WIP: ZFS backup implementation

roles/common/tasks/main.yml

@@ -16,6 +16,7 @@
       - docker-fish-completion
       - docker-compose-fish-completion
       - zfs
+      - zfs-auto-snapshot
     state: latest
     update_cache: yes
   register: apk_installs

roles/common/templates/zfs-send-daily

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+destination_connection=ssh root@truenas.lab.home
+destination_dataset=Mass-Storage-New/Backup
+
+# Wait for zfs-auto-snapshot
+sleep 1
+
+dataset="dock/volumes"
+
+latest_snap=$(zfs list -t snap -Hp -o name -S creation $dataset | head -1 | tr -d '\n')
+
+zfs send $latest_snap | $destination_connection zfs recv -o encry

roles/common/templates/zfsbackup/Dockerfile

@@ -0,0 +1,7 @@
+FROM python:3.10-alpine
+RUN \
+    apk add openssh && \
+    pip install zfs-autobackup && \
+    ln -s /run-backup.sh /etc/periodic/daily/
+COPY ["cron.sh", "run-backup.sh", "/"]
+CMD ["/cron.sh"]

roles/common/templates/zfsbackup/cron.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+set -eu
+
+exec busybox crond -f -l 0 -L /dev/stdout

roles/common/templates/zfsbackup/run-backup.sh

@@ -0,0 +1,29 @@
+#!/bin/sh
+set -eu
+
+echo "running backup job"
+date -Iminutes
+
+if [ ! -d ~/.ssh ]; then echo "error: $(realpath ~/.ssh) directory does not exist"; exit 1; fi
+
+host_ip=$(ip r | head -1 | cut -d' ' -f3 | tr -d '\n')
+host=root@"$host_ip"
+remote=root@truenas.lab.home
+
+if ! ssh -q "$host" exit; then echo "error: not able to ssh into host of container $host"; exit 1; fi
+if ! ssh -q "$remote" exit; then echo "error: not able to ssh into backup remote $remote"; exit 1; fi
+
+hostname=$(ssh "$host" hostname | tr -d '\n')
+remote_dataset=Mass-Storage-New/Backup/$hostname
+zfs_prop_name="nas" # autobackup:nas = true
+
+zfs-autobackup \
+--snapshot-format "{}_%Y-%m-%d_%H-%M_%S" \
+--encrypt \
+--ssh-source "$host" \
+--ssh-target "$remote" \
+"$zfs_prop_name" \
+"$remote_dataset"
+
+echo "ran backup job"
+date -Iminutes