aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2018-09-08 18:50:09 +0200
committerTrygve Laugstøl <trygvis@inamo.no>2018-09-08 18:50:09 +0200
commit4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0 (patch)
tree2283c968c58e3ea61f3abf58c10e08662087a140 /ansible/roles
parentc1fe8d9551e337031e5a5d62224779b389872ea3 (diff)
downloadinfra-4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0.tar.gz
infra-4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0.tar.bz2
infra-4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0.tar.xz
infra-4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0.zip
o Borg wip.
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/borg-client/tasks/main.yml8
-rw-r--r--ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup5
-rw-r--r--ansible/roles/borg-server/tasks/main.yml23
3 files changed, 36 insertions, 0 deletions
diff --git a/ansible/roles/borg-client/tasks/main.yml b/ansible/roles/borg-client/tasks/main.yml
new file mode 100644
index 0000000..79a9406
--- /dev/null
+++ b/ansible/roles/borg-client/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- name: packages
+ tags: packages
+ apt:
+ name: "{{ item }}"
+ install_recommends: no
+ with_items:
+ - borgbackup
diff --git a/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup b/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup
new file mode 100644
index 0000000..7f3e218
--- /dev/null
+++ b/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -euo pipefail
+
+/usr/bin/borg
diff --git a/ansible/roles/borg-server/tasks/main.yml b/ansible/roles/borg-server/tasks/main.yml
new file mode 100644
index 0000000..9ef5635
--- /dev/null
+++ b/ansible/roles/borg-server/tasks/main.yml
@@ -0,0 +1,23 @@
+- name: authorized_keys
+ with_dict: "{{ borg_clients }}"
+ authorized_key:
+ user: borg
+ manage_dir: False
+ state: "{{ item.value.state }}"
+ key: "{{ borg_ssh_keys[item.key].public }}"
+ path: "{{ borg_basedir }}/.ssh/authorized_keys2"
+ key_options: "command=\"cd {{ borg_basedir }}/repos; borg serve --append-only --restrict-to-path {{ borg_basedir }}/repos/{{ item.key }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc"
+
+- name: mkdir repos
+ file:
+ path: "{{ borg_basedir }}/repos"
+ state: directory
+ mode: u=rwx,go=
+ owner: borg
+ group: borg
+
+#- name: mkdir repos/{{ item.key }}
+# with_dict: "{{ borg_clients }}"
+# file:
+# path: "{{ borg_basedir }}/repos"
+# state: directory