restic: Add stack

Adapted from cloudserve-infrastructure, implements a backup stack using restic. The actual backups have to be implemented by individual other roles but this sets up initialization, pruning and checking of a repository.
2025-07-17 21:38:35 +02:00 · 2025-07-17 21:38:35 +02:00 · 86d49a756b
commit 86d49a756b
parent 93876315ca
7 changed files with 146 additions and 0 deletions
--- a/roles/restic/templates/docker-compose.yaml.j2
+++ b/roles/restic/templates/docker-compose.yaml.j2
@ -0,0 +1,36 @@
+services:
+  prune:
+    image: "mazzolino/restic:{{ restic_version }}"
+    hostname: docker
+    environment:
+      - "TZ={{ restic_tz }}"
+      - "SKIP_INIT={{ not restic_auto_init }}"
+      - "RUN_ON_STARTUP=true"
+      - "PRUNE_CRON={{ restic_prune_cron }}"
+      - "RESTIC_FORGET_ARGS={{ restic_forget_args }}"
+      - "RESTIC_REPOSITORY={{ restic_repo }}"
+      - "RESTIC_PASSWORD={{ restic_pass }}"
+      - "AWS_ACCESS_KEY_ID={{ restic_s3_key }}"
+      - "AWS_SECRET_ACCESS_KEY={{ restic_s3_secret }}"
+{% if restic_repo is regex('^/.+') %}
+    volumes:
+      - "{{ restic_repo }}:{{ restic_repo }}"
+{% endif %}
+
+  check:
+    image: "mazzolino/restic:{{ restic_version }}"
+    hostname: docker
+    environment:
+      - "TZ={{ restic_tz }}"
+      - "SKIP_INIT=true" # only run init on one container to avoid race cond
+      - "RUN_ON_STARTUP=false"
+      - "CHECK_CRON={{ restic_check_cron }}"
+      - "RESTIC_CHECK_ARGS={{ restic_check_args }}"
+      - "RESTIC_REPOSITORY={{ restic_repo }}"
+      - "RESTIC_PASSWORD={{ restic_pass }}"
+      - "AWS_ACCESS_KEY_ID={{ restic_s3_key }}"
+      - "AWS_SECRET_ACCESS_KEY={{ restic_s3_secret }}"
+{% if restic_repo is regex('^/.+') %}
+    volumes:
+      - "{{ restic_repo }}:{{ restic_repo }}"
+{% endif %}