feat: Configure server

This commit is contained in:
pulsar89.5 2024-06-17 16:55:26 +02:00
parent 9d4a7bfb44
commit 71ee811bf9
3 changed files with 29 additions and 16 deletions

View File

@ -29,7 +29,7 @@ borgmatic_retention:
weekly: 4
borgmatic_name: "{{ inventory_hostname }}_{now}"
borgmatic_compression: none
borgmatic_compression: lz4
borgmatic_passphrase: ""
borgmatic_actions: {}

View File

@ -3,7 +3,7 @@
- name: Créer le dépôt
ansible.builtin.command:
cmd: sudo borgmatic init --encryption repokey
cmd: borgmatic init --encryption repokey
become: true
loop: "{{ borgmatic_repositories }}"
register: borg_init

View File

@ -1,23 +1,36 @@
---
# tasks file for borgmatic
- name: Déployer la clef privée
ansible.builtin.copy:
content: "{{ borgmatic_keys.private }}"
dest: /etc/borgmatic/id_ed25519
owner: root
group: root
mode: u=rw,g=,o=
- name: Créer la paire de clés
community.crypto.openssh_keypair:
path: /etc/borgmatic/id_ed25519
type: ed25519
become: true
- name: Déployer la clef publique
ansible.builtin.copy:
content: "{{ borgmatic_keys.public }}"
dest: /etc/borgmatic/id_ed25519.pub
owner: root
group: root
mode: u=rw,g=r,o=r
- name: Récupérer le contenu de la clé publique
ansible.builtin.slurp:
src: /etc/borgmatic/id_ed25519.pub
become: true
register: key
- name: Créer le dépôt
ansible.builtin.file:
path: "{{ borgmatic_server.repo_path }}/{{ inventory_hostname }}"
state: directory
owner: "{{ borgmatic_server.user }}"
group: "{{ borgmatic_server.group }}"
mode: u=rwX,g=rX,o=
become: true
delegate_to: "{{ borgmatic_server.host }}"
- name: Ajouter la clef publique
ansible.posix.authorized_key:
user: "{{ borgmatic_server.repo_path }}"
state: present
key: "{{ key['content'] | b64decode }}"
key_options: 'command="cd {{ borgmatic_server.repo_path }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgmatic_server.repo_path }}/{{ inventory_hostname }}",restrict'
become: true
delegate_to: "{{ borgmatic_server.host }}"
- name: Déployer la configuration de SSH
ansible.builtin.blockinfile: