initial commit, here be dragons
This commit is contained in:
17
roles/borg/tasks/create_borg-id.yml
Normal file
17
roles/borg/tasks/create_borg-id.yml
Normal file
@@ -0,0 +1,17 @@
|
||||
---
|
||||
- name: Create new borg ID ssh keyfiles
|
||||
community.crypto.openssh_keypair:
|
||||
path: "/root/.ssh/borg-id"
|
||||
type: ed25519
|
||||
comment: "{{ inventory_hostname }} borg backup key"
|
||||
become: true
|
||||
register: public_key
|
||||
|
||||
- name: Show key info message
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Please authorize the following public key to your borg backup server:"
|
||||
- "---"
|
||||
- "{{ public_key }}"
|
||||
- "---"
|
||||
- "##### ATTENTION: Until this key is registered no backups will work! #####"
|
||||
80
roles/borg/tasks/main.yml
Normal file
80
roles/borg/tasks/main.yml
Normal file
@@ -0,0 +1,80 @@
|
||||
---
|
||||
|
||||
- name: Set facts
|
||||
ansible.builtin.set_fact:
|
||||
# renovate: datasource=github-releases depName=borgbackup/borg
|
||||
borg_version: "1.1.16"
|
||||
# renovate: datasource=pypi depName=borgmatic
|
||||
borgmatic_version: "1.5.12"
|
||||
|
||||
- name: Install borg
|
||||
ansible.builtin.get_url:
|
||||
url: "https://github.com/borgbackup/borg/releases/download/{{ borg_version }}/borg-linux64"
|
||||
dest: "/usr/local/bin/borg"
|
||||
mode: "ugo=rx"
|
||||
|
||||
- name: Provide borgmatic dependencies to system
|
||||
ansible.builtin.apt:
|
||||
name: "{{ packages }}"
|
||||
update_cache: yes
|
||||
state: present
|
||||
vars:
|
||||
packages:
|
||||
- python3
|
||||
- python3-pip
|
||||
|
||||
- name: Provide borgmatic using pip3
|
||||
ansible.builtin.pip:
|
||||
name: "borgmatic=={{ borgmatic_version }}"
|
||||
executable: "pip3"
|
||||
|
||||
- name: Make sure borgmatic config directory exists
|
||||
ansible.builtin.file:
|
||||
path: /etc/borgmatic
|
||||
state: directory
|
||||
mode: "0755"
|
||||
|
||||
- name: Copy borgmatic configuration
|
||||
ansible.builtin.template:
|
||||
src: borgmatic-config.yml.j2
|
||||
dest: /etc/borgmatic/config.yaml
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
validate: validate-borgmatic-config -c %s
|
||||
|
||||
- name: Copy borgmatic systemd service
|
||||
ansible.builtin.copy:
|
||||
src: borgmatic.service
|
||||
dest: /etc/systemd/system/
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
# Causes weird "Attempted to remove disk file system, and we can't allow that." issue.
|
||||
# This might be broken due to https://bugs.launchpad.net/ubuntu-manpage-repository/+bug/1817627
|
||||
#validate: systemd-analyze verify %s
|
||||
|
||||
- name: Copy borgmatic systemd timer
|
||||
ansible.builtin.copy:
|
||||
src: borgmatic.timer
|
||||
dest: /etc/systemd/system/
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
# See previous task
|
||||
#validate: systemd-analyze verify %s
|
||||
|
||||
- name: Activate borgmatic timer
|
||||
ansible.builtin.systemd:
|
||||
name: borgmatic.timer
|
||||
state: started
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
|
||||
- name: Check if borg-id ssh key is already deployed
|
||||
ansible.builtin.stat: { path: /root/.ssh/borg-id }
|
||||
register: borg_id
|
||||
|
||||
- name: Create borg ID ssh key
|
||||
ansible.builtin.include_tasks: create_borg-id.yml
|
||||
when: not borg_id.stat.exists
|
||||
Reference in New Issue
Block a user