2017-10-01 17:24:50 +00:00
|
|
|
---
|
2019-09-26 21:08:04 +00:00
|
|
|
- name: management | create scripts dir
|
|
|
|
file:
|
|
|
|
path: "~{{ borgbackup_management_user }}/prune.d"
|
|
|
|
state: "directory"
|
|
|
|
owner: "{{ borgbackup_management_user }}"
|
|
|
|
group: "{{ borgbackup_management_user }}"
|
|
|
|
mode: "0770"
|
|
|
|
|
|
|
|
- name: management | create logs dir
|
|
|
|
file:
|
|
|
|
path: "/var/log/borgbackup-prune"
|
|
|
|
state: "directory"
|
|
|
|
owner: "{{ borgbackup_management_user }}"
|
|
|
|
group: "{{ borgbackup_management_user }}"
|
|
|
|
mode: "0770"
|
|
|
|
|
2017-10-01 17:24:50 +00:00
|
|
|
- name: management | put management station prune script
|
|
|
|
template:
|
|
|
|
src: prune.sh.j2
|
|
|
|
dest: "~{{ borgbackup_management_user }}/prune.sh"
|
|
|
|
owner: "{{ borgbackup_management_user }}"
|
|
|
|
group: "{{ borgbackup_management_user }}"
|
|
|
|
mode: 0700
|
|
|
|
|
2019-09-26 21:08:04 +00:00
|
|
|
- name: management | put each host prune script
|
|
|
|
template:
|
|
|
|
src: prune.host.sh.j2
|
|
|
|
dest: "~{{ borgbackup_management_user }}/prune.d/{{item}}"
|
|
|
|
owner: "{{ borgbackup_management_user }}"
|
|
|
|
group: "{{ borgbackup_management_user }}"
|
|
|
|
mode: 0770
|
|
|
|
delegate_to: "secure"
|
|
|
|
when: item != borgbackup_management_station and item not in groups['borgbackup_servers']
|
|
|
|
with_items: "{{ play_hosts }}"
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-10-01 17:24:50 +00:00
|
|
|
- name: management | put management sshpubkey on the normal backupserver
|
|
|
|
authorized_key:
|
|
|
|
user: "{{ item.user }}"
|
2017-11-12 14:02:50 +00:00
|
|
|
key: "{{ borgbackup_management_ssh_pubkey }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
delegate_to: "{{ item.fqdn }}"
|
|
|
|
when: item.type == 'normal'
|
2017-10-01 17:51:38 +00:00
|
|
|
with_items: "{{ borgbackup_servers }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
|
|
|
|
|
|
|
|
# rsync.net has no python, so we can only use raw to manage ssh keys - workaround with local tmp file
|
|
|
|
- name: management | get rsync.net authorized_keys file
|
|
|
|
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
|
|
|
delegate_to: localhost
|
2018-08-30 21:37:26 +00:00
|
|
|
become: false
|
2017-10-01 17:24:50 +00:00
|
|
|
when: item.type == 'rsync.net'
|
2017-10-01 17:51:38 +00:00
|
|
|
with_items: "{{ borgbackup_servers }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
changed_when: false
|
|
|
|
|
|
|
|
- name: management | modify local rsync.net authorized_keys
|
|
|
|
authorized_key:
|
|
|
|
user: "{{ ansible_user_id }}"
|
2017-11-12 14:02:50 +00:00
|
|
|
key: "{{ borgbackup_management_ssh_pubkey }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
|
2018-08-30 21:37:26 +00:00
|
|
|
manage_dir: false
|
2017-10-01 17:24:50 +00:00
|
|
|
delegate_to: localhost
|
2018-08-30 21:37:26 +00:00
|
|
|
become: false
|
2017-10-01 17:24:50 +00:00
|
|
|
when: item.type == 'rsync.net'
|
2017-10-01 17:51:38 +00:00
|
|
|
with_items: "{{ borgbackup_servers }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
register: authkeys
|
|
|
|
|
|
|
|
- name: management | upload local authorized_keys to rsync.net
|
|
|
|
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
|
|
|
|
delegate_to: localhost
|
2018-08-30 21:37:26 +00:00
|
|
|
become: false
|
2017-10-01 17:24:50 +00:00
|
|
|
when: item.type == 'rsync.net' and authkeys.changed
|
2017-10-01 17:51:38 +00:00
|
|
|
with_items: "{{ borgbackup_servers }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
|
|
|
|
- name: management | remove tmp authorized_keys files
|
|
|
|
file:
|
|
|
|
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
|
|
|
|
state: absent
|
|
|
|
delegate_to: localhost
|
2018-08-30 21:37:26 +00:00
|
|
|
become: false
|
2017-10-01 17:51:38 +00:00
|
|
|
with_items: "{{ borgbackup_servers }}"
|
2017-10-01 17:24:50 +00:00
|
|
|
when: authkeys.changed
|
|
|
|
changed_when: false
|