KASM-1921 Create playbook for backing up the kasm database

.gitignore

@@ -0,0 +1 @@
+backup/

README.md

@@ -106,3 +106,23 @@ In the examples `restart_kasm.yml` can be substituted for `start_kasm.yml` or `s
     If you only want to run it against hosts in the 'db' group for example you can run the following:
 
     `ansible-playbook -u [username] -l db -i inventory restart_kasm.yml`
+
+## Kasm Database Backup playbook
+
+This playbook can be used to backup the Kasm Workspaces database to a location on the Database server specified by `remote_backup_dir` and optionally to a location on the ansible server specified by `local_backup_dir`. Backups older than `retention_days` are automatically cleaned up.
+
+### Ansible Configuration
+
+1. Open `roles/backup_db/vars/main.yml` and update variables if desired.
+
+2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles. 
+
+3. Run the playbook.
+
+    `ansible-playbook -Kk -u [username] -i inventory backup_db.yml`
+
+    Ansible will prompt you for the ssh password and sudo password (will almost always be the same password).
+
+    Or, if you have ssh keys copied over to your servers and have NOPASSWD in sudoers you can just run.
+
+    `ansible-playbook -u [username] -i inventory backup_db.yml`

backup_db.yml

@@ -0,0 +1,5 @@
+- hosts:
+    - db
+  roles:
+    - backup_db
+ 

roles/backup_db/files/backup.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+# $1 is the backup directory
+# $2 is the retention period in days
+
+set -ex
+
+
+
+if [ -z "$1" ] ; then
+    echo "FATAL: Missing output dir argument"
+    exit 1
+else
+    OUTPUT_DIR=$1
+fi
+
+if [ ! -d $OUTPUT_DIR ]; then
+    echo "FATAL: Cannot find dir $OUTPUT_DIR"
+    exit 1
+fi
+
+if [ -z "$2" ] ; then
+    echo "FATAL: Missing retention period argument"
+    exit 1
+else
+    RETENTION_DAYS=$2
+fi
+
+mkdir -p $OUTPUT_DIR/$HOSTNAME
+
+docker exec kasm_db /bin/bash -c "pg_dump -U kasmapp -w -Ft --exclude-table-data=logs kasm | gzip > /tmp/db_backup.tar.gz"
+
+DATE=`date "+%Y%m%d_%H.%M.%S"`
+OUTPUT_FILE=$OUTPUT_DIR/$HOSTNAME/kasm_db_backup_${HOSTNAME}_${DATE}.tar.gz
+
+# Copy the backup locally
+docker cp kasm_db:/tmp/db_backup.tar.gz $OUTPUT_FILE
+
+# Delete files older than 10 days
+find $OUTPUT_DIR/$HOSTNAME -name *.tar.gz -mtime +"$RETENTION_DAYS" -type f -delete
+
+echo "Database backed up to:"
+echo "$OUTPUT_FILE"

roles/backup_db/tasks/main.yml

@@ -0,0 +1,21 @@
+- name: Ensure backup directory exists
+  file:
+    path: "{{ remote_backup_dir }}"
+    state: directory
+  become: true
+
+- name: Backup database
+  script: "files/backup.sh {{ remote_backup_dir }} {{ retention_days }}"
+  register: backup_output
+  become: true
+
+# Pull the remote backup file from stdout of the backup script
+- set_fact:
+    remote_backup: "{{ backup_output.stdout_lines[-1:][0] }}"
+
+- name: Copy database backup to ansible host
+  fetch:
+    src: "{{ remote_backup }}"
+    dest: "{{ local_backup_dir }}"
+    flat: true
+  when: local_backup_dir is defined

roles/backup_db/vars/main.yml

@@ -0,0 +1,8 @@
+# Directory where backups are placed on db server
+remote_backup_dir: /srv/backup/kasm/
+
+# Number of days that logs backups are retained on db host
+retention_days: 10
+
+# If this is uncommented, backups will be copied from remote server to the local ansible host
+#local_backup_dir: backup/