README.md

@@ -70,12 +70,6 @@ Phrase de passe de chiffrement de la sauvegarde.
 
 *<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
 
-### borgmatic_restore_first
-
-Booléen permettant de restaurer une sauvegarde au déploiement du rôle.
-
-*<span style="text-decoration: underline">Valeur par défaut:</span> `false`*
-
 ## Exemples
 
 ### host_vars/host1.ykn.local

defaults/main.yml

@@ -29,11 +29,5 @@ borgmatic_retention:
   weekly: 4
 
 borgmatic_name: "{{ inventory_hostname }}_{now}"
-borgmatic_compression: lz4
+borgmatic_compression: none
 borgmatic_passphrase: ""
-
-borgmatic_actions: {}
-
-borgmatic_mariadb_enabled: false
-borgmatic_postgresql_enabled: false
-borgmatic_restore_first: false

handlers/main.yml

@@ -3,7 +3,7 @@
 
 - name: Créer le dépôt
   ansible.builtin.command:
-    cmd: borgmatic init --encryption repokey
+    cmd: borg init -e repokey-blake2 {{ item.path }}
   become: true
   loop: "{{ borgmatic_repositories }}"
   register: borg_init
@@ -18,14 +18,14 @@
   ansible.builtin.systemd:
     daemon_reload: true
     enabled: true
-    state: started
+    state: stopped
     name: borgmatic.timer
   become: true
 
-- name: S'assurer que le service est désactivé
+- name: Activer et démarrer le service
   ansible.builtin.systemd:
     daemon_reload: true
     enabled: false
-    state: stopped
+    state: started
     name: borgmatic.service
   become: true

tasks/configuration.yml

@@ -1,36 +1,23 @@
 ---
 # tasks file for borgmatic
 
-- name: Créer la paire de clés
+- name: Déployer la clef privée
-  community.crypto.openssh_keypair:
+  ansible.builtin.copy:
-    path: /etc/borgmatic/id_ed25519 
+    content: "{{ borgmatic_keys.private }}"
-    type: ed25519
+    dest: /etc/borgmatic/id_ed25519
+    owner: root
+    group: root
+    mode: u=rw,g=,o=
   become: true
 
-- name: Récupérer le contenu de la clé publique
+- name: Déployer la clef publique
-  ansible.builtin.slurp:
+  ansible.builtin.copy:
-    src: /etc/borgmatic/id_ed25519.pub
+    content: "{{ borgmatic_keys.public }}"
+    dest: /etc/borgmatic/id_ed25519.pub
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
   become: true
-  register: key
-
-- name: Créer le dépôt
-  ansible.builtin.file:
-    path: "{{ borgmatic_server.repo_path }}/{{ inventory_hostname }}"
-    state: directory
-    owner: "{{ borgmatic_server.user }}"
-    group: "{{ borgmatic_server.group }}"
-    mode: u=rwX,g=rX,o=
-  become: true
-  delegate_to: "{{ borgmatic_server.host }}"
-
-- name: Ajouter la clef publique
-  ansible.posix.authorized_key:
-    user: "{{ borgmatic_server.user }}"
-    state: present
-    key: "{{ key['content'] | b64decode }}"
-    key_options: 'command="cd {{ borgmatic_server.repo_path }}/{{ inventory_hostname }};borg serve --restrict-to-path {{ borgmatic_server.repo_path }}/{{ inventory_hostname }}",restrict'
-  become: true
-  delegate_to: "{{ borgmatic_server.host }}"
 
 - name: Déployer la configuration de SSH
   ansible.builtin.blockinfile:
@@ -40,11 +27,6 @@
     block: |
       {% for repository in borgmatic_repositories %}
       Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
-        Compression yes
-        Protocol 2
-        PreferredAuthentications=publickey 
-        StrictHostKeyChecking no
-        UserKnownHostsFile /dev/null
         IdentityFile /etc/borgmatic/id_ed25519
         IdentitiesOnly yes
       {% endfor %}
@@ -57,7 +39,6 @@
     owner: root
     group: root
     mode: u=rw,g=,o=
-    validate: borgmatic config validate --config %s
   become: true
   notify: Créer le dépôt
 
@@ -69,7 +50,7 @@
     group: root
     mode: u=rw,g=r,o=r
   become: true
-  notify: S'assurer que le service est désactivé
+  notify: Activer et démarrer le service
 
 - name: Déployer le service et la planification
   ansible.builtin.template:

tasks/installation.yml

@@ -1,46 +1,27 @@
 ---
 # tasks file for borgmatic
 
-- name: Installer les prérequis
+- name: Installer python3-pip
   ansible.builtin.apt:
+    name: python3-pip
     state: latest
-    name:
-      - pipx
-      - build-essential
-      - libacl1-dev
-      - libacl1
-      - libb2-dev
-      - liblz4-dev
-      - libssl-dev
-      - libxxhash-dev
-      - libzstd-dev
-      - pkg-config
-      - python3
-      - python3-dev
-      - python3-pkgconfig
   become: true
 
-- name: Installer les paquets
+- name: Installer borgbackup
-  community.general.pipx:
+  ansible.builtin.apt:
+    name: borgbackup
     state: latest
-    name: "{{ item }}"
+    default_release: "{{ borgmatic_distribution_release }}-backports"
-    install_deps: true
-    include_injected: true
   become: true
-  environment:
-    PIPX_HOME: /opt/pipx
-    PIPX_BIN_DIR: /usr/local/bin
-  loop:
-    - borgbackup
-    - borgmatic
 
-- name: S'assurer que les paquets sont inclus dans le path
+- name: Installer le paquet avec pip
-  ansible.builtin.command:
+  ansible.builtin.pip:
-    cmd: pipx ensurepath
+    name: borgmatic
+    state: latest
   become: true
 
 - name: Créer l'exemple de configuration
   ansible.builtin.command:
-    cmd: borgmatic config generate
+    cmd: generate-borgmatic-config
     creates: /etc/borgmatic/config.yaml
   become: true

tasks/main.yml

@@ -6,6 +6,3 @@
 
 - name: Importer les tâches de configuration
   ansible.builtin.import_tasks: configuration.yml
-
-- name: Importer les tâches de restauration
-  ansible.builtin.import_tasks: restore.yml

tasks/restore.yml

@@ -1,10 +0,0 @@
----
-# tasks file for borgmatic
-
-- name: Restaurer la sauvegarde la plus récente la sauvegarde la plus récente
-  ansible.builtin.command:
-    cmd: borgmatic extract --archive latest --path {{ directory }}
-    chdir: "{{ directory }}"
-    removes: "{{ directory }}"
-  when: borgmatic_restore_first
-  loop: "{{ borgmatic_source_directories }}"

templates/borgmatic.service.j2

@@ -1,5 +1,3 @@
-# {{ ansible_managed }}
-
 [Unit]
 Description=borgmatic backup
 Wants=network-online.target

templates/borgmatic.timer.j2

@@ -1,5 +1,3 @@
-# {{ ansible_managed }}
-
 [Unit]
 Description=Run borgmatic backup
 

templates/config.yaml.j2

@@ -1,5 +1,4 @@
 ---
-# {{ ansible_managed }}
 
 repositories:
 {% for repository in borgmatic_repositories %}
@@ -7,65 +6,36 @@ repositories:
     path: {{ repository.path }}
 {% endfor %}
 
-{% if borgmatic_exclude_patterns | length > 0 %}
 exclude_patterns:
 {% for pattern in borgmatic_exclude_patterns %}
   - {{ pattern }}
 {% endfor %}
-{% endif %}
 
-{% if borgmatic_source_directories | length > 0%}
 source_directories:
 {% for directory in borgmatic_source_directories %}
   - {{ directory }}
 {% endfor %}
-{% endif %}
 
 archive_name_format: {{ borgmatic_name }}
 compression: {{ borgmatic_compression }}
 encryption_passphrase: {{ borgmatic_passphrase }}
 
-checks:
+consistency:
+  checks:
 {% for check in borgmatic_checks %}
-  - name: {{ check.name }}
+    - name: {{ check.name }}
-    frequency: {{ check.frequency }}
+      frequency: {{ check.frequency }}
 {% endfor %}
 
-healthchecks:
+hooks:
-  ping_url: {{ borgmatic_healthchecks }}
+  healthchecks:
-  send_logs: false
+    ping_url: {{ borgmatic_healthchecks }}
-#  states:
+    send_logs: false
-#    - finish
+    states:
-#    - fail
+      - finish
+      - fail
 
-{% if borgmatic_retention | length > 0 %}
+retention:
-{% for param, value in  borgmatic_retention.items() %}
+  keep_daily: {{ borgmatic_retention.daily }}
-keep_{{ param }}: {{ value }}
+  keep_monthly: {{ borgmatic_retention.monthly }}
-{% endfor %}
+  keep_weekly: {{ borgmatic_retention.weekly }}
-{% endif %}
-
-{% if borgmatic_actions | length > 0 %}
-{% for param, values in borgmatic_actions.items() %}
-{{ param }}:
-{% for value in values %}
-  - {{ value }}
-{% endfor %}
-{% endfor %}
-{% endif %}
-
-{% if borgmatic_mariadb_enabled %}
-mariadb_databases:
-  - name: all
-    format: sql
-    add_drop_database: true
-{% endif %}
-
-{% if borgmatic_postgresql_enabled %}
-postgresql_databases:
-  - name: all
-    username: postgres
-    format: plain
-    pg_dump_command: sudo -u postgres pg_dump
-    pg_restore_command: sudo -u postgres pg_restore
-    psql_command: sudo -u postgres psql
-{% endif %}