110 lines
2.8 KiB
YAML
110 lines
2.8 KiB
YAML
---
|
|
# tasks file for borgmatic
|
|
#
|
|
- name: Récupérer le chemin complet du binaire
|
|
ansible.builtin.command:
|
|
cmd: which borgmatic
|
|
become: true
|
|
register: which_borgmatic
|
|
|
|
- name: Créer l'exemple de configuration
|
|
ansible.builtin.command:
|
|
argv:
|
|
- "{{ which_borgmatic.stdout }}"
|
|
- config
|
|
- generate
|
|
- --destination
|
|
- "{{ borgmatic_conf_path }}/config.yaml"
|
|
creates: "{{ borgmatic_conf_path }}/config.yaml"
|
|
become: true
|
|
|
|
- name: Créer la paire de clés
|
|
community.crypto.openssh_keypair:
|
|
path: "{{ borgmatic_conf_path }}/id_ed25519"
|
|
comment: borgmatic@{{ inventory_hostname }}
|
|
type: ed25519
|
|
become: true
|
|
|
|
- name: Récupérer le contenu de la clé publique
|
|
ansible.builtin.slurp:
|
|
src: "{{ borgmatic_conf_path }}/id_ed25519.pub"
|
|
become: true
|
|
register: id_ed25519
|
|
|
|
- name: Import task to manage borgwarehouse repository
|
|
ansible.builtin.import_tasks:
|
|
file: configuration_borgwarehouse.yml
|
|
when: borgmatic_borgwarehouse_url | length > 0
|
|
|
|
- name: Import task to manage borgserver repository
|
|
ansible.builtin.import_tasks:
|
|
file: configuration_borgserver.yml
|
|
when: borgmatic_server | length > 0
|
|
|
|
- name: Déployer la configuration de SSH
|
|
ansible.builtin.blockinfile:
|
|
path: /root/.ssh/config
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=
|
|
create: true
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
|
|
block: |
|
|
{% for repository in borgmatic_repositories %}
|
|
Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
|
|
Compression yes
|
|
Protocol 2
|
|
PreferredAuthentications=publickey
|
|
StrictHostKeyChecking no
|
|
UserKnownHostsFile /dev/null
|
|
IdentityFile {{ borgmatic_conf_path }}/id_ed25519
|
|
IdentitiesOnly yes
|
|
{% endfor %}
|
|
become: true
|
|
|
|
- name: Déployer la configuration
|
|
ansible.builtin.template:
|
|
src: config.yaml.j2
|
|
dest: "{{ borgmatic_conf_path }}/config.yaml"
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
validate: borgmatic config validate --config %s
|
|
become: true
|
|
notify:
|
|
- Initialize repository
|
|
- Restore repository
|
|
|
|
- name: Déployer le service
|
|
ansible.builtin.template:
|
|
src: borgmatic.service.j2
|
|
dest: /etc/systemd/system/borgmatic.service
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
|
|
- name: S'assurer que le service est désactivé
|
|
ansible.builtin.systemd:
|
|
enabled: false
|
|
state: stopped
|
|
name: borgmatic.service
|
|
become: true
|
|
|
|
- name: Déployer le service et la planification
|
|
ansible.builtin.template:
|
|
src: borgmatic.timer.j2
|
|
dest: /etc/systemd/system/borgmatic.timer
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
|
|
- name: Activer la planification
|
|
ansible.builtin.systemd:
|
|
daemon_reload: true
|
|
enabled: true
|
|
state: started
|
|
name: borgmatic.timer
|
|
become: true
|