Snapshot System Data

TAG snapshot

Both system and user data is backed up by Bacula. In a disaster recovery situation, we would do a clean install and replace the system and user data from backups after the machine is running. During the install we would end up generating a bunch of keys and certs, perhaps from third parties like LetsEncrypt, that we would then abandon.

If we are reimaging or migrating to a new machine in a pre-planned fashion, we can collect small amounts of unique local system data like certs, host keys, mail passwords, and DKIM keys for use when doing the initial install. This avoids churning the certs and keys. Once the machine is up and running, you can use Bacula to restore the larger volume of user data like the mail spool and web roots.

Use the snapshot tag with site.yml to create a snapshot/<hostname> local directory for each machine. This will contain tarfiles with system data collected from the machine. The various roles in the playbook this directory exists and restores the data if it is present.

After the machine is configured, remove the snapshot directory so that it does not go stale and inadvertantly overwrite good data weeks or months later.

# make snapshot/machine.name directory
$ ansible-playbook -K --ask-vault-pass -i ../myhosts site.yml --tags snapshot

# wipe/rebuild machine

# initialize the new machine
$ ansible-playbook -k --ask-vault-pass -i ../myhosts first.yml
$ ansible-playbook -K --ask-vault-pass -i ../myhosts site.yml

# delete snapshot/machine.name directory