ansible-borgbackup/tasks/management.yml

56 lines
1.8 KiB
YAML
Raw Normal View History

2017-10-01 17:24:50 +00:00
---
- name: management | put management station prune script
template:
src: prune.sh.j2
dest: "~{{ borgbackup_management_user }}/prune.sh"
owner: "{{ borgbackup_management_user }}"
group: "{{ borgbackup_management_user }}"
mode: 0700
- name: management | put management sshpubkey on the normal backupserver
authorized_key:
user: "{{ item.user }}"
2017-11-12 14:02:50 +00:00
key: "{{ borgbackup_management_ssh_pubkey }}"
2017-10-01 17:24:50 +00:00
delegate_to: "{{ item.fqdn }}"
when: item.type == 'normal'
2017-10-01 17:51:38 +00:00
with_items: "{{ borgbackup_servers }}"
2017-10-01 17:24:50 +00:00
# rsync.net has no python, so we can only use raw to manage ssh keys - workaround with local tmp file
- name: management | get rsync.net authorized_keys file
raw: scp {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys /tmp/rsync.net-{{ item.fqdn }}-authkeys
delegate_to: localhost
2018-08-30 21:37:26 +00:00
become: false
2017-10-01 17:24:50 +00:00
when: item.type == 'rsync.net'
2017-10-01 17:51:38 +00:00
with_items: "{{ borgbackup_servers }}"
2017-10-01 17:24:50 +00:00
changed_when: false
- name: management | modify local rsync.net authorized_keys
authorized_key:
user: "{{ ansible_user_id }}"
2017-11-12 14:02:50 +00:00
key: "{{ borgbackup_management_ssh_pubkey }}"
2017-10-01 17:24:50 +00:00
path: "/tmp/rsync.net-{{ item.fqdn }}-authkeys"
2018-08-30 21:37:26 +00:00
manage_dir: false
2017-10-01 17:24:50 +00:00
delegate_to: localhost
2018-08-30 21:37:26 +00:00
become: false
2017-10-01 17:24:50 +00:00
when: item.type == 'rsync.net'
2017-10-01 17:51:38 +00:00
with_items: "{{ borgbackup_servers }}"
2017-10-01 17:24:50 +00:00
register: authkeys
- name: management | upload local authorized_keys to rsync.net
raw: scp /tmp/rsync.net-{{ item.fqdn }}-authkeys {{ item.user }}@{{ item.fqdn }}:.ssh/authorized_keys
delegate_to: localhost
2018-08-30 21:37:26 +00:00
become: false
2017-10-01 17:24:50 +00:00
when: item.type == 'rsync.net' and authkeys.changed
2017-10-01 17:51:38 +00:00
with_items: "{{ borgbackup_servers }}"
2017-10-01 17:24:50 +00:00
- name: management | remove tmp authorized_keys files
file:
path: /tmp/rsync.net-{{ item.fqdn }}-authkeys
state: absent
delegate_to: localhost
2018-08-30 21:37:26 +00:00
become: false
2017-10-01 17:51:38 +00:00
with_items: "{{ borgbackup_servers }}"
2017-10-01 17:24:50 +00:00
when: authkeys.changed
changed_when: false