diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2019-05-15 13:58:42 +0200 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2019-08-08 09:03:00 +0200 |
commit | 030305fc22b16851935de4dc52f912c550bdbd09 (patch) | |
tree | 3153888a7d1b63468194f0e8334ffbf4ef63dbea /ansible/roles/borg-target/tasks/main.yml | |
parent | 4bd33c6a46f57f8a830042795cfaa68ef91963a9 (diff) | |
download | infra-030305fc22b16851935de4dc52f912c550bdbd09.tar.gz infra-030305fc22b16851935de4dc52f912c550bdbd09.tar.bz2 infra-030305fc22b16851935de4dc52f912c550bdbd09.tar.xz infra-030305fc22b16851935de4dc52f912c550bdbd09.zip |
o New borg.
Diffstat (limited to 'ansible/roles/borg-target/tasks/main.yml')
-rw-r--r-- | ansible/roles/borg-target/tasks/main.yml | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/ansible/roles/borg-target/tasks/main.yml b/ansible/roles/borg-target/tasks/main.yml new file mode 100644 index 0000000..c3b8693 --- /dev/null +++ b/ansible/roles/borg-target/tasks/main.yml @@ -0,0 +1,62 @@ +- name: Install packages + tags: packages + apt: + name: + - borgbackup + install_recommends: no + +- name: Create unix group + become: yes + group: + name: "{{ borg_target__group }}" + system: yes + +- name: Create unix user + become: yes + user: + name: "{{ borg_target__user }}" + group: "{{ borg_target__group }}" + shell: "{{ borg_target__shell }}" + home: "{{ borg_target__home }}" + system: yes + +- name: mkdir repos + file: + path: "{{ borg_target__home }}/repos" + state: directory + mode: u=rwx,go= + owner: "{{ borg_target__user }}" + group: "{{ borg_target__group }}" + +- with_dict: "{{ borg_target__clients }}" + file: + path: "{{ borg_target__home }}/repos/{{ item.key }}" + state: directory + +- include_tasks: borg-init.yml + with_dict: "{{ borg_target__clients }}" + loop_control: + loop_var: client + +- file: + path: "{{ borg_target__home }}/.ssh" + state: directory + mode: u=rx,go= + owner: "{{ borg_target__user }}" + group: "{{ borg_target__group }}" + +- name: authorized_keys + tags: xxx + copy: + dest: "{{ borg_target__home }}/.ssh/authorized_keys" + content: | + tilde={{ '~borg' | expanduser }} + {% for client, config in borg_target__clients.items() %} + {% set state=config.state | default('present') %} + # Client: {{ client }}, state={{state}} + {% if state == 'present' %} + {% set key=lookup('file', 'borg/' + client + '/ssh-key.pub') %} + command="cd {{ borg_target__home }}/repos && borg serve --append-only{% for r in config.repos %} --restrict-to-repository {{ client }}/{{ r }}{% endfor %}",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc {{ key }} + {% endif %} + {% endfor %} +# " |