diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-26 11:02:22 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-26 11:02:22 +0100 |
commit | 37e93cced23e0ee726309e841b1dac19e9ccdac4 (patch) | |
tree | 8c692652c0a5fdbd0d95510dabd58c95e1805541 /ansible/roles/borg-server/tasks/borg-server.yml | |
parent | 72811f0f48cad07351ab5c5224616383a6920add (diff) | |
download | infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.gz infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.bz2 infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.xz infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.zip |
o Working borg setup.
Diffstat (limited to 'ansible/roles/borg-server/tasks/borg-server.yml')
-rw-r--r-- | ansible/roles/borg-server/tasks/borg-server.yml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/ansible/roles/borg-server/tasks/borg-server.yml b/ansible/roles/borg-server/tasks/borg-server.yml new file mode 100644 index 0000000..253aa4a --- /dev/null +++ b/ansible/roles/borg-server/tasks/borg-server.yml @@ -0,0 +1,30 @@ +- debug: var=groups[borg_server__clients_ansible_group] + +- become: yes + become_user: borg + vars: + clients: "{{ groups[borg_server__clients_ansible_group] }}" + block: + - name: mkdir repos + file: + path: "{{ borg_server__home }}/repos" + state: directory + mode: u=rwx,go= + + - name: mkdir repos/{{ item.key }} + with_items: "{{ clients }}" + command: borg init "{{ item }}" -e none + args: + creates: "{{ borg_server__home }}/repos/{{ item }}" + chdir: "{{ borg_server__home }}/repos" + + - name: authorized_keys + with_items: "{{ clients }}" + vars: + client: "{{hostvars[ansible_hostname]['borg_' + item]}}" + authorized_key: + user: borg + state: "{{ client.state }}" + key: "{{ lookup('file', item + '/etc/borg/id_ed25519.pub') }}" + path: "{{ borg_server__home }}/.ssh/authorized_keys" + key_options: "command=\"cd {{ borg_server__home }}/repos; borg serve --append-only --restrict-to-path {{ borg_server__home }}/repos/{{ item }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc" |