Ansible Role - Backup for simple servers

2 years after

Ansible Role: Backup for Simple Servers

Build Status

Back up Linux servers with a simple Rsync-and-Cron-based solution.


Requires the following to be installed:

  • rsync
  • cron

MySQL or a MySQL-compatible database needs to be installed if you'd like to enable MySQL database backups.

It's also assumed you have a server running somewhere that can accept backup data via Rsync, and on this backup server, you need to install rsync, and configure accounts with SSH authentication that allows this role to deliver backups to a specific directory via SSH.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

backup_cron_job_state: present
backup_hour: "3"
backup_minute: "00"

Controls whether the backup script is called via a managed cron job. You should stagger backup times among servers so your backup server doesn't get a huge influx of data at once.

backup_user: "{{ ansible_ssh_user }}"

User under which backup jobs will run.

backup_home: /home/{{ backup_user }}
backup_path: /home/{{ backup_user }}/backups

Home directory and path to where backups configuration will be stored. Generally speaking, you should use a special backup user account, but you can set this to whatever account has the proper access to the directories you need to back up.

  - /home/{{ backup_user }}/domains
  - /home/{{ backup_user }}/repositories

Directories to back up. {{ backup_user }} must have read access to these dirs. Each directory will be synchronized to the backup server via a separate rsync command in the backup script.

  - .DS_Store
  - cache
  - tmp

Items to exclude from backups. Each item will be added as a new line in an excludes file used by the backup rsync command. Read this article for an explanation of how the --exclude option works.

backup_identifier: id_here
backup_remote_connection: [email protected]

Options to control where the backup is delivered. It's assumed you'll be routing backups to a backup server via SSH. SSH key management and authentication should be managed separately from this role.

backup_remote_base_path: "~/backups"

The full path on the remote backup server where backups will be stored (all backups for each server are inside a directory named by the backup_identifier).

backup_remote_host_name: ''
backup_remote_host_key: ''

Add the remote host key details to ensure the host key is present and there are no SSH connection errors based on the key authentication. Leave blank if you've disabled host key checking or if the host key is already added to the server via some other mechanism.

backup_mysql: true
backup_mysql_user: dbdump
backup_mysql_password: password

Options for backing up MySQL (or MySQL-compatible) databases. Note the ansible_ssh_user used when running this role must be able to add MySQL users for this functionality to be managed by this role.



Example Playbook

- hosts: servers

    backup_identifier: "{{ inventory_hostname|replace('.', '') }}"
    backup_user: "backupuser"
    backup_remote_connection: [email protected]
    backup_hour: "1"
    backup_minute: "15"
    backup_mysql: false
      - /etc/myapp
      - /var/myapp/data
      - /home/myuser

    - geerlingguy.backup



Author Information

This role was created in 2017 by Jeff Geerling, author of Ansible for DevOps.

Related Repositories



Ansible role to backup files, databases ...



:circus_tent: Ansible role for Couchbase Server ...



Ansible role to configure and update a Django project. ...



Ansible role for diaspora* ...



An Ansible role for managing a PostgreSQL ( server ...