diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-26 11:02:22 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2018-12-26 11:02:22 +0100 |
commit | 37e93cced23e0ee726309e841b1dac19e9ccdac4 (patch) | |
tree | 8c692652c0a5fdbd0d95510dabd58c95e1805541 /ansible/roles/borg-server | |
parent | 72811f0f48cad07351ab5c5224616383a6920add (diff) | |
download | infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.gz infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.bz2 infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.tar.xz infra-37e93cced23e0ee726309e841b1dac19e9ccdac4.zip |
o Working borg setup.
Diffstat (limited to 'ansible/roles/borg-server')
-rw-r--r-- | ansible/roles/borg-server/defaults/main.yml | 2 | ||||
-rw-r--r-- | ansible/roles/borg-server/tasks/borg-server.yml | 30 | ||||
-rw-r--r-- | ansible/roles/borg-server/tasks/main.yml | 43 |
3 files changed, 55 insertions, 20 deletions
diff --git a/ansible/roles/borg-server/defaults/main.yml b/ansible/roles/borg-server/defaults/main.yml new file mode 100644 index 0000000..8d25395 --- /dev/null +++ b/ansible/roles/borg-server/defaults/main.yml @@ -0,0 +1,2 @@ +borg_server__home: /borg +borg_server__shell: /bin/bash diff --git a/ansible/roles/borg-server/tasks/borg-server.yml b/ansible/roles/borg-server/tasks/borg-server.yml new file mode 100644 index 0000000..253aa4a --- /dev/null +++ b/ansible/roles/borg-server/tasks/borg-server.yml @@ -0,0 +1,30 @@ +- debug: var=groups[borg_server__clients_ansible_group] + +- become: yes + become_user: borg + vars: + clients: "{{ groups[borg_server__clients_ansible_group] }}" + block: + - name: mkdir repos + file: + path: "{{ borg_server__home }}/repos" + state: directory + mode: u=rwx,go= + + - name: mkdir repos/{{ item.key }} + with_items: "{{ clients }}" + command: borg init "{{ item }}" -e none + args: + creates: "{{ borg_server__home }}/repos/{{ item }}" + chdir: "{{ borg_server__home }}/repos" + + - name: authorized_keys + with_items: "{{ clients }}" + vars: + client: "{{hostvars[ansible_hostname]['borg_' + item]}}" + authorized_key: + user: borg + state: "{{ client.state }}" + key: "{{ lookup('file', item + '/etc/borg/id_ed25519.pub') }}" + path: "{{ borg_server__home }}/.ssh/authorized_keys" + key_options: "command=\"cd {{ borg_server__home }}/repos; borg serve --append-only --restrict-to-path {{ borg_server__home }}/repos/{{ item }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc" diff --git a/ansible/roles/borg-server/tasks/main.yml b/ansible/roles/borg-server/tasks/main.yml index 9ef5635..c975803 100644 --- a/ansible/roles/borg-server/tasks/main.yml +++ b/ansible/roles/borg-server/tasks/main.yml @@ -1,23 +1,26 @@ -- name: authorized_keys - with_dict: "{{ borg_clients }}" - authorized_key: - user: borg - manage_dir: False - state: "{{ item.value.state }}" - key: "{{ borg_ssh_keys[item.key].public }}" - path: "{{ borg_basedir }}/.ssh/authorized_keys2" - key_options: "command=\"cd {{ borg_basedir }}/repos; borg serve --append-only --restrict-to-path {{ borg_basedir }}/repos/{{ item.key }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc" +- name: packages + tags: borg-server + become: yes + apt: + name: "{{ items }}" + install_recommends: no + vars: + items: + - borgbackup -- name: mkdir repos - file: - path: "{{ borg_basedir }}/repos" - state: directory - mode: u=rwx,go= - owner: borg +- name: Create unix group + become: yes + group: + name: borg + system: yes + +- name: Create unix user + become: yes + user: + name: borg + system: yes group: borg + shell: "{{ borg_server__shell }}" + home: "{{ borg_server__home }}" -#- name: mkdir repos/{{ item.key }} -# with_dict: "{{ borg_clients }}" -# file: -# path: "{{ borg_basedir }}/repos" -# state: directory +- import_tasks: borg-server.yml |