---
# tasks file for borgmatic
#
- name: Get path to borgmatic
  ansible.builtin.command:
    cmd: which borgmatic
  become: true
  register: which_borgmatic

- name: Create configuration example
  ansible.builtin.command:
    argv:
      - "{{ which_borgmatic.stdout }}"
      - config
      - generate
      - --destination
      - "{{ borgmatic_conf_path }}/config.yaml"
    creates: "{{ borgmatic_conf_path }}/config.yaml"
  become: true

- name: Create keys pair
  community.crypto.openssh_keypair:
    path: "{{ borgmatic_conf_path }}/id_ed25519"
    comment: borgmatic@{{ inventory_hostname }}
    type: ed25519
  become: true

- name: Get public key content
  ansible.builtin.slurp:
    src: "{{ borgmatic_conf_path }}/id_ed25519.pub"
  become: true
  register: id_ed25519

- name: Import task to manage borgwarehouse repository
  ansible.builtin.import_tasks:
    file: configuration_borgwarehouse.yml
  when: borgmatic_borgwarehouse_url | length > 0

- name: Import task to manage borgserver repository
  ansible.builtin.import_tasks:
    file: configuration_borgserver.yml
  when: borgmatic_server | length > 0

- name: Deploy ssh configuration
  ansible.builtin.blockinfile:
    path: /root/.ssh/config
    owner: root
    group: root
    mode: u=rw,g=r,o=
    create: true
    marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
    block: |
      {% for repository in borgmatic_repositories %}
      Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
        Compression yes
        Protocol 2
        PreferredAuthentications=publickey
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null
        IdentityFile {{ borgmatic_conf_path }}/id_ed25519
        IdentitiesOnly yes
      {% endfor %}
  become: true

- name: Deploy borgmatic configuration
  ansible.builtin.template:
    src: config.yaml.j2
    dest: "{{ borgmatic_conf_path }}/config.yaml"
    owner: root
    group: root
    mode: u=rw,g=,o=
    validate: borgmatic config validate --config %s
  become: true
  notify:
    - Initialize repository
    - Restore repository

- name: Deploy borgmatic.service
  ansible.builtin.template:
    src: borgmatic.service.j2
    dest: /etc/systemd/system/borgmatic.service
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  become: true

- name: Ensure borgmatic.service is disabled
  ansible.builtin.systemd:
    enabled: false
    state: stopped
    name: borgmatic.service
  become: true

- name: Deploy borgmatic.timer
  ansible.builtin.template:
    src: borgmatic.timer.j2
    dest: /etc/systemd/system/borgmatic.timer
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  become: true

- name: Enable and start borgmatic.service
  ansible.builtin.systemd:
    daemon_reload: true
    enabled: true
    state: started
    name: borgmatic.timer
  become: true