fix: Add dependance for new version

README.md

@@ -70,6 +70,12 @@ Phrase de passe de chiffrement de la sauvegarde.
 
 *<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
 
+### borgmatic_restore_first
+
+Booléen permettant de restaurer une sauvegarde au déploiement du rôle.
+
+*<span style="text-decoration: underline">Valeur par défaut:</span> `false`*
+
 ## Exemples
 
 ### host_vars/host1.ykn.local

defaults/main.yml

@@ -29,5 +29,11 @@ borgmatic_retention:
   weekly: 4
 
 borgmatic_name: "{{ inventory_hostname }}_{now}"
-borgmatic_compression: none
+borgmatic_compression: lz4
 borgmatic_passphrase: ""
+
+borgmatic_actions: {}
+
+borgmatic_mariadb_enabled: false
+borgmatic_postgresql_enabled: false
+borgmatic_restore_first: false

handlers/main.yml

@@ -3,7 +3,7 @@
 
 - name: Créer le dépôt
   ansible.builtin.command:
-    cmd: borg init -e repokey-blake2 {{ item.path }}
+    cmd: borgmatic init --encryption repokey
   become: true
   loop: "{{ borgmatic_repositories }}"
   register: borg_init
@@ -18,14 +18,14 @@
   ansible.builtin.systemd:
     daemon_reload: true
     enabled: true
-    state: stopped
+    state: started
     name: borgmatic.timer
   become: true
 
-- name: Activer et démarrer le service
+- name: S'assurer que le service est désactivé
   ansible.builtin.systemd:
     daemon_reload: true
     enabled: false
-    state: started
+    state: stopped
     name: borgmatic.service
   become: true

tasks/configuration.yml

@@ -1,23 +1,36 @@
 ---
 # tasks file for borgmatic
 
-- name: Déployer la clef privée
+- name: Créer la paire de clés
-  ansible.builtin.copy:
+  community.crypto.openssh_keypair:
-    content: "{{ borgmatic_keys.private }}"
+    path: /etc/borgmatic/id_ed25519 
-    dest: /etc/borgmatic/id_ed25519
+    type: ed25519
-    owner: root
-    group: root
-    mode: u=rw,g=,o=
   become: true
 
-- name: Déployer la clef publique
+- name: Récupérer le contenu de la clé publique
-  ansible.builtin.copy:
+  ansible.builtin.slurp:
-    content: "{{ borgmatic_keys.public }}"
+    src: /etc/borgmatic/id_ed25519.pub
-    dest: /etc/borgmatic/id_ed25519.pub
-    owner: root
-    group: root
-    mode: u=rw,g=r,o=r
   become: true
+  register: key
+
+- name: Créer le dépôt
+  ansible.builtin.file:
+    path: "{{ borgmatic_server.repo_path }}/{{ inventory_hostname }}"
+    state: directory
+    owner: "{{ borgmatic_server.user }}"
+    group: "{{ borgmatic_server.group }}"
+    mode: u=rwX,g=rX,o=
+  become: true
+  delegate_to: "{{ borgmatic_server.host }}"
+
+- name: Ajouter la clef publique
+  ansible.posix.authorized_key:
+    user: "{{ borgmatic_server.user }}"
+    state: present
+    key: "{{ key['content'] | b64decode }}"
+    key_options: 'command="cd {{ borgmatic_server.repo_path }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgmatic_server.repo_path }}/{{ inventory_hostname }}",restrict'
+  become: true
+  delegate_to: "{{ borgmatic_server.host }}"
 
 - name: Déployer la configuration de SSH
   ansible.builtin.blockinfile:
@@ -27,6 +40,11 @@
     block: |
       {% for repository in borgmatic_repositories %}
       Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
+        Compression yes
+        Protocol 2
+        PreferredAuthentications=publickey 
+        StrictHostKeyChecking no
+        UserKnownHostsFile /dev/null
         IdentityFile /etc/borgmatic/id_ed25519
         IdentitiesOnly yes
       {% endfor %}
@@ -39,6 +57,7 @@
     owner: root
     group: root
     mode: u=rw,g=,o=
+    validate: borgmatic config validate --config %s
   become: true
   notify: Créer le dépôt
 
@@ -50,7 +69,7 @@
     group: root
     mode: u=rw,g=r,o=r
   become: true
-  notify: Activer et démarrer le service
+  notify: S'assurer que le service est désactivé
 
 - name: Déployer le service et la planification
   ansible.builtin.template:

tasks/installation.yml

@@ -1,27 +1,46 @@
 ---
 # tasks file for borgmatic
 
-- name: Installer python3-pip
+- name: Installer les prérequis
   ansible.builtin.apt:
-    name: python3-pip
     state: latest
+    name:
+      - pipx
+      - build-essential
+      - libacl1-dev
+      - libacl1
+      - libb2-dev
+      - liblz4-dev
+      - libssl-dev
+      - libxxhash-dev
+      - libzstd-dev
+      - pkg-config
+      - python3
+      - python3-dev
+      - python3-pkgconfig
   become: true
 
-- name: Installer borgbackup
+- name: Installer les paquets
-  ansible.builtin.apt:
+  community.general.pipx:
-    name: borgbackup
     state: latest
-    default_release: "{{ borgmatic_distribution_release }}-backports"
+    name: "{{ item }}"
+    install_deps: true
+    include_injected: true
   become: true
+  environment:
+    PIPX_HOME: /opt/pipx
+    PIPX_BIN_DIR: /usr/local/bin
+  loop:
+    - borgbackup
+    - borgmatic
 
-- name: Installer le paquet avec pip
+- name: S'assurer que les paquets sont inclus dans le path
-  ansible.builtin.pip:
+  ansible.builtin.command:
-    name: borgmatic
+    cmd: pipx ensurepath
-    state: latest
   become: true
 
 - name: Créer l'exemple de configuration
   ansible.builtin.command:
-    cmd: generate-borgmatic-config
+    cmd: borgmatic config generate
     creates: /etc/borgmatic/config.yaml
   become: true

tasks/main.yml

@@ -6,3 +6,6 @@
 
 - name: Importer les tâches de configuration
   ansible.builtin.import_tasks: configuration.yml
+
+- name: Importer les tâches de restauration
+  ansible.builtin.import_tasks: restore.yml

tasks/restore.yml

@@ -0,0 +1,10 @@
+---
+# tasks file for borgmatic
+
+- name: Restaurer la sauvegarde la plus récente la sauvegarde la plus récente
+  ansible.builtin.command:
+    cmd: borgmatic extract --archive latest --path {{ directory }}
+    chdir: "{{ directory }}"
+    removes: "{{ directory }}"
+  when: borgmatic_restore_first
+  loop: "{{ borgmatic_source_directories }}"

templates/borgmatic.service.j2

@@ -1,3 +1,5 @@
+# {{ ansible_managed }}
+
 [Unit]
 Description=borgmatic backup
 Wants=network-online.target

templates/borgmatic.timer.j2

@@ -1,3 +1,5 @@
+# {{ ansible_managed }}
+
 [Unit]
 Description=Run borgmatic backup
 

templates/config.yaml.j2

@@ -1,4 +1,5 @@
 ---
+# {{ ansible_managed }}
 
 repositories:
 {% for repository in borgmatic_repositories %}
@@ -6,36 +7,65 @@ repositories:
     path: {{ repository.path }}
 {% endfor %}
 
+{% if borgmatic_exclude_patterns | length > 0 %}
 exclude_patterns:
 {% for pattern in borgmatic_exclude_patterns %}
   - {{ pattern }}
 {% endfor %}
+{% endif %}
 
+{% if borgmatic_source_directories | length > 0%}
 source_directories:
 {% for directory in borgmatic_source_directories %}
   - {{ directory }}
 {% endfor %}
+{% endif %}
 
 archive_name_format: {{ borgmatic_name }}
 compression: {{ borgmatic_compression }}
 encryption_passphrase: {{ borgmatic_passphrase }}
 
-consistency:
+checks:
-  checks:
 {% for check in borgmatic_checks %}
-    - name: {{ check.name }}
+  - name: {{ check.name }}
-      frequency: {{ check.frequency }}
+    frequency: {{ check.frequency }}
 {% endfor %}
 
-hooks:
+healthchecks:
-  healthchecks:
+  ping_url: {{ borgmatic_healthchecks }}
-    ping_url: {{ borgmatic_healthchecks }}
+  send_logs: false
-    send_logs: false
+#  states:
-    states:
+#    - finish
-      - finish
+#    - fail
-      - fail
 
-retention:
+{% if borgmatic_retention | length > 0 %}
-  keep_daily: {{ borgmatic_retention.daily }}
+{% for param, value in  borgmatic_retention.items() %}
-  keep_monthly: {{ borgmatic_retention.monthly }}
+keep_{{ param }}: {{ value }}
-  keep_weekly: {{ borgmatic_retention.weekly }}
+{% endfor %}
+{% endif %}
+
+{% if borgmatic_actions | length > 0 %}
+{% for param, values in borgmatic_actions.items() %}
+{{ param }}:
+{% for value in values %}
+  - {{ value }}
+{% endfor %}
+{% endfor %}
+{% endif %}
+
+{% if borgmatic_mariadb_enabled %}
+mariadb_databases:
+  - name: all
+    format: sql
+    add_drop_database: true
+{% endif %}
+
+{% if borgmatic_postgresql_enabled %}
+postgresql_databases:
+  - name: all
+    username: postgres
+    format: plain
+    pg_dump_command: sudo -u postgres pg_dump
+    pg_restore_command: sudo -u postgres pg_restore
+    psql_command: sudo -u postgres psql
+{% endif %}