homelab_automation/ansible/playbooks/backup-proxmox-config.yml

---
- name: Backup Serveurs Proxmox Configuration files
  hosts: role_proxmox
  become: true
  gather_facts: true
  vars:
    category: backup
    subcategory: configuration
    backup_dir: /mnt/pve/SHARE_PROXMOX/backups
    hostname: "{{ ansible_hostname }}"
    timestamp: "{{ ansible_date_time.iso8601_basic_short }}"
    backup_files_common:
      - /etc/hostname
      - /etc/hosts
      - /etc/passwd
      - /etc/group
      - /etc/shadow
      - /etc/sudoers
      - /etc/ssh/sshd_config
  tasks:
    - name: Ensure backup root directory exists
      ansible.builtin.file:
        path: "{{ backup_dir }}"
        state: directory
        mode: '0755'

    - name: Ensure host-specific backup directory exists
      ansible.builtin.file:
        path: "{{ backup_dir }}/{{ hostname }}"
        state: directory
        mode: '0700'

    - name: Backup /etc essential configuration files
      ansible.builtin.archive:
         path: "{{ backup_files_common }}"
         dest: "{{ backup_dir }}/{{ hostname }}/etc_backup_{{ timestamp }}.tar.gz"
         format: gz
      ignore_errors: true

    - name: Get root crontab
      ansible.builtin.command: crontab -l
      register: root_crontab
      failed_when: false
      changed_when: false

    - name: Save root crontab to file
      ansible.builtin.copy:
         dest: "{{ backup_dir }}/{{ hostname }}/crontab_{{ timestamp }}.txt"
         content: "{{ root_crontab.stdout | default('No crontab') }}"
         mode: '0600'

    - name: Export installed packages list
      ansible.builtin.shell: |
         {% if ansible_os_family == 'Debian' %}
         dpkg --get-selections > {{ backup_dir }}/{{ hostname }}/packages_{{ timestamp }}.txt
         {% elif ansible_os_family == 'RedHat' %}
         rpm -qa > {{ backup_dir }}/{{ hostname }}/packages_{{ timestamp }}.txt
         {% else %}
         echo "Package export not implemented for {{ ansible_os_family }}" > {{ backup_dir }}/{{ hostname }}/packages_{{ timestamp }}.txt
         {% endif %}
      args:
        executable: /bin/bash
      changed_when: false

    - name: List backup files
      ansible.builtin.find:
        paths: "{{ backup_dir }}/{{ hostname }}"
        patterns: "*{{ timestamp }}*"
      register: backup_files

    - name: Display backup summary
      ansible.builtin.debug:
        msg: |
          Backup completed for {{ inventory_hostname }}
          Files created: {{ backup_files.files | map(attribute='path') | list }}