eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/ansible/roles/borgmatic/defaults/main.yml
Erich Blume f65d11d55b Update BorgBase repo ID after recreation (#144) 
## Summary
- Previous BorgBase repo (k04ljcd7) had corrupted segments from interrupted backup attempts
- Recreated as u3ugi1x1 (same US region, same SSH key, same append-only settings)
- Updates repo path in Ansible defaults and known_hosts hostname in tasks

## Post-merge
1. `mise run provision-indri -- --tags borgmatic`
2. `ssh indri 'mise x -- borgmatic init --encryption repokey --repository borgbase-offsite'`
3. `mise x -- borgmatic create --repository borgbase-offsite --verbosity 1 --progress`

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/144
2026-02-10 13:19:15 -08:00

58 lines
1.8 KiB
YAML
Raw Blame History

---
borgmatic_config: /Users/erichblume/.config/borgmatic/config.yaml
borgmatic_config_dir: /Users/erichblume/.config/borgmatic
borgmatic_log_dir: /Users/erichblume/Library/Logs
# Full path to borg binary since LaunchAgent doesn't have homebrew in PATH
borgmatic_local_path: /opt/homebrew/bin/borg
# Schedule: runs daily at 2:00 AM
borgmatic_schedule_hour: 2
borgmatic_schedule_minute: 0
# Source directories to back up
borgmatic_source_directories:
- /Users/erichblume/code/personal/zk
- /opt/homebrew/var/forgejo
- /Users/erichblume/.config/borgmatic
- /Users/erichblume/Documents
# Backup repositories
borgmatic_repositories:
- path: /Volumes/backups/borg/
label: sifaka-borg-backups
encryption: repokey
append_only: true
- path: ssh://u3ugi1x1@u3ugi1x1.repo.borgbase.com/./repo
label: borgbase-offsite
encryption: repokey
append_only: true
# BorgBase SSH key (fetched from 1Password in playbook pre_tasks)
borgmatic_borgbase_ssh_key_path: /Users/erichblume/.ssh/borgbase_ed25519
# Exclude patterns
borgmatic_exclude_patterns: []
# Encryption passcommand (reads borg passphrase)
borgmatic_encryption_passcommand: cat /Users/erichblume/.borg/config.yaml
# Retention policy
borgmatic_keep_daily: 7
borgmatic_keep_monthly: 12
borgmatic_keep_yearly: 1000
# PostgreSQL databases to backup (streamed via pg_dump)
# Password is read from ~/.pgpass (managed by this role)
# pg_dump_command must be full path since LaunchAgent doesn't have homebrew in PATH
borgmatic_pg_dump_command: /opt/homebrew/opt/postgresql@18/bin/pg_dump
borgmatic_postgresql_databases:
# k8s PostgreSQL (CloudNativePG) via Caddy L4 proxy
- name: miniflux
hostname: pg.ops.eblu.me
port: 5432
username: borgmatic
- name: teslamate
hostname: pg.ops.eblu.me
port: 5432
username: borgmatic
Reference in a new issue View git blame Copy permalink