From cab3d045c1e4405182284ff95015c7144563bf38 Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Mon, 22 Feb 2021 21:55:29 +0100 Subject: Simplified and fixed borg role --- tasks/client.yml | 45 ++++++++------------------------------------- 1 file changed, 8 insertions(+), 37 deletions(-) (limited to 'tasks') diff --git a/tasks/client.yml b/tasks/client.yml index 0ae0142..ef28c53 100644 --- a/tasks/client.yml +++ b/tasks/client.yml @@ -15,22 +15,18 @@ authorized_key: user: borg key: "{{ ansible_local.borg.pubkey }}" - key_options: 'command="cd /srv/borg/repos/{{ ansible_hostname }}; borg serve --restrict-to-path /srv/borg/repos/{{ ansible_hostname }}",restrict' + key_options: 'command="borg serve --restrict-to-path /srv/borg/repos/{{ ansible_hostname }}",restrict' delegate_to: "{{ borg_server }}" -- name: create borg client repo directory on server - file: - path: "/srv/borg/repos/{{ ansible_hostname }}" - state: directory - owner: borg - mode: 0700 - delegate_to: "{{ borg_server }}" +- name: make the server known to the client + lineinfile: + line: "{{ borg_server }} ecdsa-sha2-nistp256 {{ hostvars[borg_server]['ansible_ssh_host_key_ecdsa_public'] }}" + path: /root/.ssh/known_hosts + create: yes - name: create borg client repo on server - shell: "echo \"borg init --encryption=none /srv/borg/repos/{{ ansible_hostname }}\" | su -l borg" - delegate_to: "{{ borg_server }}" - args: - creates: "/srv/borg/repos/{{ ansible_hostname }}/config" + shell: "borg init --rsh \"ssh -i /root/.ssh/borg\" --encryption=none borg@{{ borg_server }}:/srv/borg/repos/{{ ansible_hostname }}" + when: hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] is not defined - name: reload ansible_local setup: filter=ansible_local @@ -38,31 +34,6 @@ delegate_facts: True when: hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] is not defined -- name: make the server known to the client - lineinfile: - line: "{{ borg_server }} ecdsa-sha2-nistp256 {{ hostvars[borg_server]['ansible_ssh_host_key_ecdsa_public'] }}" - path: /root/.ssh/known_hosts - create: yes - -- name: make the repo directory on the client - file: - state: directory - path: "/root/.config/borg/security/{{ hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] }}" - owner: root - mode: 0700 - -- name: make the repo known to the client - copy: - dest: "/root/.config/borg/security/{{ hostvars[borg_server]['ansible_local']['borg']['repos'][ansible_hostname] }}/{{ item.dest }}" - content: "{{ item.content }}" - owner: root - mode: 0600 - loop: - - { dest: key-type, content: "2" } - - { dest: location, content: "ssh://borg@{{ borg_server }}/srv/borg/repos/{{ ansible_hostname }}" } - - { dest: manifest-timestamp, content: "{{ ansible_date_time['iso8601_micro'] }}" } - changed_when: false - - name: deploy borg backup script template: dest: /usr/local/bin/adyxax_backup.sh -- cgit v1.2.3