---
- name: client | generate ssh key for this machine
  shell: if [ -f ~/.ssh/id_rsa ]; then rm -f ~/.ssh/id_rsa; fi && ssh-keygen -q -t rsa -b 4096 -f ~/.ssh/id_rsa -N "" creates=~/.ssh/id_rsa.pub

- name: client | fetch ssh-key
  shell: cat /root/.ssh/id_rsa.pub
  register: sshkey
  changed_when: False

- name: client | write passphrase
  lineinfile:
    dest: "/root/.borg.passphrase"
    state: "present"
    line: 'export BORG_PASSPHRASE="{{ borg_passphrase }}"'
    create: "yes"

- name: client | template sshconfig for backup-hosts (no strict key checking)
  template:
    src: "ssh.config.j2"
    dest: "/root/.ssh/config"
    owner: "root"
    group: "root"

- name: client | place sshpubkey on the backupserver
  authorized_key:
    user: "{{ borg_user }}"
    key: "{{ sshkey.stdout }}"
    key_options: 'command="cd {{ borg_pool }}/{{ restore_from_vm }};borg serve --restrict-to-path {{ borg_pool }}/{{ restore_from_vm }}",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc'
  delegate_to: "{{ item }}"
  with_items: "{{ groups.backupservers }}"

- name: client | check for mysql
  stat: path=/var/lib/automysqlbackup
  register: automysql

- name: client | put wrapper script
  template:
    src: "borg-restore-from.sh.j2"
    dest: "/usr/local/bin/borg-restore-from"
    owner: "root"
    group: "root"
    mode: "0744"