feat: Configure server
This commit is contained in:
parent
9d4a7bfb44
commit
2efe5128f2
@ -29,7 +29,7 @@ borgmatic_retention:
|
|||||||
weekly: 4
|
weekly: 4
|
||||||
|
|
||||||
borgmatic_name: "{{ inventory_hostname }}_{now}"
|
borgmatic_name: "{{ inventory_hostname }}_{now}"
|
||||||
borgmatic_compression: none
|
borgmatic_compression: lz4
|
||||||
borgmatic_passphrase: ""
|
borgmatic_passphrase: ""
|
||||||
|
|
||||||
borgmatic_actions: {}
|
borgmatic_actions: {}
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
- name: Créer le dépôt
|
- name: Créer le dépôt
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: sudo borgmatic init --encryption repokey
|
cmd: borgmatic init --encryption repokey
|
||||||
become: true
|
become: true
|
||||||
loop: "{{ borgmatic_repositories }}"
|
loop: "{{ borgmatic_repositories }}"
|
||||||
register: borg_init
|
register: borg_init
|
||||||
|
@ -1,23 +1,36 @@
|
|||||||
---
|
---
|
||||||
# tasks file for borgmatic
|
# tasks file for borgmatic
|
||||||
|
|
||||||
- name: Déployer la clef privée
|
- name: Créer la paire de clés
|
||||||
ansible.builtin.copy:
|
community.crypto.openssh_keypair:
|
||||||
content: "{{ borgmatic_keys.private }}"
|
path: /etc/borgmatic/id_ed25519
|
||||||
dest: /etc/borgmatic/id_ed25519
|
type: ed25519
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rw,g=,o=
|
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
- name: Déployer la clef publique
|
- name: Récupérer le contenu de la clé publique
|
||||||
ansible.builtin.copy:
|
ansible.builtin.slurp:
|
||||||
content: "{{ borgmatic_keys.public }}"
|
src: /etc/borgmatic/id_ed25519.pub
|
||||||
dest: /etc/borgmatic/id_ed25519.pub
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rw,g=r,o=r
|
|
||||||
become: true
|
become: true
|
||||||
|
register: key
|
||||||
|
|
||||||
|
- name: Créer le dépôt
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ borgmatic_server.repo_path }}/{{ inventory_hostname }}"
|
||||||
|
state: directory
|
||||||
|
user: "{{ borgmatic_server.user }}"
|
||||||
|
group: "{{ borgmatic_server.group }}"
|
||||||
|
mode: u=rwX,g=rX,o=
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ borgmatic_server.host }}"
|
||||||
|
|
||||||
|
- name: Ajouter la clef publique
|
||||||
|
ansible.posix.authorized_key:
|
||||||
|
user: "{{ borgmatic_server.repo_path }}"
|
||||||
|
state: present
|
||||||
|
key: "{{ key['content'] | b64decode }}"
|
||||||
|
key_options: 'command="cd {{ borgmatic_server.repo_path }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgmatic_server.repo_path }}/{{ inventory_hostname }}",restrict'
|
||||||
|
become: true
|
||||||
|
delegate_to: "{{ borgmatic_server.host }}"
|
||||||
|
|
||||||
- name: Déployer la configuration de SSH
|
- name: Déployer la configuration de SSH
|
||||||
ansible.builtin.blockinfile:
|
ansible.builtin.blockinfile:
|
||||||
|
Loading…
Reference in New Issue
Block a user