
+++ b/files/authelia/docker-compose.template.yml
@@ -10,6 +10,7 @@ services:
      - "monitoring_network"
    volumes:
      - "{{ config_dir }}:/config"
+      - "{{ data_dir }}:/data"

  authelia_redis:
    image: valkey/valkey:9.0-alpine
--- a/files/authelia/gobackup.template.yml
+++ b/files/authelia/gobackup.template.yml
@@ -0,0 +1,16 @@
+# https://gobackup.github.io/configuration
+
+models:
+
+  authelia:
+    compress_with:
+      type: 'tgz'
+    storages:
+      local:
+        type: 'local'
+        path: '{{ backups_dir }}'
+        keep: 3
+    databases:
+      users:
+        type: sqlite
+        path: "{{ (data_dir, 'authelia_storage.sqlite3') | path_join }}"
--- a/playbook-authelia.yml
+++ b/playbook-authelia.yml
@@ -13,7 +13,10 @@
    app_owner_uid: 1011
    app_owner_gid: 1012
    base_dir: "{{ (application_dir, app_name) | path_join }}"
+    data_dir: "{{ (base_dir, 'data') | path_join }}"
    config_dir: "{{ (base_dir, 'config') | path_join }}"
+    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
+    gobackup_config: "{{ (base_dir, 'gobackup.yml') | path_join }}"

  tasks:
    - name: "Create user and environment"
@@ -34,7 +37,9 @@
        mode: "0700"
      loop:
        - "{{ base_dir }}"
+        - "{{ data_dir }}"
        - "{{ config_dir }}"
+        - "{{ backups_dir }}"

    - name: "Copy users file"
      ansible.builtin.copy:
@@ -44,7 +49,7 @@
        group: "{{ app_user }}"
        mode: "0600"

-    - name: "Copy configuration files (templates)"
+    - name: "Copy configuration file"
      ansible.builtin.template:
        src: "files/{{ app_name }}/configuration.template.yml"
        dest: "{{ (config_dir, 'configuration.yml') | path_join }}"
@@ -52,6 +57,22 @@
        group: "{{ app_user }}"
        mode: "0600"

+    - name: "Copy gobackup config"
+      ansible.builtin.template:
+        src: "files/{{ app_name }}/gobackup.template.yml"
+        dest: "{{ gobackup_config }}"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0640"
+
+    - name: "Copy backup script"
+      ansible.builtin.template:
+        src: "files/{{ app_name }}/backup.template.sh"
+        dest: "{{ (base_dir, 'backup.sh') | path_join }}"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0750"
+
    - name: "Copy docker compose file"
      ansible.builtin.template:
        src: "./files/{{ app_name }}/docker-compose.template.yml"