Nyxmon Restore Role

Restores a Nyxmon deployment from archives produced by nyxmon_backup.

Disposition

nyxmon_restore is deprecated. Echoport is the preferred operator path for routine Nyxmon restores. This role is retained for compatibility with existing playbooks and legacy/manual workflows.

Features

  • Automatically selects the latest archive (or a named archive) under /opt/backups/nyxmon.

  • Validates metadata.yml and manifest.sha256, checks disk space, and supports dry-run verification.

  • Creates a safety snapshot of /home/nyxmon/site before applying changes for quick manual rollback.

  • Stops both nyxmon.service and nyxmon-monitor.service, restores SQLite/database/config/media/logs, and optionally systemd + Traefik files.

  • Restarts services, runs Django + SQLite checks, and probes the HTTP endpoint before cleaning up staging/safety directories.

  • Uses a top-level block/always flow for cleanup, while the restore phase itself uses block/rescue to reapply the safety snapshot on failure.

Requirements

  • Root/become privileges on the host.

  • Backup archives generated by nyxmon_backup.

  • Tools: tar, rsync, sqlite3, sha256sum.

Key Variables

nyxmon_restore_archive: latest
nyxmon_restore_archive_search_root: /opt/backups/nyxmon
nyxmon_restore_validate_checksums: true
nyxmon_restore_dry_run: false
nyxmon_restore_create_safety_backup: true
nyxmon_restore_cleanup_safety_backup: true
nyxmon_restore_verify_http: true
nyxmon_restore_health_url: http://127.0.0.1:10017/admin/login/
nyxmon_restore_dirs:
  - { name: media,  src: media,  dest: /home/nyxmon/site/media,      optional: false }
  - { name: static, src: static, dest: /home/nyxmon/site/staticfiles, optional: true }
  - { name: cache,  src: cache,  dest: /home/nyxmon/site/cache,      optional: true }
  - { name: logs,   src: logs,   dest: /home/nyxmon/logs,            optional: true }

Archives are restored from nyxmon_restore_archive_search_root on the target host. The older nyxmon_restore_local_cache compatibility variable still exists in defaults, but this role’s current flow does not fetch archives from the controller.

Example Playbook

- name: Restore Nyxmon from the latest backup
  hosts: macmini
  become: true
  roles:
    - role: local.ops_library.nyxmon_restore
      vars:
        nyxmon_restore_archive: latest