homelab-ansible/playbooks/maintenance/setup-pg-backup.yml

- name: Setup hourly Postgres backup
  hosts: prod_services
  become: true
  vars:
    backup_path: /mnt/backups/server_postgres_prod
    pg_container: postgres_main
    pg_password: password
    script_path: /usr/local/bin/pg_backup.sh

  tasks:
    - name: Mount the backup share to the VM
      ansible.builtin.include_role:
        role: util/mount_nfs
      vars:
        mount_to: "/mnt/backups"
        share: "backups"

    - name: Create the backup script
      ansible.builtin.copy:
        dest: "{{ script_path }}"
        mode: '0755'
        content: |
          #!/bin/bash
          BACKUP_FILE_NAME="pg_backup_$(date +%F_%H-%M-%S).sql"
          BACKUP_PATH="{{ backup_path }}"
          echo "Running pg_dumpall"
          docker exec -t {{ pg_container }} bash -c 'PGPASSWORD={{ pg_password }} pg_dumpall -U postgres' > "$BACKUP_PATH/$BACKUP_FILE_NAME"
          echo "Compressing the backup"
          gzip "$BACKUP_PATH/$BACKUP_FILE_NAME"
          # 3 days = 72 hours = 4320 minutes
          echo "Deleting backups older than 72 hours"
          find "$BACKUP_PATH" -type f -name "*.sql.gz" -mmin +4320 -print -delete

    - name: Add logrotate config for pg_backup
      ansible.builtin.copy:
        dest: /etc/logrotate.d/pg_backup
        owner: root
        group: root
        mode: '0644'
        content: |
          /var/log/pg_backup.log {
              daily
              rotate 7
              compress
              missingok
              notifempty
              create 0644 root root
          }



    - name: Set up hourly cron job for postgres backup
      ansible.builtin.cron:
        name: "Hourly Postgres Backup"
        job: "{{ script_path }} >> /var/log/pg_backup.log 2>&1"
        minute: "0"