ansible-role-borg/tasks/server.yml

---
- name: Create borg group on server
  group:
    name: borg
    system: yes

- name: Create borg user on server
  user:
    name: borg
    group: borg
    shell: /bin/sh
    home: /srv/borg
    createhome: yes
    system: yes
    password: '*'

- name: Ensure borg directories exist on server
  file:
    state: directory
    path: "{{ item }}"
    owner: borg
    mode: 0700
  loop:
    - /srv/borg
    - /srv/borg/.ssh
    - /srv/borg/repos

- name: deploy borg authorized_keys
  template:
    dest: /srv/borg/.ssh/authorized_keys
    src: authorized_keys
    owner: borg
    mode: 0400
...
Added borg backup role 2019-07-09 11:45:03 +02:00			`---`
			`- name: Create borg group on server`
			`group:`
			`name: borg`
			`system: yes`

			`- name: Create borg user on server`
			`user:`
			`name: borg`
Revitalized the borg role 2021-02-11 19:10:38 +01:00			`group: borg`
Added borg backup role 2019-07-09 11:45:03 +02:00			`shell: /bin/sh`
			`home: /srv/borg`
			`createhome: yes`
			`system: yes`
Fixed borg server account for Alpine Linux The locked account set a password as '!' which prevents login with ssh keys on only Alpine Linux. Setting the hashed password to '*' still prevents ssh login with passwords but no longer blocks ssh keys. 2021-08-14 15:00:43 +02:00			`password: '*'`
Added borg backup role 2019-07-09 11:45:03 +02:00
			`- name: Ensure borg directories exist on server`
			`file:`
			`state: directory`
			`path: "{{ item }}"`
			`owner: borg`
			`mode: 0700`
			`loop:`
			`- /srv/borg`
			`- /srv/borg/.ssh`
			`- /srv/borg/repos`
Fixed authorized_keys configuration drift, and change repo directory from hostname to fqdn 2022-07-05 21:15:26 +02:00
			`- name: deploy borg authorized_keys`
			`template:`
			`dest: /srv/borg/.ssh/authorized_keys`
			`src: authorized_keys`
			`owner: borg`
			`mode: 0400`
Added borg backup role 2019-07-09 11:45:03 +02:00			`...`