From d0065c98dc528913570146aaf720e84cf497431d Mon Sep 17 00:00:00 2001
From: "pulsar89.5" <pulsar@ykn.fr>
Date: Fri, 26 May 2023 17:20:21 +0200
Subject: [PATCH] [FIX] Configurer le client ssh

---
 README.md                |  6 ------
 defaults/main.yml        |  1 -
 handlers/main.yml        |  2 +-
 tasks/configuration.yml  | 12 ++++++++++++
 templates/config.yaml.j2 |  1 -
 5 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 6a58849..53f7d63 100644
--- a/README.md
+++ b/README.md
@@ -70,12 +70,6 @@ Phrase de passe de chiffrement de la sauvegarde.
 
 *<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
 
-### borgmatic_ssh_command
-
-Commande SSH utilisée pour la sauvegarde.
-
-*<span style="text-decoration: underline">Valeur par défaut:</span> `ssh -i /etc/borgmatic/id_ed25519`*
-
 ## Exemples
 
 ### host_vars/host1.ykn.local
diff --git a/defaults/main.yml b/defaults/main.yml
index b320026..9ddef30 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -23,4 +23,3 @@ borgmatic_retention:
 borgmatic_name: "{{ inventory_hostname }}_{now}"
 borgmatic_compression: none
 borgmatic_passphrase: ""
-borgmatic_ssh_command: ssh -i /etc/borgmatic/id_ed25519
diff --git a/handlers/main.yml b/handlers/main.yml
index dbada13..c3fb423 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,7 +3,7 @@
 
 - name: Créer le dépôt
   ansible.builtin.command:
-    cmd: borgmatic init --encryption repokey
+    cmd: borgmatic init --encryption repokey-blake2
   become: true
 
 - name: Activer la planification
diff --git a/tasks/configuration.yml b/tasks/configuration.yml
index b13b1d1..e5920d5 100644
--- a/tasks/configuration.yml
+++ b/tasks/configuration.yml
@@ -19,6 +19,18 @@
     mode: u=rw,g=r,o=r
   become: true
 
+- name: Déployer la configuration de SSH
+  ansible.builtin.blockinfile:
+    path: /root/.ssh/config
+    marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
+    block: |
+      {% for repository in borgmatic_repositories %}
+      Host {{ repository | split('@') | last | split('/') | first }}
+        IdentityFile /etc/borgmatic/id_ed25519
+        IdentitiesOnly yes
+      {% endfor %}
+  become: true
+
 - name: Déployer la configuration
   ansible.builtin.template:
     src: config.yaml.j2
diff --git a/templates/config.yaml.j2 b/templates/config.yaml.j2
index 76b909f..7646025 100644
--- a/templates/config.yaml.j2
+++ b/templates/config.yaml.j2
@@ -22,4 +22,3 @@ storage:
   archive_name_format: {{ borgmatic_name }}
   compression: {{ borgmatic_compression }}
   encryption_passphrase: {{ borgmatic_passphrase }}
-  ssh_command: {{ borgmatic_ssh_command }}