From dac4a98f79fd49c9279bc5d3194b479c233879ee Mon Sep 17 00:00:00 2001
From: Pablo Martin <pablo.martin@superhog.com>
Date: Wed, 2 Jul 2025 17:17:56 +0200
Subject: [PATCH] uptime kuma backups work

---
 ansible/example.inventory.ini                 |  5 +-
 ansible/infra/900_install_rsync.yml           | 11 ++++
 .../backup_uptime_kuma_to_lapy.yml            | 65 +++++++++++++++++++
 .../deploy_uptime_kuma_playbook.yml}          |  9 +--
 .../services/uptime_kuma/uptime_kuma_vars.yml | 20 ++++++
 5 files changed, 103 insertions(+), 7 deletions(-)
 create mode 100644 ansible/infra/900_install_rsync.yml
 create mode 100644 ansible/services/uptime_kuma/backup_uptime_kuma_to_lapy.yml
 rename ansible/services/{uptime_kuma_playbook.yml => uptime_kuma/deploy_uptime_kuma_playbook.yml} (89%)
 create mode 100644 ansible/services/uptime_kuma/uptime_kuma_vars.yml

diff --git a/ansible/example.inventory.ini b/ansible/example.inventory.ini
index 5958a54..f432107 100644
--- a/ansible/example.inventory.ini
+++ b/ansible/example.inventory.ini
@@ -1,2 +1,5 @@
 [vipy]
-your.vps.ip.here ansible_user=counterweight ansible_port=22 ansible_ssh_private_key_file=~/.ssh/your-key
\ No newline at end of file
+your.vps.ip.here ansible_user=counterweight ansible_port=22 ansible_ssh_private_key_file=~/.ssh/your-key
+
+[lapy]
+localhost ansible_connection=local ansible_user=your laptop user
\ No newline at end of file
diff --git a/ansible/infra/900_install_rsync.yml b/ansible/infra/900_install_rsync.yml
new file mode 100644
index 0000000..c0b7318
--- /dev/null
+++ b/ansible/infra/900_install_rsync.yml
@@ -0,0 +1,11 @@
+- name: Install rsync
+  hosts: all
+  vars_files:
+    - ../infra_vars.yml
+  become: true
+
+  tasks:
+    - name: Install rsync
+      apt:
+        name: rsync
+        state: present
\ No newline at end of file
diff --git a/ansible/services/uptime_kuma/backup_uptime_kuma_to_lapy.yml b/ansible/services/uptime_kuma/backup_uptime_kuma_to_lapy.yml
new file mode 100644
index 0000000..5aa5beb
--- /dev/null
+++ b/ansible/services/uptime_kuma/backup_uptime_kuma_to_lapy.yml
@@ -0,0 +1,65 @@
+- name: Configure local backup for Uptime Kuma from remote
+  hosts: lapy
+  gather_facts: no
+  vars_files:
+    - ../../infra_vars.yml
+    - ./uptime_kuma_vars.yml
+  vars:
+    remote_data_path: "{{ uptime_kuma_data_dir }}"
+    local_backup_dir: "{{ lookup('env', 'HOME') }}/uptime-kuma-backups"
+    backup_script_path: "{{ lookup('env', 'HOME') }}/.local/bin/uptime_kuma_backup.sh"
+
+  tasks:
+    - name: Debug remote backup vars
+      debug:
+        msg:
+          - "remote_host={{ remote_host }}"
+          - "remote_user={{ remote_user }}"
+          - "remote_data_path='{{ remote_data_path }}'"
+          - "local_backup_dir={{ local_backup_dir }}"
+
+    - name: Ensure local backup directory exists
+      file:
+        path: "{{ local_backup_dir }}"
+        state: directory
+        mode: '0755'
+
+    - name: Ensure ~/.local/bin exists
+      file:
+        path: "{{ lookup('env', 'HOME') }}/.local/bin"
+        state: directory
+        mode: '0755'
+
+    - name: Create backup script
+      copy:
+        dest: "{{ backup_script_path }}"
+        mode: '0750'
+        content: |
+          #!/bin/bash
+          set -euo pipefail
+
+          TIMESTAMP=$(date +'%Y-%m-%d')
+          BACKUP_DIR="{{ local_backup_dir }}/$TIMESTAMP"
+          mkdir -p "$BACKUP_DIR"
+
+          {% if remote_key_file %}
+          SSH_CMD="ssh -i {{ remote_key_file }} -p {{ hostvars[remote_host]['ansible_port'] | default(22) }}"
+          {% else %}
+          SSH_CMD="ssh -p {{ hostvars[remote_host]['ansible_port'] | default(22) }}"
+          {% endif %}
+
+          rsync -az -e "$SSH_CMD" --delete {{ remote_user }}@{{ remote_host }}:{{ remote_data_path }}/ "$BACKUP_DIR/"
+
+          # Rotate old backups (keep 14 days)
+          find "{{ local_backup_dir }}" -maxdepth 1 -type d -name '20*' -mtime +13 -exec rm -rf {} \;
+
+    - name: Ensure cronjob for backup exists
+      cron:
+        name: "Uptime Kuma backup"
+        user: "{{ lookup('env', 'USER') }}"
+        job: "{{ backup_script_path }}"
+        minute: 0
+        hour: "9,12,15,18"
+
+    - name: Run the backup script to make the first backup
+      command: "{{ backup_script_path }}"
diff --git a/ansible/services/uptime_kuma_playbook.yml b/ansible/services/uptime_kuma/deploy_uptime_kuma_playbook.yml
similarity index 89%
rename from ansible/services/uptime_kuma_playbook.yml
rename to ansible/services/uptime_kuma/deploy_uptime_kuma_playbook.yml
index c2eff16..f7fe4b9 100644
--- a/ansible/services/uptime_kuma_playbook.yml
+++ b/ansible/services/uptime_kuma/deploy_uptime_kuma_playbook.yml
@@ -2,13 +2,10 @@
   hosts: vipy
   become: yes
   vars_files:
-  - ../infra_vars.yml
+  - ../../infra_vars.yml
+  - ./uptime_kuma_vars.yml
   vars:
-    uptime_kuma_dir: /opt/uptime-kuma
-    uptime_kuma_port: 3001
-    caddy_sites_dir: /etc/caddy/sites-enabled
-    subdomain: uptime
-    uptime_kuma_domain: "{{ subdomain }}.{{ root_domain }}"
+    uptime_kuma_domain: "{{ uptime_kuma_subdomain }}.{{ root_domain }}"
 
   tasks:
     - name: Create uptime kuma directory
diff --git a/ansible/services/uptime_kuma/uptime_kuma_vars.yml b/ansible/services/uptime_kuma/uptime_kuma_vars.yml
new file mode 100644
index 0000000..9b41e82
--- /dev/null
+++ b/ansible/services/uptime_kuma/uptime_kuma_vars.yml
@@ -0,0 +1,20 @@
+# General
+uptime_kuma_dir: /opt/uptime-kuma
+uptime_kuma_data_dir: "{{ uptime_kuma_dir }}/data"
+uptime_kuma_port: 3001
+
+# Caddy
+caddy_sites_dir: /etc/caddy/sites-enabled
+uptime_kuma_subdomain: uptime
+
+# Remote access
+remote_host: "{{ groups['vipy'][0] }}"
+remote_user: "{{ hostvars[remote_host]['ansible_user'] }}"
+remote_key_file: "{{ hostvars[remote_host]['ansible_ssh_private_key_file'] | default('') }}"
+
+# Local backup
+local_backup_dir: "{{ lookup('env', 'HOME') }}/uptime-kuma-backups"
+backup_script_path: "{{ lookup('env', 'HOME') }}/.local/bin/uptime_kuma_backup.sh"
+
+# Encryption
+pgp_recipient: "your-gpg-id@example.com"  # Replace this with your actual GPG email or ID