diff --git a/files/authelia/backup.template.sh b/files/authelia/backup.template.sh new file mode 100644 index 0000000..e9eb936 --- /dev/null +++ b/files/authelia/backup.template.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +set -eu +set -o pipefail + +echo "{{ app_name }}: backup data with gobackups" + +(cd "{{ base_dir }}" && gobackup perform --config "{{ gobackup_config }}") + +echo "{{ app_name }}: done." diff --git a/files/authelia/configuration.template.yml b/files/authelia/configuration.template.yml index 74382c4..705b47b 100644 --- a/files/authelia/configuration.template.yml +++ b/files/authelia/configuration.template.yml @@ -1026,7 +1026,7 @@ storage: ## local: ## Path to the SQLite3 Database. - path: '/config/authelia_storage.sqlite3' + path: '/data/authelia_storage.sqlite3' ## ## MySQL / MariaDB (Storage Provider) diff --git a/files/authelia/docker-compose.template.yml b/files/authelia/docker-compose.template.yml index b0d799f..2f62407 100644 --- a/files/authelia/docker-compose.template.yml +++ b/files/authelia/docker-compose.template.yml @@ -10,6 +10,7 @@ services: - "monitoring_network" volumes: - "{{ config_dir }}:/config" + - "{{ data_dir }}:/data" authelia_redis: image: valkey/valkey:9.0-alpine diff --git a/files/authelia/gobackup.template.yml b/files/authelia/gobackup.template.yml new file mode 100644 index 0000000..4ec8acd --- /dev/null +++ b/files/authelia/gobackup.template.yml @@ -0,0 +1,16 @@ +# https://gobackup.github.io/configuration + +models: + + authelia: + compress_with: + type: 'tgz' + storages: + local: + type: 'local' + path: '{{ backups_dir }}' + keep: 3 + databases: + users: + type: sqlite + path: "{{ (data_dir, 'authelia_storage.sqlite3') | path_join }}" diff --git a/playbook-authelia.yml b/playbook-authelia.yml index 4407e29..628d600 100644 --- a/playbook-authelia.yml +++ b/playbook-authelia.yml @@ -13,7 +13,10 @@ app_owner_uid: 1011 app_owner_gid: 1012 base_dir: "{{ (application_dir, app_name) | path_join }}" + data_dir: "{{ (base_dir, 'data') | path_join }}" config_dir: "{{ (base_dir, 'config') | path_join }}" + backups_dir: "{{ (base_dir, 'backups') | path_join }}" + gobackup_config: "{{ (base_dir, 'gobackup.yml') | path_join }}" tasks: - name: "Create user and environment" @@ -34,7 +37,9 @@ mode: "0700" loop: - "{{ base_dir }}" + - "{{ data_dir }}" - "{{ config_dir }}" + - "{{ backups_dir }}" - name: "Copy users file" ansible.builtin.copy: @@ -44,7 +49,7 @@ group: "{{ app_user }}" mode: "0600" - - name: "Copy configuration files (templates)" + - name: "Copy configuration file" ansible.builtin.template: src: "files/{{ app_name }}/configuration.template.yml" dest: "{{ (config_dir, 'configuration.yml') | path_join }}" @@ -52,6 +57,22 @@ group: "{{ app_user }}" mode: "0600" + - name: "Copy gobackup config" + ansible.builtin.template: + src: "files/{{ app_name }}/gobackup.template.yml" + dest: "{{ gobackup_config }}" + owner: "{{ app_user }}" + group: "{{ app_user }}" + mode: "0640" + + - name: "Copy backup script" + ansible.builtin.template: + src: "files/{{ app_name }}/backup.template.sh" + dest: "{{ (base_dir, 'backup.sh') | path_join }}" + owner: "{{ app_user }}" + group: "{{ app_user }}" + mode: "0750" + - name: "Copy docker compose file" ansible.builtin.template: src: "./files/{{ app_name }}/docker-compose.template.yml"