configure backups and s3 upload for dev db

Signed-off-by: Jakub Sokołowski <jakub@status.im>

ansible/group_vars/db.dev.yml

@@ -26,3 +26,13 @@ mongodb_users:
 mongodb_replication_replset: ""
 mongodb_security_keyfile: ""
 mongodb_oplog_users: []
+
+# backups auth
+mongodb_backup_db_name: '{{ mongodb_users[0].database }}'
+mongodb_backup_db_user: '{{ mongodb_users[0].name }}'
+mongodb_backup_db_pass: '{{ mongodb_users[0].password }}'
+
+# backup uploads to S3
+mongodb_backup_bucket_name: 's3://dev-dap-ps-mongodb-backups'
+mongodb_backup_access_key: '{{lookup("passwordstore", "cloud/aws/s3/mongodb-backups/access-key")}}'
+mongodb_backup_secret_key: '{{lookup("passwordstore", "cloud/aws/s3/mongodb-backups/secret-key")}}'

ansible/main.yml

@@ -1,9 +1,10 @@
 ---
 - name: Configure MongoDB
-  hosts: db.dev
+  hosts: mongodb
   roles:
-    - mongodb-firewall
-    - mongodb
+    #- mongodb
+    #- mongodb-firewall
+    - mongodb-backups
   post_tasks:
     - name: MongoDB URI string
       debug:

ansible/roles/mongodb-backups/README.md

@@ -0,0 +1,3 @@
+# Description
+
+This role configures a cron job for making MongoDB dumps and uploading them to S3.

ansible/roles/mongodb-backups/defaults/main.yml

@@ -0,0 +1,18 @@
+---
+# path for mongodump backups
+mongodb_backup_path: '/var/tmp/backups/mongodb'
+mongodb_backup_file_prefix: '{{ mongodb_backup_db_name | replace("-", "_") }}'
+mongodb_backup_script: '/var/lib/backups/{{ mongodb_backup_db_name | replace("-", "_") }}_dump.sh'
+mongodb_backup_frequency: daily
+
+# db auth
+mongodb_backup_db_name: ~
+mongodb_backup_db_user: ~
+mongodb_backup_db_pass: ~
+mongodb_backup_db_addr: 'localhost'
+mongodb_backup_db_port: 27017
+
+# s3 auth
+mongodb_backup_bucket_name: ~
+mongodb_backup_access_key: ~
+mongodb_backup_secret_key: ~

ansible/roles/mongodb-backups/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: Save iptables rules
+  shell: iptables-save > /etc/iptables/rules.v4

ansible/roles/mongodb-backups/tasks/main.yml

@@ -0,0 +1,50 @@
+---
+- name: MongoDB | Create directores for DB dumps
+  file:
+    path: '{{ item }}'
+    state: directory
+    group: adm
+    mode: 0775
+  with_items:
+    - '/var/lib/backups'
+    - '{{ mongodb_backup_path }}'
+
+- name: MongoDB | Create DB dump script
+  copy:
+    dest: '{{ mongodb_backup_script }}'
+    content: |
+      #!/usr/bin/env bash
+      TSTAMP=$(date -u +%Y%m%d%H%M%S)
+      BKP_DIR={{ mongodb_backup_path }}
+      mongodump \
+        --verbose \
+        --host={{ mongodb_backup_db_addr | mandatory }} \
+        --port={{ mongodb_backup_db_port | mandatory }} \
+        --username={{ mongodb_backup_db_user | mandatory }} \
+        --password={{ mongodb_backup_db_pass | mandatory }} \
+        --db={{ mongodb_backup_db_name | mandatory }} \
+        --authenticationDatabase={{ mongodb_backup_db_name | mandatory }} \
+        --out=${BKP_DIR}/{{ mongodb_backup_file_prefix }}_dump_${TSTAMP}.bson
+    group: adm
+    mode: 0750
+
+- name: MongoDB | Configure DB dump cron job
+  cron:
+    name: MongoDB Dump
+    special_time: '{{ mongodb_backup_frequency }}'
+    user: root
+    job: '{{ mongodb_backup_script }}'
+
+- name: MongoDB | Configure S3 upload cron job
+  include_role:
+    name: s3cmd-backup
+  vars:
+    backup_name: mongodb-backups
+    backup_number: 1
+    backup_hour: 4
+    backup_day: '*'
+    backup_directory: '/var/tmp/backups'
+    backup_base_domain: 's3.amazonaws.com'
+    backup_bucket_name: '{{ mongodb_backup_bucket_name | mandatory }}'
+    backup_access_key: '{{ mongodb_backup_access_key | mandatory }}'
+    backup_secret_key: '{{ mongodb_backup_secret_key | mandatory }}'