diff options
Diffstat (limited to 'ansible/roles/borg-server/tasks/borg-server.yml')
-rw-r--r-- | ansible/roles/borg-server/tasks/borg-server.yml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/ansible/roles/borg-server/tasks/borg-server.yml b/ansible/roles/borg-server/tasks/borg-server.yml new file mode 100644 index 0000000..253aa4a --- /dev/null +++ b/ansible/roles/borg-server/tasks/borg-server.yml @@ -0,0 +1,30 @@ +- debug: var=groups[borg_server__clients_ansible_group] + +- become: yes + become_user: borg + vars: + clients: "{{ groups[borg_server__clients_ansible_group] }}" + block: + - name: mkdir repos + file: + path: "{{ borg_server__home }}/repos" + state: directory + mode: u=rwx,go= + + - name: mkdir repos/{{ item.key }} + with_items: "{{ clients }}" + command: borg init "{{ item }}" -e none + args: + creates: "{{ borg_server__home }}/repos/{{ item }}" + chdir: "{{ borg_server__home }}/repos" + + - name: authorized_keys + with_items: "{{ clients }}" + vars: + client: "{{hostvars[ansible_hostname]['borg_' + item]}}" + authorized_key: + user: borg + state: "{{ client.state }}" + key: "{{ lookup('file', item + '/etc/borg/id_ed25519.pub') }}" + path: "{{ borg_server__home }}/.ssh/authorized_keys" + key_options: "command=\"cd {{ borg_server__home }}/repos; borg serve --append-only --restrict-to-path {{ borg_server__home }}/repos/{{ item }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc" |