110 lines
2.8 KiB
YAML
110 lines
2.8 KiB
YAML
---
|
|
# tasks file for borgmatic
|
|
#
|
|
- name: Get path to borgmatic
|
|
ansible.builtin.command:
|
|
cmd: which borgmatic
|
|
become: true
|
|
register: which_borgmatic
|
|
|
|
- name: Create configuration example
|
|
ansible.builtin.command:
|
|
argv:
|
|
- "{{ which_borgmatic.stdout }}"
|
|
- config
|
|
- generate
|
|
- --destination
|
|
- "{{ borgmatic_conf_path }}/config.yaml"
|
|
creates: "{{ borgmatic_conf_path }}/config.yaml"
|
|
become: true
|
|
|
|
- name: Create keys pair
|
|
community.crypto.openssh_keypair:
|
|
path: "{{ borgmatic_conf_path }}/id_ed25519"
|
|
comment: borgmatic@{{ inventory_hostname }}
|
|
type: ed25519
|
|
become: true
|
|
|
|
- name: Get public key content
|
|
ansible.builtin.slurp:
|
|
src: "{{ borgmatic_conf_path }}/id_ed25519.pub"
|
|
become: true
|
|
register: id_ed25519
|
|
|
|
- name: Import task to manage borgwarehouse repository
|
|
ansible.builtin.import_tasks:
|
|
file: configuration_borgwarehouse.yml
|
|
when: borgmatic_borgwarehouse_url | length > 0
|
|
|
|
- name: Import task to manage borgserver repository
|
|
ansible.builtin.import_tasks:
|
|
file: configuration_borgserver.yml
|
|
when: borgmatic_server | length > 0
|
|
|
|
- name: Deploy ssh configuration
|
|
ansible.builtin.blockinfile:
|
|
path: /root/.ssh/config
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=
|
|
create: true
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK for role_borgmatic"
|
|
block: |
|
|
{% for repository in borgmatic_repositories %}
|
|
Host {{ repository.path | ansible.builtin.urlsplit('hostname') }}
|
|
Compression yes
|
|
Protocol 2
|
|
PreferredAuthentications=publickey
|
|
StrictHostKeyChecking no
|
|
UserKnownHostsFile /dev/null
|
|
IdentityFile {{ borgmatic_conf_path }}/id_ed25519
|
|
IdentitiesOnly yes
|
|
{% endfor %}
|
|
become: true
|
|
|
|
- name: Deploy borgmatic configuration
|
|
ansible.builtin.template:
|
|
src: config.yaml.j2
|
|
dest: "{{ borgmatic_conf_path }}/config.yaml"
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
validate: borgmatic config validate --config %s
|
|
become: true
|
|
notify:
|
|
- Initialize repository
|
|
- Restore repository
|
|
|
|
- name: Deploy borgmatic.service
|
|
ansible.builtin.template:
|
|
src: borgmatic.service.j2
|
|
dest: /etc/systemd/system/borgmatic.service
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
|
|
- name: Ensure borgmatic.service is disabled
|
|
ansible.builtin.systemd:
|
|
enabled: false
|
|
state: stopped
|
|
name: borgmatic.service
|
|
become: true
|
|
|
|
- name: Deploy borgmatic.timer
|
|
ansible.builtin.template:
|
|
src: borgmatic.timer.j2
|
|
dest: /etc/systemd/system/borgmatic.timer
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=r,o=r
|
|
become: true
|
|
|
|
- name: Enable and start borgmatic.service
|
|
ansible.builtin.systemd:
|
|
daemon_reload: true
|
|
enabled: true
|
|
state: started
|
|
name: borgmatic.timer
|
|
become: true
|