99 lines
3.3 KiB
YAML
99 lines
3.3 KiB
YAML
---
|
|
# Backs up a running Appwrite instance per the official backup guide:
|
|
# https://appwrite.io/docs/advanced/self-hosting/production/backups
|
|
#
|
|
# What is backed up:
|
|
# - MariaDB: mysqldump (--single-transaction, consistent without downtime)
|
|
# - Docker volumes: all data volumes (tar.gz, requires service stop)
|
|
# - .env file
|
|
#
|
|
# Backup is written to: {{ appwrite_backup_root }}/YYYYMMDDTHHMMSS/
|
|
#
|
|
# Required vars (from inventory):
|
|
# appwrite_dir - e.g. /home/ptoal/appwrite
|
|
#
|
|
# Optional vars:
|
|
# appwrite_backup_root - destination parent dir (default: /var/backups/appwrite)
|
|
# appwrite_compose_project - compose project name (default: basename of appwrite_dir)
|
|
|
|
- name: Backup Appwrite
|
|
hosts: appwrite
|
|
gather_facts: true
|
|
become: true
|
|
|
|
vars:
|
|
_compose_project: "{{ appwrite_compose_project | default(appwrite_dir | basename) }}"
|
|
backup_root: "{{ appwrite_backup_root | default('/var/backups/appwrite') }}"
|
|
backup_dir: "{{ backup_root }}/{{ ansible_date_time.iso8601_basic_short }}"
|
|
# appwrite-mariadb volume excluded — covered by the mysqldump below.
|
|
# appwrite-cache and appwrite-redis are transient but included for
|
|
# completeness; they are safe to omit if backup size is a concern.
|
|
appwrite_volumes:
|
|
- appwrite-uploads
|
|
- appwrite-functions
|
|
- appwrite-builds
|
|
- appwrite-sites
|
|
- appwrite-certificates
|
|
- appwrite-config
|
|
- appwrite-cache
|
|
- appwrite-redis
|
|
|
|
tasks:
|
|
- name: Create backup directory
|
|
ansible.builtin.file:
|
|
path: "{{ backup_dir }}"
|
|
state: directory
|
|
mode: '0700'
|
|
|
|
- name: Dump MariaDB
|
|
# --single-transaction gives a consistent InnoDB snapshot without locking.
|
|
# Runs while the service is still up so docker compose exec is available.
|
|
ansible.builtin.shell:
|
|
cmd: >
|
|
docker compose exec -T mariadb
|
|
sh -c 'exec mysqldump --all-databases --add-drop-database
|
|
--single-transaction --routines --triggers
|
|
-uroot -p"$MYSQL_ROOT_PASSWORD"'
|
|
> {{ backup_dir }}/mariadb-dump.sql
|
|
chdir: "{{ appwrite_dir }}"
|
|
changed_when: true
|
|
|
|
- name: Stop, back up volumes, and restart
|
|
block:
|
|
- name: Stop Appwrite service
|
|
ansible.builtin.systemd:
|
|
name: appwrite
|
|
state: stopped
|
|
|
|
- name: Back up Docker volumes
|
|
ansible.builtin.command:
|
|
cmd: >
|
|
docker run --rm
|
|
-v {{ _compose_project }}_{{ item }}:/data
|
|
-v {{ backup_dir }}:/backup
|
|
ubuntu tar czf /backup/{{ item }}.tar.gz -C /data .
|
|
loop: "{{ appwrite_volumes }}"
|
|
changed_when: true
|
|
|
|
- name: Back up .env
|
|
ansible.builtin.copy:
|
|
src: "{{ appwrite_dir }}/.env"
|
|
dest: "{{ backup_dir }}/.env"
|
|
remote_src: true
|
|
mode: '0600'
|
|
|
|
rescue:
|
|
- name: Notify that backup failed
|
|
ansible.builtin.debug:
|
|
msg: "Backup failed — Appwrite will be restarted. Check {{ backup_dir }} for partial output."
|
|
|
|
always:
|
|
- name: Ensure Appwrite service is started
|
|
ansible.builtin.systemd:
|
|
name: appwrite
|
|
state: started
|
|
|
|
- name: Report backup location
|
|
ansible.builtin.debug:
|
|
msg: "Backup written to {{ backup_dir }}"
|