diff --git a/README.md b/README.md
index 6a58849..53f7d63 100644
--- a/README.md
+++ b/README.md
@@ -70,12 +70,6 @@ Phrase de passe de chiffrement de la sauvegarde.
*Valeur par défaut: aucune*
-### borgmatic_ssh_command
-
-Commande SSH utilisée pour la sauvegarde.
-
-*Valeur par défaut: `ssh -i /etc/borgmatic/id_ed25519`*
-
## Exemples
### host_vars/host1.ykn.local
diff --git a/defaults/main.yml b/defaults/main.yml
index b320026..9ddef30 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -23,4 +23,3 @@ borgmatic_retention:
borgmatic_name: "{{ inventory_hostname }}_{now}"
borgmatic_compression: none
borgmatic_passphrase: ""
-borgmatic_ssh_command: ssh -i /etc/borgmatic/id_ed25519
diff --git a/handlers/main.yml b/handlers/main.yml
index dbada13..c3fb423 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,7 +3,7 @@
- name: Créer le dépôt
ansible.builtin.command:
- cmd: borgmatic init --encryption repokey
+ cmd: borgmatic init --encryption repokey-blake2
become: true
- name: Activer la planification
diff --git a/tasks/configuration.yml b/tasks/configuration.yml
index b13b1d1..6edc4a8 100644
--- a/tasks/configuration.yml
+++ b/tasks/configuration.yml
@@ -19,6 +19,19 @@
mode: u=rw,g=r,o=r
become: true
+- name: Déployer la configuration de SSH
+ ansible.builtin.blockinfile:
+ path: /root/.ssh/config
+ create: true
+ marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
+ block: |
+ {% for repository in borgmatic_repositories %}
+ Host {{ repository | split('@') | last | split('/') | first }}
+ IdentityFile /etc/borgmatic/id_ed25519
+ IdentitiesOnly yes
+ {% endfor %}
+ become: true
+
- name: Déployer la configuration
ansible.builtin.template:
src: config.yaml.j2
diff --git a/templates/config.yaml.j2 b/templates/config.yaml.j2
index 76b909f..7646025 100644
--- a/templates/config.yaml.j2
+++ b/templates/config.yaml.j2
@@ -22,4 +22,3 @@ storage:
archive_name_format: {{ borgmatic_name }}
compression: {{ borgmatic_compression }}
encryption_passphrase: {{ borgmatic_passphrase }}
- ssh_command: {{ borgmatic_ssh_command }}