70 lines
1.8 KiB
YAML
70 lines
1.8 KiB
YAML
---
|
|
# tasks file for borgmatic
|
|
|
|
- name: Déployer la clef privée
|
|
ansible.builtin.copy:
|
|
content: "{{ borgmatic_keys.private }}"
|
|
dest: /etc/borgmatic/id_ed25519
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
become: true
|
|
|
|
- name: Déployer la clef publique
|
|
ansible.builtin.copy:
|
|
content: "{{ borgmatic_keys.public }}"
|
|
dest: /etc/borgmatic/id_ed25519.pub
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
|
|
- name: Déployer la configuration de SSH
|
|
ansible.builtin.blockinfile:
|
|
path: /root/.ssh/config
|
|
create: true
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
|
|
block: |
|
|
{% for repository in borgmatic_repositories %}
|
|
Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
|
|
Compression yes
|
|
Protocol 2
|
|
PreferredAuthentications=publickey
|
|
StrictHostKeyChecking no
|
|
UserKnownHostsFile /dev/null
|
|
IdentityFile /etc/borgmatic/id_ed25519
|
|
IdentitiesOnly yes
|
|
{% endfor %}
|
|
become: true
|
|
|
|
- name: Déployer la configuration
|
|
ansible.builtin.template:
|
|
src: config.yaml.j2
|
|
dest: /etc/borgmatic/config.yaml
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
validate: borgmatic config validate --config %s
|
|
become: true
|
|
notify: Créer le dépôt
|
|
|
|
- name: Déployer le service
|
|
ansible.builtin.template:
|
|
src: borgmatic.service.j2
|
|
dest: /etc/systemd/system/borgmatic.service
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
notify: Activer et démarrer le service
|
|
|
|
- name: Déployer le service et la planification
|
|
ansible.builtin.template:
|
|
src: borgmatic.timer.j2
|
|
dest: /etc/systemd/system/borgmatic.timer
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
notify: Activer la planification
|