From 4d6a0f553ae4cbdeec73dffe4aabb3110c0e09c0 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Sat, 8 Sep 2018 18:50:09 +0200
Subject: o Borg wip.

---
 ansible/roles/borg-client/tasks/main.yml           |  8 ++++++++
 .../templates/bin/trygvis-borg-run-backup          |  5 +++++
 ansible/roles/borg-server/tasks/main.yml           | 23 ++++++++++++++++++++++
 3 files changed, 36 insertions(+)
 create mode 100644 ansible/roles/borg-client/tasks/main.yml
 create mode 100644 ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup
 create mode 100644 ansible/roles/borg-server/tasks/main.yml

(limited to 'ansible/roles')

diff --git a/ansible/roles/borg-client/tasks/main.yml b/ansible/roles/borg-client/tasks/main.yml
new file mode 100644
index 0000000..79a9406
--- /dev/null
+++ b/ansible/roles/borg-client/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- name: packages
+  tags: packages
+  apt:
+    name: "{{ item }}"
+    install_recommends: no
+  with_items:
+    - borgbackup
diff --git a/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup b/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup
new file mode 100644
index 0000000..7f3e218
--- /dev/null
+++ b/ansible/roles/borg-client/templates/bin/trygvis-borg-run-backup
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -euo pipefail
+
+/usr/bin/borg
diff --git a/ansible/roles/borg-server/tasks/main.yml b/ansible/roles/borg-server/tasks/main.yml
new file mode 100644
index 0000000..9ef5635
--- /dev/null
+++ b/ansible/roles/borg-server/tasks/main.yml
@@ -0,0 +1,23 @@
+- name: authorized_keys
+  with_dict: "{{ borg_clients }}"
+  authorized_key:
+    user: borg
+    manage_dir: False
+    state: "{{ item.value.state }}"
+    key: "{{ borg_ssh_keys[item.key].public }}"
+    path: "{{ borg_basedir }}/.ssh/authorized_keys2"
+    key_options: "command=\"cd {{ borg_basedir }}/repos; borg serve --append-only --restrict-to-path {{ borg_basedir }}/repos/{{ item.key }}\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc"
+
+- name: mkdir repos
+  file:
+    path: "{{ borg_basedir }}/repos"
+    state: directory
+    mode: u=rwx,go=
+    owner: borg
+    group: borg
+
+#- name: mkdir repos/{{ item.key }}
+#  with_dict: "{{ borg_clients }}"
+#  file:
+#    path: "{{ borg_basedir }}/repos"
+#    state: directory
-- 
cgit v1.2.3