feat: Configure server

This commit is contained in:
pulsar89.5 2024-06-17 16:55:26 +02:00
parent 9d4a7bfb44
commit f76dcff4f2
2 changed files with 28 additions and 15 deletions

View File

@ -29,7 +29,7 @@ borgmatic_retention:
weekly: 4 weekly: 4
borgmatic_name: "{{ inventory_hostname }}_{now}" borgmatic_name: "{{ inventory_hostname }}_{now}"
borgmatic_compression: none borgmatic_compression: lz4
borgmatic_passphrase: "" borgmatic_passphrase: ""
borgmatic_actions: {} borgmatic_actions: {}

View File

@ -1,23 +1,36 @@
--- ---
# tasks file for borgmatic # tasks file for borgmatic
- name: Déployer la clef privée - name: Créer la paire de clés
ansible.builtin.copy: community.crypto.openssh_keypair:
content: "{{ borgmatic_keys.private }}" path: /etc/borgmatic/id_ed25519
dest: /etc/borgmatic/id_ed25519 type: ed25519
owner: root
group: root
mode: u=rw,g=,o=
become: true become: true
- name: Déployer la clef publique - name: Récupérer le contenu de la clé publique
ansible.builtin.copy: ansible.builtin.slurp:
content: "{{ borgmatic_keys.public }}" src: /etc/borgmatic/id_ed25519.pub
dest: /etc/borgmatic/id_ed25519.pub
owner: root
group: root
mode: u=rw,g=r,o=r
become: true become: true
register: key
- name: Créer le dépôt
ansible.builtin.file:
path: "{{ borgmatic_server.repo_path }}/{{ inventory_hostname }}"
state: directory
user: "{{ borgmatic_server.user }}"
group: "{{ borgmatic_server.group }}"
mode: u=rwX,g=rX,o=
become: true
delegate_to: "{{ borgmatic_server.host }}"
- name: Ajouter la clef publique
ansible.posix.authorized_key:
user: "{{ borgmatic_server.repo_path }}"
state: present
key: "{{ key['content'] | b64decode }}"
key_options: 'command="cd {{ borgmatic_server.repo_path }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgmatic_server.repo_path }}/{{ inventory_hostname }}",restrict'
become: true
delegate_to: "{{ borgmatic_server.host }}"
- name: Déployer la configuration de SSH - name: Déployer la configuration de SSH
ansible.builtin.blockinfile: ansible.builtin.blockinfile: